urlscan.io logo urlscan.io
SecurityTrails logo

resistthemainstream.org Open in urlscan Pro
2606:4700:20::681a:256  Public Scan

Go To Rescan Add Verdict Report
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Submission: On March 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 78 IPs in 11 countries across 72 domains to perform 299 HTTP transactions. The main IP is 2606:4700:20::681a:256, located in United States and belongs to CLOUDFLARENET, US. The main domain is resistthemainstream.org. The Cisco Umbrella rank of the primary domain is 423442.
TLS certificate: Issued by E1 on March 17th 2022. Valid for: 3 months.
This is the only time resistthemainstream.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
27 2606:4700:20:... 13335 (CLOUDFLAR...)
1 151.139.128.11 20446 (STACKPATH...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 35.190.59.101 15169 (GOOGLE)
2 35.201.67.47 15169 (GOOGLE)
2 35.190.91.160 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 68.71.249.118 20093 (ZEROLAG)
16 104.19.134.78 13335 (CLOUDFLAR...)
27 2606:2800:234... 15133 (EDGECAST)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
5 35.190.62.199 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
4 104.154.142.214 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
17 104.19.135.78 13335 (CLOUDFLAR...)
2 2a03:90c0:41:... 199524 (GCORE)
1 185.152.64.17 60068 (CDN77 ^_^)
1 2600:9000:215... 16509 (AMAZON-02)
3 2600:9000:215... 16509 (AMAZON-02)
1 4 2620:116:800d... 16509 (AMAZON-02)
3 3 185.33.221.53 29990 (ASN-APPNEX)
3 3 192.82.242.208 62713 (AS-PUBMATIC)
7 8 142.250.185.226 15169 (GOOGLE)
1 6 185.64.190.80 62713 (AS-PUBMATIC)
1 3 8.28.7.84 62713 (AS-PUBMATIC)
1 150.136.156.92 31898 (ORACLE-BM...)
7 104.244.42.8 13414 (TWITTER)
2 2600:9000:215... 16509 (AMAZON-02)
1 151.101.66.132 54113 (FASTLY)
5 54.87.78.200 14618 (AMAZON-AES)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
8 52.6.241.167 14618 (AMAZON-AES)
14 104.104.52.26 20940 (AKAMAI-ASN1)
2 2606:2800:134... 15133 (EDGECAST)
1 54.175.165.141 14618 (AMAZON-AES)
3 104.108.144.214 16625 (AKAMAI-AS)
2 6 104.102.29.65 20940 (AKAMAI-ASN1)
1 1 2.19.35.65 16625 (AKAMAI-AS)
2 104.109.78.125 16625 (AKAMAI-AS)
1 72.251.249.14 29791 (VOXEL-DOT...)
6 213.19.147.43 3356 (LEVEL3)
1 185.64.189.112 62713 (AS-PUBMATIC)
5 3.67.111.41 16509 (AMAZON-02)
2 198.47.127.19 62713 (AS-PUBMATIC)
1 69.173.144.165 26667 (RUBICONPR...)
1 2 209.54.177.54 16509 (AMAZON-02)
4 5 3.33.220.150 16509 (AMAZON-02)
1 1 193.0.160.128 54312 (ROCKETFUEL)
1 192.132.33.46 18568 (BIDTELLECT)
1 1 185.183.112.155 60350 (VP)
1 63.32.228.167 16509 (AMAZON-02)
1 3.212.101.249 14618 (AMAZON-AES)
1 69.173.151.100 26667 (RUBICONPR...)
12 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 51.195.5.231 16276 (OVH)
17 142.250.184.226 15169 (GOOGLE)
3 44.197.69.20 14618 (AMAZON-AES)
3 4 37.157.4.28 ()
2 2 103.229.206.240 ()
12 185.64.189.110 ()
2 2 213.155.156.180 ()
1 178.250.2.151 ()
1 1 85.114.159.93 ()
2 2 151.101.130.49 ()
4 4 52.31.32.190 ()
1 1 198.148.27.140 ()
1 185.86.139.114 ()
1 1 52.71.178.197 ()
1 1 23.88.75.187 ()
1 2 2606:4700::68... ()
1 5.161.54.172 ()
1 195.5.165.20 ()
4 4 213.19.147.45 ()
1 72.251.245.179 ()
1 2606:4700:20:... ()
1 1 2a04:4e42::300 ()
1 151.101.129.44 ()
2 2 51.210.112.236 ()
1 2 2606:4700:10:... ()
1 169.50.137.182 ()
1 1 185.33.221.15 ()
1 2a05:d018:d29... ()
2 2 18.156.0.31 ()
3 3 18.185.196.75 ()
2 2 35.210.178.101 ()
1 1 178.62.202.251 ()
1 1 2001:678:cb4:... ()
1 2a02:fa8:8806... ()
1 1 34.102.253.54 ()
1 1 66.155.71.149 ()
1 52.31.89.136 ()
1 185.64.190.81 ()
299 78
27    2606:4700:20::681a:256 (United States)

ASN13335 (CLOUDFLARENET, US)
resistthemainstream.org
1    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
s.skimresources.com
1    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:2156:1e00:9:d7ff:bd00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn1.decide.dev
3    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
2    35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com
t.skimresources.com
2    35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com
p.skimresources.com
1    2606:4700::6810:a10d (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.viglink.com
4    68.71.249.118 (Canada)

ASN20093 (ZEROLAG, US)
udmserve.net
16    104.19.134.78 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
27    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    2606:4700:20::681a:891 (United States)

ASN13335 (CLOUDFLARENET, US)
talk.hyvor.com
4    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    35.190.62.199 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 199.62.190.35.bc.googleusercontent.com
fearlessfaucet.com
5    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:9000:2156:f200:a:cbb7:a940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn2.lockerdomecdn.com
4    104.154.142.214 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com
lockerdome.com
4    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
17    104.19.135.78 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
2    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
video-native.mgid.com
1    185.152.64.17 (Prague, Czech Republic)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-185-152-64-17.datapacket.com
a.omappapi.com
1    2600:9000:2156:d000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
3    2600:9000:2156:3e00:5:c4ab:c3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
bid.underdog.media
4    2620:116:800d:21:ee05:6a01:4b41:8c89 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
3    185.33.221.53 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
3    192.82.242.208 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
8    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net
6    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
3    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    150.136.156.92 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
7    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
2    2600:9000:2156:b600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    151.101.66.132 (United States)

ASN54113 (FASTLY, US)
player.ex.co
5    54.87.78.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-78-200.compute-1.amazonaws.com
prd-collector-anon.ex.co
1    2a02:26f0:6c00::210:bb91 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.avplayer.com
2    2a02:26f0:6c00:2ab::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
8    52.6.241.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-241-167.compute-1.amazonaws.com
atrack.avplayer.com
track1.aniview.com
14    104.104.52.26 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-104-52-26.deploy.static.akamaitechnologies.com
mcd.ex.co
2    2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)
cdn.syndication.twimg.com
1    54.175.165.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-165-141.compute-1.amazonaws.com
premiumsrv.aniview.com
3    104.108.144.214 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-214.deploy.static.akamaitechnologies.com
ads.pubmatic.com
6    104.102.29.65 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-29-65.deploy.static.akamaitechnologies.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
1    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
6    213.19.147.43 (United Kingdom)

ASN3356 (LEVEL3, US)
tag.targeting.unrulymedia.com
tag.1rx.io
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
5    3.67.111.41 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-111-41.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
2    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    209.54.177.54 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
5    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
1    185.183.112.155 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
1    63.32.228.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-228-167.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    3.212.101.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-101-249.compute-1.amazonaws.com
sync.aniview.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
12    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
11    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    51.195.5.231 (France)

ASN16276 (OVH, FR)
PTR: p35.id5-sync.com
id5-sync.com
17    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
pubads.g.doubleclick.net
3    44.197.69.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-197-69-20.compute-1.amazonaws.com
track1.aniview.com
4    37.157.4.28 (None, )

ASN- ()
c1.adform.net
2    103.229.206.240 (None, )

ASN- ()
sync.mathtag.com
12    185.64.189.110 (None, )

ASN- ()
simage2.pubmatic.com
2    213.155.156.180 (None, )

ASN- ()
d5p.de17a.com
1    178.250.2.151 (None, )

ASN- ()
dis.criteo.com
1    85.114.159.93 (None, )

ASN- ()
dsp.adfarm1.adition.com
2    151.101.130.49 (None, )

ASN- ()
sync-tm.everesttech.net
4    52.31.32.190 (None, )

ASN- ()
match.prod.bidr.io
1    198.148.27.140 (None, )

ASN- ()
bh.contextweb.com
1    185.86.139.114 (None, )

ASN- ()
rtb-csync.smartadserver.com
1    52.71.178.197 (None, )

ASN- ()
sync.srv.stackadapt.com
1    23.88.75.187 (None, )

ASN- ()
csync.loopme.me
2    2606:4700::6812:c05 (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
1    5.161.54.172 (None, )

ASN- ()
matching.truffle.bid
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
4    213.19.147.45 (None, )

ASN- ()
sync.1rx.io
sync.targeting.unrulymedia.com
1    72.251.245.179 (None, )

ASN- ()
cm.adgrx.com
1    2606:4700:20::681a:bd1 (None, )

ASN- ()
ad4m.at
1    2a04:4e42::300 (None, )

ASN- ()
trc.taboola.com
1    151.101.129.44 (None, )

ASN- ()
match.taboola.com
2    51.210.112.236 (None, )

ASN- ()
pixel.onaudience.com
2    2606:4700:10::6816:1957 (None, )

ASN- ()
spl.zeotap.com
mwzeom.zeotap.com
1    169.50.137.182 (None, )

ASN- ()
um.simpli.fi
1    185.33.221.15 (None, )

ASN- ()
ib.adnxs.com
1    2a05:d018:d29:3602:1ccc:1602:f60c:87b8 (None, )

ASN- ()
pr-bh.ybp.yahoo.com
2    18.156.0.31 (None, )

ASN- ()
ups.analytics.yahoo.com
3    18.185.196.75 (None, )

ASN- ()
x.bidswitch.net
2    35.210.178.101 (None, )

ASN- ()
a.volvelle.tech
1    178.62.202.251 (None, )

ASN- ()
match.adsby.bidtheatre.com
1    2001:678:cb4:bbbb::11 (None, )

ASN- ()
ad.turn.com
1    2a02:fa8:8806:12::1400 (None, )

ASN- ()
pubmatic-match.dotomi.com
1    34.102.253.54 (None, )

ASN- ()
ads.playground.xyz
1    66.155.71.149 (None, )

ASN- ()
pixel-sync.sitescout.com
1    52.31.89.136 (None, )

ASN- ()
rtb.gumgum.com
1    185.64.190.81 (None, )

ASN- ()
simage4.pubmatic.com
Apex Domain
Subdomains		 Transfer
35 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 8333
c.mgid.com — Cisco Umbrella Rank: 6428
cdn.mgid.com — Cisco Umbrella Rank: 10514
servicer.mgid.com — Cisco Umbrella Rank: 8449
s-img.mgid.com — Cisco Umbrella Rank: 7801
cm.mgid.com — Cisco Umbrella Rank: 2218
video-native.mgid.com — Cisco Umbrella Rank: 28798
657 KB
34 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 525
syndication.twitter.com — Cisco Umbrella Rank: 769
830 KB
31 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 570
image2.pubmatic.com — Cisco Umbrella Rank: 774
image4.pubmatic.com — Cisco Umbrella Rank: 765
ads.pubmatic.com — Cisco Umbrella Rank: 419
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 417
image6.pubmatic.com — Cisco Umbrella Rank: 571
simage2.pubmatic.com
simage4.pubmatic.com
41 KB
29 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 68
cm.g.doubleclick.net — Cisco Umbrella Rank: 176
pubads.g.doubleclick.net — Cisco Umbrella Rank: 494
76 KB
27 resistthemainstream.org
resistthemainstream.org — Cisco Umbrella Rank: 423442
573 KB
20 ex.co
player.ex.co — Cisco Umbrella Rank: 10479
prd-collector-anon.ex.co — Cisco Umbrella Rank: 8734
mcd.ex.co — Cisco Umbrella Rank: 11019
2 MB
15 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
imasdk.googleapis.com — Cisco Umbrella Rank: 399
2 MB
12 aniview.com
player.aniview.com — Cisco Umbrella Rank: 1997
track1.aniview.com — Cisco Umbrella Rank: 1948
premiumsrv.aniview.com — Cisco Umbrella Rank: 13178
sync.aniview.com — Cisco Umbrella Rank: 2462
214 KB
11 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
139 KB
10 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 944
eus.rubiconproject.com — Cisco Umbrella Rank: 503
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 953
token.rubiconproject.com — Cisco Umbrella Rank: 595
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 942
13 KB
7 skimresources.com
s.skimresources.com — Cisco Umbrella Rank: 2789
r.skimresources.com — Cisco Umbrella Rank: 2662
t.skimresources.com — Cisco Umbrella Rank: 2825
p.skimresources.com — Cisco Umbrella Rank: 3627
20 KB
6 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1229
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496
8 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 293
2 KB
5 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1169
sync.1rx.io
2 KB
5 unrulymedia.com
tag.targeting.unrulymedia.com — Cisco Umbrella Rank: 8046
sync.targeting.unrulymedia.com
2 KB
5 gstatic.com
fonts.gstatic.com
105 KB
5 fearlessfaucet.com
fearlessfaucet.com — Cisco Umbrella Rank: 51115
62 KB
4 bidr.io
match.prod.bidr.io
2 KB
4 adform.net
c1.adform.net
2 KB
4 avplayer.com
player.avplayer.com — Cisco Umbrella Rank: 8261
atrack.avplayer.com — Cisco Umbrella Rank: 11900
71 KB
4 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 359
ib.adnxs.com
4 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 839
pixel.quantserve.com — Cisco Umbrella Rank: 381
11 KB
4 lockerdome.com
lockerdome.com — Cisco Umbrella Rank: 8366
6 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
4 udmserve.net
udmserve.net — Cisco Umbrella Rank: 3161
7 KB
3 bidswitch.net
x.bidswitch.net
2 KB
3 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
2 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 57
793 B
3 underdog.media
bid.underdog.media — Cisco Umbrella Rank: 13943
181 KB
2 volvelle.tech
a.volvelle.tech
1 KB
2 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
887 B
2 onaudience.com
pixel.onaudience.com
812 B
2 taboola.com
trc.taboola.com
match.taboola.com
528 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 everesttech.net
sync-tm.everesttech.net
746 B
2 de17a.com
d5p.de17a.com
637 B
2 mathtag.com
sync.mathtag.com
1 KB
2 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 260
1 KB
2 twimg.com
cdn.syndication.twimg.com — Cisco Umbrella Rank: 1236
2 KB
2 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 792
1 KB
2 hyvor.com
talk.hyvor.com — Cisco Umbrella Rank: 80559
5 KB
1 gumgum.com
rtb.gumgum.com
209 B
1 sitescout.com
pixel-sync.sitescout.com
336 B
1 playground.xyz
ads.playground.xyz
466 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 turn.com
ad.turn.com
518 B
1 bidtheatre.com
match.adsby.bidtheatre.com
534 B
1 simpli.fi
um.simpli.fi
610 B
1 ad4m.at
ad4m.at
891 B
1 adgrx.com
cm.adgrx.com
408 B
1 iprom.net
core.iprom.net
279 B
1 truffle.bid
matching.truffle.bid
1 loopme.me
csync.loopme.me
216 B
1 stackadapt.com
sync.srv.stackadapt.com
615 B
1 smartadserver.com
rtb-csync.smartadserver.com
163 B
1 contextweb.com
bh.contextweb.com
496 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 criteo.com
dis.criteo.com
364 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 488
541 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 246
17 KB
1 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 184
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1385
307 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 659
380 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 631
775 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 594
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1024
299 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 500
481 B
1 omappapi.com
a.omappapi.com — Cisco Umbrella Rank: 5002
57 KB
1 lockerdomecdn.com
cdn2.lockerdomecdn.com — Cisco Umbrella Rank: 18418
3 KB
1 viglink.com
cdn.viglink.com — Cisco Umbrella Rank: 4105
api.viglink.com Failed
28 KB
1 decide.dev
cdn1.decide.dev — Cisco Umbrella Rank: 36588
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 54
63 KB
299 72
Domain Requested by
27 platform.twitter.com resistthemainstream.org
platform.twitter.com
27 resistthemainstream.org resistthemainstream.org
17 pubads.g.doubleclick.net imasdk.googleapis.com
17 s-img.mgid.com resistthemainstream.org
14 mcd.ex.co resistthemainstream.org
player.avplayer.com
12 simage2.pubmatic.com ads.pubmatic.com
12 imasdk.googleapis.com player.aniview.com
11 pagead2.googlesyndication.com srcdoc
8 track1.aniview.com resistthemainstream.org
player.aniview.com
8 cm.g.doubleclick.net 7 redirects ssum.casalemedia.com
7 syndication.twitter.com platform.twitter.com
resistthemainstream.org
6 image2.pubmatic.com 1 redirects ads.pubmatic.com
5 match.adsrvr.org 4 redirects ssum.casalemedia.com
5 prebid-server.rubiconproject.com player.aniview.com
5 prd-collector-anon.ex.co player.ex.co
5 fonts.gstatic.com fonts.googleapis.com
5 fearlessfaucet.com resistthemainstream.org
fearlessfaucet.com
5 jsc.mgid.com resistthemainstream.org
jsc.mgid.com
4 match.prod.bidr.io 4 redirects
4 c1.adform.net 3 redirects ads.pubmatic.com
4 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
4 tag.targeting.unrulymedia.com player.aniview.com
4 stats.g.doubleclick.net lockerdome.com
4 c.mgid.com jsc.mgid.com
resistthemainstream.org
4 lockerdome.com cdn2.lockerdomecdn.com
4 www.google-analytics.com www.googletagmanager.com
cdn2.lockerdomecdn.com
www.google-analytics.com
4 udmserve.net resistthemainstream.org
bid.underdog.media
3 x.bidswitch.net 3 redirects
3 sync.1rx.io 3 redirects
3 adservice.google.com imasdk.googleapis.com
3 ads.pubmatic.com player.aniview.com
3 atrack.avplayer.com resistthemainstream.org
3 pixel.quantserve.com 1 redirects resistthemainstream.org
3 image4.pubmatic.com 1 redirects
3 image8.pubmatic.com 3 redirects
3 secure.adnxs.com 3 redirects
3 bid.underdog.media udmserve.net
bid.underdog.media
3 cdn.mgid.com resistthemainstream.org
jsc.mgid.com
3 fonts.googleapis.com resistthemainstream.org
client
fearlessfaucet.com
2 a.volvelle.tech 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 pixel.onaudience.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 d5p.de17a.com 2 redirects
2 sync.mathtag.com 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 image6.pubmatic.com ads.pubmatic.com
2 tag.1rx.io player.aniview.com
2 eus.rubiconproject.com player.aniview.com
eus.rubiconproject.com
2 ssum.casalemedia.com 1 redirects player.aniview.com
2 cdn.syndication.twimg.com platform.twitter.com
2 player.aniview.com player.ex.co
player.aniview.com
2 rules.quantcount.com secure.quantserve.com
2 video-native.mgid.com jsc.mgid.com
video-native.mgid.com
2 cm.mgid.com jsc.mgid.com
2 servicer.mgid.com jsc.mgid.com
2 talk.hyvor.com resistthemainstream.org
2 p.skimresources.com resistthemainstream.org
2 t.skimresources.com resistthemainstream.org
s.skimresources.com
2 r.skimresources.com s.skimresources.com
1 simage4.pubmatic.com ads.pubmatic.com
1 rtb.gumgum.com
1 pixel-sync.sitescout.com 1 redirects
1 ads.playground.xyz 1 redirects
1 pubmatic-match.dotomi.com
1 ad.turn.com 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pr-bh.ybp.yahoo.com
1 ib.adnxs.com 1 redirects
1 um.simpli.fi
1 mwzeom.zeotap.com
1 spl.zeotap.com 1 redirects
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 ad4m.at ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 sync.targeting.unrulymedia.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 csync.loopme.me 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 rtb-csync.smartadserver.com ads.pubmatic.com
1 bh.contextweb.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 id5-sync.com player.aniview.com
1 s0.2mdn.net imasdk.googleapis.com
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 sync.aniview.com ssum.casalemedia.com
1 dpm.demdex.net ssum.casalemedia.com
1 sync.adotmob.com 1 redirects
1 bttrack.com ssum.casalemedia.com
1 p.rfihub.com 1 redirects
1 token.rubiconproject.com eus.rubiconproject.com
1 hbopenbid.pubmatic.com player.aniview.com
1 ap.lijit.com player.aniview.com
1 secure-assets.rubiconproject.com 1 redirects
1 premiumsrv.aniview.com player.aniview.com
1 player.avplayer.com player.ex.co
1 player.ex.co cdn.mgid.com
1 sync.technoratimedia.com resistthemainstream.org
1 secure.quantserve.com udmserve.net
1 static.adsafeprotected.com resistthemainstream.org
1 a.omappapi.com resistthemainstream.org
1 cdn2.lockerdomecdn.com resistthemainstream.org
1 cdn.viglink.com resistthemainstream.org
1 cdn1.decide.dev resistthemainstream.org
1 www.googletagmanager.com resistthemainstream.org
1 s.skimresources.com resistthemainstream.org
0 api.viglink.com Failed cdn.viglink.com
299 112
Subject Issuer Validity Valid
*.resistthemainstream.org
E1		 2022-03-17 -
2022-06-15		 3 months crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA		 2021-09-27 -
2022-10-28		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.decide.dev
Amazon		 2022-01-24 -
2023-02-22		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
ssl1029306.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2021-07-12 -
2022-06-30		 a year crt.sh
udmserve.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-08-21		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
fearlessfaucet.com
R3		 2022-03-01 -
2022-05-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.lockerdomecdn.com
Amazon		 2022-01-25 -
2023-02-23		 a year crt.sh
*.lockerdome.com
Go Daddy Secure Certificate Authority - G2		 2021-09-27 -
2022-10-29		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.mgid.com
Go Daddy Secure Certificate Authority - G2		 2021-09-13 -
2022-10-15		 a year crt.sh
a.omappapi.com
R3		 2022-03-06 -
2022-06-04		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
underdog.media
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-08-21		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-17 -
2022-10-05		 a year crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.ex.co
Go Daddy Secure Certificate Authority - G2		 2021-11-06 -
2022-11-06		 a year crt.sh
outstreamedia.com
R3		 2022-02-27 -
2022-05-28		 3 months crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-12-30 -
2023-01-03		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-05-09		 2 years crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.id5-sync.com
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-04 -
2022-05-03		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
truffle.bid
R3		 2022-01-17 -
2022-04-17		 3 months crt.sh
*.iprom.net
R3		 2021-12-29 -
2022-03-29		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh

This page contains 55 frames:

Primary Page: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Frame ID: 3C9B13B8B37085E2A11353C6A697126B
Requests: 162 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.8184131445599503
Frame ID: 5C83E0BBAE82FB9E9672AB75DAA327D9
Requests: 1 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13420768046326374?pubid=ld-2873-5284&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=1140
Frame ID: 4078B18975E722876EC226B5E67443FA
Requests: 2 HTTP requests in this frame

Frame: https://www.google-analytics.com/analytics.js
Frame ID: FE3A7156715821A63BFEC3015AE7CC21
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13420770663572070?pubid=ld-6303-9494&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=660
Frame ID: 4000249D57EDA1A166A71C1422788033
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13436276233712486?pubid=ld-9325-4135&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=660
Frame ID: DBB4822434A18E70B7EDB8AD9D09F60B
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13763115057895526?pubid=ld-1141-7973&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=275
Frame ID: 3CD3B7F3FBF5F5247FAE218F637D1B5C
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1647700309693698914208
Frame ID: 6496989C9FEF0E5CA0B9D9F84430705D
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fresistthemainstream.org
Frame ID: 8C706855892CD6F4F84E83C45CF988E7
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1503480795540901896&lang=en&origin=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F&sessionId=8a4bd90ef5b1fbc56586b018c7a93897ac9cb57f&theme=light&widgetsVersion=2582c61%3A1645036219416&width=600px
Frame ID: 1547450E56CD62A6B27753D830009934
Requests: 15 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1503480797214519297&lang=en&origin=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F&sessionId=8a4bd90ef5b1fbc56586b018c7a93897ac9cb57f&theme=light&widgetsVersion=2582c61%3A1645036219416&width=600px
Frame ID: 4BE0BA554164FE257CCB8918E8C9C378
Requests: 15 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Frame ID: 197B2D3A417E69FA7DCA66D4985A4BA3
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647700311369-970019729674-006807-000-007304%26biddername%3D1%26key%3D
Frame ID: B73298E6D2C6F32FCF407BAC34AE8102
Requests: 2 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647700311369-970019729674-006807-000-007304%26biddername%3D42%26key%3D&s=190719&C=1
Frame ID: 8D2D2C46603BD083016C62006D5E9825
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Frame ID: DD98A1DA07F6E8FE0FF17AECB8717C8C
Requests: 4 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647700311369-970019729674-006807-000-007304%26biddername%3D18%26key%3D%24UID
Frame ID: CAB19C034C1C80BC779DEA437F5E7AA3
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Frame ID: BCFE67F1B8AC599731167FF0CFC54CD6
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Frame ID: D0C98646D745A7C589D97C97E64E000C
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Frame ID: B6E75A010418088D889767B3C786EF2F
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Frame ID: 8BCF929F2460BAC6D85B6EA33E6CB3FF
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Frame ID: E3949A3C7D35AEE01B98C4B15C528CDF
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 857FD50E9E323694F3A6E6E9CCE2CB9B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 31C3883B92F6D9AB3F5076B6D11736E9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E58E56B538F78DD8B1FFB128FE65448D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: CCB2FEA2137C41817DCEDC806C76EB47
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: C26E35661243D39973F2124F630272E9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Frame ID: C98812842D18517C42150E1AE239D6A1
Requests: 21 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Frame ID: 5F3A53DC1DB0A37A4AF12CC10708A4D9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 4991902D06D071C5CCD20E54D11FE971
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=67DA5D40-DD76-47DF-B14E-27517FE96498
Frame ID: AA59F23A2789F2807E880319896A4483
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e34d6235-e95e-4f00-b2f3-acb372b16986&gdpr=0&gdpr_consent=
Frame ID: 842B9E7618958E5A7F88709999722CC3
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3563802131417035447
Frame ID: 93579E8A167E1EE28A218FE2D3B61172
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 2933818CD23F73CB1B3EF18DBF52957A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7076818970845575319
Frame ID: FB1C403468997D384D131DA5B2CFF545
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YjXpXAAON3j-zQAy&gdpr=0&gdpr_consent=&_test=YjXpXAAON3j-zQAy
Frame ID: 89407EE97CDD2F779BC9B5089796B668
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFOM07Ea9MAADIem7W4CQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Frame ID: B85B7A9196AFC376AC52C14C20676381
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=0jWVwq5ARcVoeCuCzdMiwLnVm6Q
Frame ID: 2CD63896EA5C83BE9659DBFFA266349B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: CCC24150DD16DD0B3AFD97C22A20ADB0
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 2906A7A2BE2E44A3994B7602E1C26868
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: C29AD0C00BDA6D511B48977FC1DBB4A5
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 1784B073CCC0817CD7235528BB0E830C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5e95c069-10fb-4a79-afb9-13f03f3c1f64-003
Frame ID: 580C6E9A9E0C0E8F7C90999DBE401C47
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: AECED48CAE833C4C725BB248539928D3
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: F669A8519CAED53BAD112E66316770D8
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8f633365-f17b-4e6a-8831-50662e2916e5-tuct92f6edc&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: B9033F8A548B1D2AEA49B76DDDFD50ED
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Frame ID: E0F3067C7984B6DCFE7269AC44C91760
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E8E69A8F5EDB61A2B3B2FDEB5BDEA08C
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Frame ID: E9EBDF1F2C7D647E77C08B5BC9DB44E8
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Frame ID: C8A2A20280A57CC5B86F5D13B04F32FB
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Frame ID: 4614002159F78C0BB85B6CE89B397AFA
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Frame ID: DD8AC071F2AB84C7E13412856F1CCA9E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: DF1ED1406792E2356BE6293B632F27C4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 505AEF7BC9FB60120178631DC1D5856B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 4032629CE0C28E5A0952B3ED15A59C9D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 9605444F9964B5ED8B896DA003189835
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Plan to Re-Open The Capitol Revealed After Being Closed for Two Years

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Page Statistics

299
Requests

93 %
HTTPS

30 %
IPv6

72
Domains

112
Subdomains

78
IPs

11
Countries

7093 kB
Transfer

18730 kB
Size

40
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID%3Bcb%3D0.6161566 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID%253Bcb%253D0.6161566 HTTP 302
  • https://udmserve.net/udm/fetch.pix?dt=1;apnid=2327348148020347933;cb=0.6161566
Request Chain 79
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID%3Bcb%3D0.6161566 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID%3Bcb%3D0.6161566&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjdEQTVENDAtREQ3Ni00N0RGLUIxNEUtMjc1MTdGRTk2NDk4&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjdEQTVENDAtREQ3Ni00N0RGLUIxNEUtMjc1MTdGRTk2NDk4&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3D67DA5D40-DD76-47DF-B14E-27517FE96498;cb=0.6161566 HTTP 302
  • https://udmserve.net/udm/fetch.pix?pmid=67DA5D40-DD76-47DF-B14E-27517FE96498;cb=0.6161566
Request Chain 174
  • https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647700311369-970019729674-006807-000-007304%26biddername%3D42%26key%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647700311369-970019729674-006807-000-007304%26biddername%3D42%26key%3D&s=190719&C=1
Request Chain 175
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Request Chain 192
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YjXpV2LU7V7YMkcDy3QF8AAABKEAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YjXpV2LU7V7YMkcDy3QF8AAABKEAAAAB&dcc=t
Request Chain 193
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YjXpV2LU7V7YMkcDy3QF8AAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELmvFSVPisJD8JHvOaCWurw&google_cver=1&gdpr=1
Request Chain 195
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5142336720005317206
Request Chain 197
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Request Chain 234
  • https://c1.adform.net/serving/cookie/match?party=14&cid=67DA5D40-DD76-47DF-B14E-27517FE96498 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=67DA5D40-DD76-47DF-B14E-27517FE96498
Request Chain 235
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e34d6235-e95e-4f00-b2f3-acb372b16986&gdpr=0&gdpr_consent=
Request Chain 236
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3563802131417035447
Request Chain 238
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7076818970845575319
Request Chain 239
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YjXpXAAON3j-zQAy HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YjXpXAAON3j-zQAy&gdpr=0&gdpr_consent=&_test=YjXpXAAON3j-zQAy
Request Chain 240
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGT00wN0VhOU1BQURJZW03VzRDUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFOM07Ea9MAADIem7W4CQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAFOM07Ea9MAADIem7W4CQ&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFOM07Ea9MAADIem7W4CQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Request Chain 241
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=0jWVwq5ARcVoeCuCzdMiwLnVm6Q
Request Chain 242
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 243
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 246
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1647700316626 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4283574749 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/31953ae0-5185-4079-bbe2-4ce0b15e88ab HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-5e95c069-10fb-4a79-afb9-13f03f3c1f64-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-5e95c069-10fb-4a79-afb9-13f03f3c1f64-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5e95c069-10fb-4a79-afb9-13f03f3c1f64-003
Request Chain 249
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8f633365-f17b-4e6a-8831-50662e2916e5-tuct92f6edc&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 250
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Z9pdQN12R9-xTidRf-lkmA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 251
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9afe6235-e95e-4400-a6df-ff2c374626f8
Request Chain 252
  • https://pixel.onaudience.com/?partner=214&mapped=67DA5D40-DD76-47DF-B14E-27517FE96498 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=31953ae0-5185-4079-bbe2-4ce0b15e88ab&icm HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=4c2b2a0b78e874e5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1dd87566-2a2c-4d66-7855-ed1de346e481&reqId=e10e831e-f44f-492d-575d-f6bae6bb635c&zcluid=4c2b2a0b78e874e5&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEPCYI_yU5Tq1iLEJhoraVwo&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1dd87566-2a2c-4d66-7855-ed1de346e481&reqId=e10e831e-f44f-492d-575d-f6bae6bb635c&zcluid=4c2b2a0b78e874e5&zdid=1332
Request Chain 253
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIhPdurd_dfXB-1uRJncbDg&google_cver=1
Request Chain 255
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5007390519281441664
Request Chain 256
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=31953ae0-5185-4079-bbe2-4ce0b15e88ab
Request Chain 257
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2327348148020347933&gdpr=0&gdpr_consent=
Request Chain 258
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=dcq7RybBvURuyL5AJ56lQyWZu0RunLFFcci70nN2
Request Chain 260
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=67DA5D40-DD76-47DF-B14E-27517FE96498&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=67DA5D40-DD76-47DF-B14E-27517FE96498&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9RzZnQBE2uW0feVRbAGD.k8OIB2R2AI-~A&gdpr=0&gdpr_consent=
Request Chain 261
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_uid=a0402443-f02d-4ad4-b449-5cc48fafe3cd HTTP 302
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_uid=a0402443-f02d-4ad4-b449-5cc48fafe3cd HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=23c536e0-7ccb-4d4a-b1f5-833ff83ce1a4&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a0402443-f02d-4ad4-b449-5cc48fafe3cd&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 262
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:489fe1a1-c7df-4bed-b3e7-f7f319e2d21c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 263
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8644512593635429044&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 265
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2327348148020347933
Request Chain 266
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

299 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/ 		126 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bdbb60dabb0ff07219b1ce86d9d59f9d49a1bb412ec7a2a6566c4f9afd32286

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 19 Mar 2022 14:31:47 GMT
content-type
text/html; charset=UTF-8
cache-control
max-age=600
expires
Sat, 19 Mar 2022 14:41:47 GMT
vary
Accept-Encoding,User-Agent
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R7b6Ex1RXh7yQY5ldlUSWqNgKT8BRaZY%2BlDnsX5EfUI9S1zjg26m%2FWMTHNEuobJ9K1I5gjGWTXol%2FgHwNrXq9cYTB12SSkb0SigSLxv%2BY%2BpPEUOvu2p84Na%2BLn45%2FMlZ5PmKLGMOe3%2FjVef%2BEKNWuXcvxpWe"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ee6e9e6d98f8fda-FRA
content-encoding
br
208598X1688373.skimlinks.js
s.skimresources.com/js/ 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/208598X1688373.skimlinks.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb5011b47580532b2f4140243658824b83e672b9a1e7efc2bac24d0cee7973b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:47 GMT
content-encoding
gzip
last-modified
Tue, 15 Mar 2022 10:46:56 GMT
server
AmazonS3
x-amz-request-id
ZMQKN7H72NNDY557
etag
"0e0e8addeec236d4ab010b71ff31baed"
x-hw
1647700307.cds241.am5.hn,1647700307.cds219.am5.c
content-type
application/octet-stream
cache-control
max-age=3600
accept-ranges
bytes
content-length
18852
x-amz-id-2
+aBpvl45VWA7TH63kGTUyXwNcT2hZU1qu+WVW/HbpQgmHGRrL7ui7Ht21FBl+VexneH1svCuMfI=
js
www.googletagmanager.com/gtag/ 		170 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MHSJPPB6JE
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c7137a7356ab546f5553a51fa1a85e9eda2b23692689621443a089f683b95eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:47 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64288
x-xss-protection
0
expires
Sat, 19 Mar 2022 14:31:47 GMT
rawwdigital_lander.js
cdn1.decide.dev/tracking/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.decide.dev/tracking/rawwdigital_lander.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1e00:9:d7ff:bd00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc36001176809c54fe050368b70394598595dae41be3d65fcf4b940c2a6b8fed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
VKF3PXIGT6uahfGgqqEppePmeEsxnDfi
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 23:32:43 GMT
server
AmazonS3
age
63662
etag
W/"d03f6760ecb4de6f21e8a508d1e69a36"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
date
Fri, 18 Mar 2022 20:50:47 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
JWFfBA8GXany-7jeUjQd97cMmAIPcr_vmL_l3ZjvINxo3R5r5xxdCw==
g1250.css
resistthemainstream.org/wp-content/cache/wpfc-minified/7wo4u5gj/ 		812 KB
91 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/cache/wpfc-minified/7wo4u5gj/g1250.css
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
769968d586489050b97c345679dc9d6f2121a1c26c368c939ef6d0894a8025b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:48 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sat, 26 Feb 2022 14:30:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G7AFr%2FotV5zIWL04IDOJLaSY8sn%2F1tnN4zeON4JvvpQRCIC5rbgUHu62kmMezWOfqe6on7OtTR9zszd4OgZDo8GswKuNgzRdlMBYOvG9B%2BvS%2BS%2BJnIJDM2b%2BGnhdj9zVLvS75mbGSOJzGn%2BOvS4K9XY9SwA%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ee6e9eb4eaf8fda-FRA
expires
Mon, 18 Apr 2022 14:31:48 GMT
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%7CMontserrat%3Aregular%2C700&display=swap&ver=1.2.6
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a76630aeb16240e83f630491860681c35ec807a778524dafd8841013388cdd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 19 Mar 2022 14:31:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 19 Mar 2022 14:31:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 19 Mar 2022 14:31:47 GMT
g1250.css
resistthemainstream.org/wp-content/cache/wpfc-minified/7l4b4iwc/ 		670 KB
135 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/cache/wpfc-minified/7l4b4iwc/g1250.css
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76e0bd45add7e97d531583fc2c296ce699eeeccdebd54f2eaa0741aa00eb63c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:48 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sat, 26 Feb 2022 14:30:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H8esurakDDll1hQJ%2B0Bi66oYxCybaquHvx%2F539fKfFdo4ZXRIMgk2hqEqLTu2skD8UTe6JvgWkngPMSREJAjJ%2BNau%2FclTMSpuPV728r9SsW%2Fya%2BgKMEGOXelWU8vdrMdLpDXXb0KpOZhgEKnwdQzkLGdALtN"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ee6e9eb4eb38fda-FRA
expires
Mon, 18 Apr 2022 14:31:48 GMT
g1250.js
resistthemainstream.org/wp-content/cache/wpfc-minified/2i4w2w/ 		112 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/cache/wpfc-minified/2i4w2w/g1250.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38ad74927dffa428f88472c101c2d2f1fd943032ccdea08170ab2391c0f4c2a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:48 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sat, 26 Feb 2022 14:30:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3AnoLkznZFX6aPYNksuMAHvpbM3c4uSFTsCStC%2Bf0NYiCB3O0A%2F70%2FqK9bDw3vQX2Odxh2P5iIJUkFwtnoWHMs0oYY%2BjoT0OR1RUJPHFC7vbilDQR2LV2iWUrI8sg7Vcd5GBRYE0U%2BQqXHTJHurdylOoG940"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ee6e9eb4eb48fda-FRA
expires
Mon, 18 Apr 2022 14:31:48 GMT
/
r.skimresources.com/api/ 		150 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/208598X1688373.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
bdbf5949e75852c4765edd7c3e01863b61b9c03958baf6098343767bd9b891bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 19 Mar 2022 14:31:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://resistthemainstream.org
vary
Accept-Encoding
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
robots.txt
t.skimresources.com/api/v2/ Frame 5C83 		0
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.8184131445599503
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:47 GMT
via
1.1 google
server
Python/3.7 aiohttp/3.5.4
alt-svc
clear
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=6.087360910044582
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:48 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
clear
content-length
43
content-type
image/gif
px.gif
p.skimresources.com/ 		43 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=6.087360910044582
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:48 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
clear
content-length
43
content-type
image/gif
vglnk.js
cdn.viglink.com/api/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viglink.com/api/vglnk.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a10d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:48 GMT
content-encoding
gzip
cf-cache-status
HIT
age
133985
cf-ray
6ee6e9f23a0f9a18-FRA
content-length
28567
x-amz-id-2
JRuATVnhK5aTWebrb/UxEx668VPTef9xrWWoafFq1mrvOYUxBj2865eVYh+xN7Y/BElkqf0Gcj4=
last-modified
Wed, 02 Dec 2020 18:57:12 GMT
server
cloudflare
etag
"072eaf64a771815874455704fca9301b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
T5CV2HSV57XY278Z
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
text/javascript
expires
Sat, 26 Mar 2022 14:31:48 GMT
wp-emoji-release.min.js
resistthemainstream.org/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-includes/js/wp-emoji-release.min.js?ver=5.8.4
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:49 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sun, 03 Oct 2021 22:07:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Xhk706mauk%2BO5tooCnYRDsO1CjLOWz9ALJ6vdRZUKthz6Cj0KL6EQtrB3w1EkNhK%2FpsGZ6sGWU%2FMFocgv11b6OwokmQLpqj7y2b1%2FvdoaXW4mdAVKQ2NaIXdkDpiPiMWAyXybqJgtP6q4t9NA5gcNvECqJP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ee6e9f1eee78fda-FRA
expires
Mon, 18 Apr 2022 14:31:49 GMT
signal-2021-09-28-044331_001.png
resistthemainstream.org/wp-content/uploads/2021/09/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/uploads/2021/09/signal-2021-09-28-044331_001.png
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2b87637211d065cc2722c6ce0a173c4defdbaa4ff7b8144ff6902457aa017

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:48 GMT
cf-cache-status
EXPIRED
last-modified
Tue, 28 Sep 2021 02:48:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rmv%2BjWRX1CMaAkWD0iCYlfm4aCsB%2F%2F5Yi9nj%2FBFrmmFchpcrvxOI4LveTOIP6MhLXeF1q4tr5AEuPjsZjhh%2B1xYmUumzROZewY9Z7nhAXXoqSkIy1vcx48PeuiDP5Le8Cp126U3yg%2Foldsy0g4kdOSPPTVBx"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ee6e9f1eee88fda-FRA
content-length
2863
expires
Mon, 18 Apr 2022 14:31:48 GMT
logo-mobile.png
resistthemainstream.org/wp-content/uploads/2021/09/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/uploads/2021/09/logo-mobile.png
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
735ba0855a8e681e98e185111aae755c396d6c0f889c40947b6d758551075f6e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:49 GMT
cf-cache-status
EXPIRED
last-modified
Tue, 28 Sep 2021 03:17:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=isvWtnqKJ3TSPvUJKT84dQ9bGVoA8VRhnctOcSll8P1N2%2BtmyyPSZZGux9E2OWl9jxoQasdbqJI%2FpnJCICBCiwp43dG0%2BQqYmBx%2Fc1kWULuv2DSRNAqPJNc9h5SQKs2tC7a2gzfzr7ntZh1Z03V%2BogMFFvU2"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ee6e9f1eee98fda-FRA
content-length
1699
expires
Mon, 18 Apr 2022 14:31:49 GMT
img.fetch
udmserve.net/udm/ 		35 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=17411;tid=1;dt=6;
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 , Canada, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
846130dc6caff52dec180174ec1c779571d95270a360d56f1070ae411fe55dfa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Mar 2022 14:31:49 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Type
application/x-javascript
Expires
0
email-decode.min.js
resistthemainstream.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 17 Mar 2022 12:28:09 GMT
server
cloudflare
etag
W/"62332959-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UP%2BsgvWTheVc81%2BHgP8Camj7kMJF5jbZU%2BjTIGjq41fe25FIhicY4kgE8D6OvV7VsMHhwdWLQA4%2BT6NnYMGxbXYDW%2FraupxfNo72%2Bny1OAUMYsdwkhULe10MvwzKKME3IT2QAgl0YaYLj4EDnIPU8Rd2lsr9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ee6e9f0ed928fda-FRA
vary
Accept-Encoding
expires
Mon, 21 Mar 2022 14:31:48 GMT
resistthemainstream.org.1149360.js
jsc.mgid.com/r/e/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/r/e/resistthemainstream.org.1149360.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04481253fc5a43fc96bca1ba82cb9747a6fc7be634cb609bbaff26bee1022f5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:48 GMT
content-encoding
br
cf-cache-status
HIT
age
5122
last-modified
Thu, 03 Mar 2022 13:46:00 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
QF7SXV69V9R61V34
x-amz-id-2
5BzqB0UdEF3LNM4htYz4s68GazTl8uQSaJNYifrkrKt4Q9MEoFpuIlZwXswDxcPotF1yWsNZu3c=
cf-bgj
minify
server
cloudflare
etag
W/"0bb8d4d84ded6a87b2c757a313f65efb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6ee6e9f22a155bed-FRA
expires
Sat, 19 Mar 2022 17:31:48 GMT
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6762) /
Resource Hash
c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 14:31:48 GMT
Content-Encoding
gzip
Age
1333
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
29178
x-tw-cdn
VZ
Last-Modified
Wed, 16 Feb 2022 18:46:17 GMT
Server
ECS (frb/6762)
Etag
"f7f936f48944db7f829585c4368f33ae+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
embed.js
talk.hyvor.com/web-api/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://talk.hyvor.com/web-api/embed.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:891 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10d10d857f0b9ee4649d0b0531ea87e1527a0dbbc3f3647cebfcd922c6c37ba5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Mar 2022 12:52:14 GMT
server
cloudflare
age
437974
cf-polished
origSize=6290
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SOuQlcaghvpUWb1mZPwOc%2B2kSN2iB2XSuikubXyAvuQLTy%2FbFOY77iqYEAvu5JlRMCP3lvgZ4tHjtWxfcV3NBLmdgo4PBVgXcqKEysVHmPcoyMoGsxkC%2FibVCTFrgCjFt0b6p0hlv1CBNhfm"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=0, public, s-maxage=1382400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ee6e9f209aa9107-FRA
cf-bgj
minify
resistthemainstream.org.1156929.js
jsc.mgid.com/r/e/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71a1935b3ad6191ba5bc69f86429029d95d965b6c15dbb21943868ab0bbe8fc8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:48 GMT
content-encoding
br
cf-cache-status
HIT
age
2317
last-modified
Wed, 16 Mar 2022 11:13:06 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
HCE33R96F96WNVQ1
x-amz-id-2
aA+qs7ykEJkXutaSpwM1VbbPRRMJuLWSYVpJCOL18PEpgznET0BjjX2wQ6GsNju7BYCluepilPs=
cf-bgj
minify
server
cloudflare
etag
W/"fd025cd8d7dd5400829ddf820043e56b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6ee6e9f22a1b5bed-FRA
expires
Sat, 19 Mar 2022 17:31:48 GMT
/
talk.hyvor.com/web-api/count/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://talk.hyvor.com/web-api/count/
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:891 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3d6f43856edb4773691473aba669b43e4b4a0caeae37d2f8fa19456f1b8adae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"54ae38239fdac3aebd77d7563e732af2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sBJJPfdPiXmyPs3iDoiOo3vFx9qm3%2B%2FRrUKIeGrDyxyZTj7FXRqlP2XzyYPlph%2FWNg4Ut42R0QmGlg%2B4OQjPS23cTI7R5xe8IpDz4mUDAoSZZg8TXePsd%2BVoOMSy4mnxWfs1Bl6%2FApqu3Hfw"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000, public
cf-ray
6ee6e9f209ab9107-FRA
front.js
resistthemainstream.org/wp-content/plugins/embedpress/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/plugins/embedpress/assets/js/front.js?ver=3.3.3
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f62e11b110b6233da7f94fc6715e2d026d3dd3cc22fa394623ba16c9316fa8f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:49 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Tue, 25 Jan 2022 02:39:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lktZFZeFrcAfWTByYB%2BYjXxjMX8qcSJw8%2FR3Ni7PtzpMe4QjGYhr49uBXSze%2FD5F0VIV0kme3ct0Dowv4qPpWpiAtV4iOh%2FARBPUa50hz046c%2FCKUp9tN4BrseoQuL1Ev3i97EYLxxa1l%2B18m%2BBPpeA5eBkz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ee6e9f11dcd8fda-FRA
expires
Mon, 18 Apr 2022 14:31:49 GMT
frontend.js
resistthemainstream.org/wp-content/plugins/jnews-paywall/assets/js/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/plugins/jnews-paywall/assets/js/frontend.js?ver=10.0.2
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc9c3fcc4471623d464db7a4744808d67f44d3037866797a3fce2c046685c9bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:49 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Tue, 25 Jan 2022 03:15:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d9sTQdE3iElwN1oeTEhAUWZn%2BElx84XfF8g1l75SPb6dU%2FL43Hk8U%2B%2BpnJz%2BtQdJw7nmHwt9zdkdoR0DUJfPLi2WdsxZHNXbEJOJllyktKKlDP3pxmMlg8f3OUFnacKuEsOEuN9rwJBCggwz2jsvCCvlOMdB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ee6e9f1ae7e8fda-FRA
expires
Mon, 18 Apr 2022 14:31:49 GMT
comment-reply.min.js
resistthemainstream.org/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-includes/js/comment-reply.min.js?ver=5.8.4
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:49 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Fri, 16 Apr 2021 00:35:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UbhHbHn6qUeybrDHZ6bnPSMnqKAUcOcKBI%2F7mIArKyYrHKWeY4x1jPdZSRAYUdOjk3cCAiBqzysoBZcGj7Gb%2BXpckyqYjEHYDvejLmKjYwfb%2B%2FxeyQjd0cg%2BlGQwhH1jJ91UTBTsPRq%2Fv4tFUbpfqYDGQvHd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ee6e9f1eedd8fda-FRA
expires
Mon, 18 Apr 2022 14:31:49 GMT
hoverIntent.min.js
resistthemainstream.org/wp-includes/js/ 		1 KB
1016 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-includes/js/hoverIntent.min.js?ver=1.10.1
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd1cc14b59f5918e11725643ef36381b85cf569c6626fb4fdbe39c2eba9bdfe8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:49 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sun, 03 Oct 2021 22:07:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3XN5PmzRtgvrMh0%2Fg99wzgR1qEnuz7yTiOIL12I%2FFp3sOwVzKdx23Uq3CkIXF3mxqC4wm%2BvtO6zDiQ5xuei2AlxrKqX%2BfNn4tWZv0W374uVA3K9Abkl%2BmifuKgTcLaXNgL7mpiIrAmfpdsiggwIhESkKf2X"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ee6e9f1eedf8fda-FRA
expires
Mon, 18 Apr 2022 14:31:49 GMT
imagesloaded.min.js
resistthemainstream.org/wp-includes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:49 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Fri, 05 Feb 2021 00:14:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MQ62mRwtquX593T0LZt9oKkWIaXPg9WbB84iKqJBgRWudc1mGtm1dtlrQWuMp%2BNNeqsvvq7QHMWJ5kShT%2FHOXtAAy8gw16KNayZGojIDNdlmUCcJwF4TFCOUdZH37lhOktT5MRpziQVKPUll5tJUgLvCIGBz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ee6e9f1eee18fda-FRA
expires
Mon, 18 Apr 2022 14:31:49 GMT
frontend.min.js
resistthemainstream.org/wp-content/themes/jnews/assets/dist/ 		294 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/themes/jnews/assets/dist/frontend.min.js?ver=10.0.9
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
777ed778de6f8fc2f1d332610998bf45a8c9c4601ea0f96c91ec92052708f6f6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:49 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Tue, 25 Jan 2022 03:12:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V6taiEYYhOQjki5MXEIuxxgZurX8xfnm9MkmLfUWH2VcrxdyAxIT7Oo2JDgHiEf2Mly7OLDc7m534GKGPKL8xcO15tVylDec4lB%2BO6%2FRKtMu7GmKNT%2FP%2B%2BbN7gV41OzPMlZVSy1DaeO4eSJt%2F98MlgRcCdtO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ee6e9f1eee28fda-FRA
expires
Mon, 18 Apr 2022 14:31:49 GMT
frontend.min.js
resistthemainstream.org/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/frontend.min.js?ver=3.4
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfbfb77a8ec93c492ddb23650915dc98fd562a4e7c1071dc18194f78933ff4d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:49 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Thu, 27 Jan 2022 02:48:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LnFjnOwipLiMReYPLgG24CzVRKkCWCP2L%2FCbcAJubjk4n9ehNqIuPEjx0pZbQc%2Bu5K%2BIaA%2FdwKvjqykcAo0EBYhgO8r8AJEuYZt%2FsrDtpO7At%2FYPdf91x1%2FXosRH1uVERS5eYVFuvwDUFUrP9J%2B%2Bu0ru9MmS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ee6e9f1eee48fda-FRA
expires
Mon, 18 Apr 2022 14:31:49 GMT
plugin.js
resistthemainstream.org/wp-content/plugins/jnews-social-share/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/plugins/jnews-social-share/assets/js/plugin.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae63276d13de5376dd9d5d0dd2d330cb131ace6ab96008ddcad724acff553cea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:49 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Tue, 25 Jan 2022 03:16:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gBbCKdoOTeAgpo2z8W7MK326gsU1GJTVXV1ghhTzpS7sIDmm2l18rBIwTpafJEFQMVQ603%2FL%2F1KTnWkx2eHjvxRXS%2BJXYzEPxqT9Xf2ItBz0FdBSPib8hSCcDnmqmo%2FGy2W9KT45vNmoq7kT1a9h97M5FvxH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ee6e9f1eee58fda-FRA
expires
Mon, 18 Apr 2022 14:31:49 GMT
ads.js
resistthemainstream.org/wp-content/plugins/quick-adsense-reloaded/assets/js/ 		78 B
363 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js?ver=2.0.39
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ecad403abe6094919937758649c7fe968b8339a0b958e232acab55ca87ef02b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:49 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Tue, 25 Jan 2022 02:39:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YJfWUrNlKQRewXOOVrCv0LM9GvUC5DfhNkuWYm%2BN0KcJcaSlTbqXbPpKg%2BcDmKGBHiP6t9VZU%2FzrzY6Hehg2OQwW%2BOLOFz5SmYWdoigx5xUCEUFKVEY0isol4Pr8UQmDvb9yPAIZAiyIwRlEMGBaFxPi4gSc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ee6e9f1eee68fda-FRA
expires
Mon, 18 Apr 2022 14:31:49 GMT
collect
www.google-analytics.com/g/ 		0
352 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-MHSJPPB6JE&gtm=2oe3e0&_p=1386409109&sr=1600x1200&ul=en-us&cid=1375555129.1647700308&_s=1&dl=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&dt=Plan%20to%20Re-Open%20The%20Capitol%20Revealed%20After%20Being%20Closed%20for%20Two%20Years&sid=1647700307&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MHSJPPB6JE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 14:31:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2fdl5ImIhc3r9VnbMUN5dbvfvvXftac9Qf8ypHfV3kgsyZTjlpn235Y
fearlessfaucet.com/ 		89 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fearlessfaucet.com/v2fdl5ImIhc3r9VnbMUN5dbvfvvXftac9Qf8ypHfV3kgsyZTjlpn235Y
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.62.199 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
199.62.190.35.bc.googleusercontent.com
Software
/
Resource Hash
c5133e29e20238bb5e141f5311da5e3676a81672a61a5ad99abcdac7f3f85e32
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"f1a713c08c206f14a8a75bc2e744567baed79d41d07d3f7fdb4b781adda40bd8"
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-kh86
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Sat, 19 Mar 2022 14:31:49 GMT
x-buildnumber
491834569
timing-allow-origin
*
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%7CMontserrat%3Aregular%2C700&display=swap&ver=1.2.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:30:55 GMT
x-content-type-options
nosniff
age
241253
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:14:03 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:30:55 GMT
fontawesome-webfont.woff2
resistthemainstream.org/wp-content/themes/jnews/assets/dist/font/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/themes/jnews/assets/dist/font/fontawesome-webfont.woff2
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/wp-content/cache/wpfc-minified/7l4b4iwc/g1250.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://resistthemainstream.org/wp-content/cache/wpfc-minified/7l4b4iwc/g1250.css
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:49 GMT
cf-cache-status
EXPIRED
last-modified
Tue, 25 Jan 2022 03:12:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F0uY%2BsI8vCGdOc1O6KDc4dHLNZbSyfpFwO3UfIGFWcr%2F6WwPH5ZwEb8XlC%2BldhB0r%2BR%2ByJPMnt4J6UkqpIKvBoj8P3%2BZ76fsSEzWF7%2FN7HXbvspEaIBya8bfvQL%2BqhhD8OBq1bmT4xfn%2B5Vk4LVfrf%2FVZUEy"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ee6e9f1fef98fda-FRA
expires
Mon, 21 Mar 2022 14:31:49 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%7CMontserrat%3Aregular%2C700&display=swap&ver=1.2.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:31:18 GMT
x-content-type-options
nosniff
age
241230
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:21:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:31:18 GMT
ajs.js
cdn2.lockerdomecdn.com/_js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.lockerdomecdn.com/_js/ajs.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:f200:a:cbb7:a940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
032748afc697ad6c81591cf5304a1395a1045dff8604fdfeaaa06d8365ea92bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 20:55:00 GMT
content-encoding
gzip
last-modified
Mon, 14 Mar 2022 18:22:05 GMT
age
63408
etag
W/"14de-17f89aa7bfc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
wK-ZdOFyF-k41wtD0WgJz9W7OLjzUKd6iAj9hPp6CZZa4WJWGpB7oA==
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v23/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3Aregular%2C700%7CMontserrat%3Aregular%2C700&display=swap&ver=1.2.6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 08:55:44 GMT
x-content-type-options
nosniff
age
279364
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:11:59 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 08:55:44 GMT
2021-04-03_21.54.16-80x80.jpg
resistthemainstream.org/wp-content/uploads/2021/09/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/uploads/2021/09/2021-04-03_21.54.16-80x80.jpg
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67c07c0e4ec4c5d0bc7e227dbe689dd03035b4cb0f8394574e1b6740af383461

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:49 GMT
cf-cache-status
EXPIRED
last-modified
Thu, 23 Sep 2021 02:54:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iw2M9KYBvANLgu%2FObG0YhMfwJYIiXb2lygzWdo%2Fahw9l9lE3IjF14C7GKsoRD4yPw6k%2FJq4uenkxOtz4Yhkh%2B3Uwr5ARhQRYMIS8Vby4WF8lAXh3oZCUB9s1geMqVl3t1E4RCBvZEu9zb2eqt1TzokZCLKGY"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ee6e9f23f2d8fda-FRA
content-length
2072
expires
Mon, 18 Apr 2022 14:31:49 GMT
preloader.gif
resistthemainstream.org/wp-content/themes/jnews/assets/dist/image/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/themes/jnews/assets/dist/image/preloader.gif
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/wp-content/cache/wpfc-minified/7l4b4iwc/g1250.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2e60e9eae839d6b2e857c708f6d02ae6069141594b941a1590cd5c5435d42f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/wp-content/cache/wpfc-minified/7l4b4iwc/g1250.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:49 GMT
cf-cache-status
EXPIRED
last-modified
Tue, 25 Jan 2022 03:12:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2B%2BfNNVdtokvtLKVjc1hLowkoZWTeZ%2FQgtAIGGw3aSuCE6z4bY%2FAgtcX8j5FIMED8WIyV38vK4mb7vQxGR76pgooGpvYglaFteqN8yZKUnigsP3GXP1OMAy%2BwhTNFiRVFh%2BudWLVdIZFCfEW1rLqPhG0hcEU"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ee6e9f23f318fda-FRA
content-length
4399
expires
Mon, 18 Apr 2022 14:31:49 GMT
jegicon.woff
resistthemainstream.org/wp-content/themes/jnews/assets/dist/font/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/wp-content/themes/jnews/assets/dist/font/jegicon.woff
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/wp-content/cache/wpfc-minified/7l4b4iwc/g1250.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede

Request headers

Referer
https://resistthemainstream.org/wp-content/cache/wpfc-minified/7l4b4iwc/g1250.css
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:49 GMT
cf-cache-status
EXPIRED
last-modified
Tue, 25 Jan 2022 03:12:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OcbzIRyT0mD%2B9WPmJL5cEghSQKDWtCBL86kTqSNv1jX6Y1M7kC1rrcX40KUPpsuQsZuIsEq1umv1%2FnDkcOFH3uniC36pDoWmqtvOWmblByv35%2FgaC24GIcnRQOr53xlECF0MUVFoNiTN8t2ftYqB7V80RSYy"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ee6e9f24f3c8fda-FRA
expires
Mon, 21 Mar 2022 14:31:49 GMT
jeg-empty.png
resistthemainstream.org/wp-content/themes/jnews/assets/img/ 		70 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/themes/jnews/assets/img/jeg-empty.png
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67ebf650147a9122e94ff1b25a78a82e903b92b877821c1479de69f00f59d429

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:49 GMT
cf-cache-status
EXPIRED
last-modified
Tue, 25 Jan 2022 03:12:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uUb%2BdLBwPg%2Bg7PwYumaXqhiIvlr8RUwBUlqjvAI2ScdYsWXMzF59fHc0LoAqeXh1%2FgImrNOvULrjVzsf1bHLU9jW0e41AF3FFdXhDsQ5GVe65%2BAJF8cwk70gpQXML6QTg8Qk%2BIp251phOOpJoyFOowjAaM4E"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ee6e9f27f888fda-FRA
content-length
70
expires
Mon, 18 Apr 2022 14:31:49 GMT
resistthemainstream.org.1149360.es6.js
jsc.mgid.com/r/e/ 		242 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/r/e/resistthemainstream.org.1149360.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1149360.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46d6f9ea0f21c418991891eb13b8e73d8340d795b0b0cae6bb6ef1fe4ab1a299

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:48 GMT
content-encoding
br
cf-cache-status
HIT
age
3758
last-modified
Tue, 15 Mar 2022 11:27:10 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
4C22Y02DPAPTBAVW
x-amz-id-2
5TICBpCXK9DPNubq7VYO+M7p7CiFCFNgJlxdjwlN6umOVSah8NeFkr6TPqnB+1mTBpwCYLDu3j4=
cf-bgj
minify
server
cloudflare
etag
W/"dbda555a20b05eacb28abc17f38439b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6ee6e9f2ab1f5bed-FRA
expires
Sat, 19 Mar 2022 17:31:48 GMT
resistthemainstream.org.1156929.es6.js
jsc.mgid.com/r/e/ 		246 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1152d50e9f5854ed80eb9fb9e56e1db92d3c2164d15e867593347c675c4885aa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:48 GMT
content-encoding
br
cf-cache-status
HIT
age
1624
last-modified
Wed, 16 Mar 2022 11:13:06 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
HCEBP2DTT8QMJ505
x-amz-id-2
vgEJGuMApnpU5y4iHjhGzLrKqhjHkjNnHo0jKcTGtwakd4mi7p1dpsRc6N42eXEqfswL1gqf0Po=
cf-bgj
minify
server
cloudflare
etag
W/"7d722ed3bc21a44e1a35dffe01b5b1e4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6ee6e9f2ab215bed-FRA
expires
Sat, 19 Mar 2022 17:31:48 GMT
ping
api.viglink.com/api/ 		0
0
resistthemainstream.org.1261872.es6.js
jsc.mgid.com/r/e/ 		236 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/r/e/resistthemainstream.org.1261872.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dddf32236809554a2b9015a25adf0484a5d60f547682a6d13631f15b3d247f07

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:48 GMT
content-encoding
br
cf-cache-status
HIT
age
2038
last-modified
Tue, 15 Mar 2022 12:05:22 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
NCBDW413T5EG438E
x-amz-id-2
NWWAGW1aYxPtqZQHBVh5x34pEoy5xw6xJErfj6ZNmZ5t2+v6PDsZLg/CaZ6FXIfDumnkX8Jqeig=
cf-bgj
minify
server
cloudflare
etag
W/"888845e1dec2d3058b26168ca0953172"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6ee6e9f2ab2e5bed-FRA
expires
Sat, 19 Mar 2022 17:31:48 GMT
13420768046326374
lockerdome.com/lad/ Frame 4078 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/13420768046326374?pubid=ld-2873-5284&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=1140
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Sat, 19 Mar 2022 14:31:49 GMT
analytics.js
www.google-analytics.com/ Frame FE3A 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3418
date
Sat, 19 Mar 2022 13:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 19 Mar 2022 15:34:50 GMT
13420770663572070
lockerdome.com/lad/ Frame 4000 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/13420770663572070?pubid=ld-6303-9494&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=660
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Sat, 19 Mar 2022 14:31:49 GMT
13436276233712486
lockerdome.com/lad/ Frame DBB4 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/13436276233712486?pubid=ld-9325-4135&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=660
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Sat, 19 Mar 2022 14:31:49 GMT
13763115057895526
lockerdome.com/lad/ Frame 3CD3 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/13763115057895526?pubid=ld-1141-7973&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=275
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Sat, 19 Mar 2022 14:31:49 GMT
collect
www.google-analytics.com/j/ Frame FE3A 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=21481869&t=event&ni=1&_s=1&dl=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&ec=AdUnitInHiddenContainer&ea=14264500010300518&_u=YADAAEABCAAAAC~&jid=1241556887&gjid=1959170430&cid=1375555129.1647700308&tid=UA-1933164-1&_gid=182817348.1647700309&_r=1&_slc=1&z=2033164929
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 14:31:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
c.mgid.com/pv/ 		0
403 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=1647700309377888730058&uniqId=0787b&childs=1225368&lct=1647388800&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F&lu=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&sessionId=6235e955-0bafb&pageView=1&pvid=17fa297758186b7af38&site=720235&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 14:31:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6ee6e9f5b8515bed-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
mgid_ua.svg
cdn.mgid.com/images/mgid/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:49 GMT
content-encoding
br
cf-cache-status
HIT
age
2605
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
WYJFAHZEWX29G5P1
x-amz-id-2
7OhnRNS5qYiPixt1bdMACoBnVA6U2fTn+4wxcph9JgZ8A6Wf5wu7tffo1ahPOZVgwaHgPHNZELo=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6ee6e9f5d8935bed-FRA
expires
Sun, 20 Mar 2022 14:31:49 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
905 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:49 GMT
content-encoding
br
cf-cache-status
HIT
age
1527
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
TAP7D9AX42CTQWCM
x-amz-id-2
yWiQkf6i6fP7LLOyAenFd/HG+4L6aOdgW5NCjbh4tPZbMZ6HKWByoWrIYipkAdjN8x6oyYYEkno=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6ee6e9f5d8925bed-FRA
expires
Sun, 20 Mar 2022 14:31:49 GMT
dc.js
stats.g.doubleclick.net/ Frame 4078 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13420768046326374?pubid=ld-2873-5284&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=1140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2841
date
Sat, 19 Mar 2022 13:44:28 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Sat, 19 Mar 2022 15:44:28 GMT
dc.js
stats.g.doubleclick.net/ Frame 4000 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13420770663572070?pubid=ld-6303-9494&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=660
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2841
date
Sat, 19 Mar 2022 13:44:28 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Sat, 19 Mar 2022 15:44:28 GMT
dc.js
stats.g.doubleclick.net/ Frame DBB4 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13436276233712486?pubid=ld-9325-4135&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=660
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2841
date
Sat, 19 Mar 2022 13:44:28 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Sat, 19 Mar 2022 15:44:28 GMT
dc.js
stats.g.doubleclick.net/ Frame 3CD3 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13763115057895526?pubid=ld-1141-7973&pubo=https%3A%2F%2Fresistthemainstream.org&rid=&width=275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2841
date
Sat, 19 Mar 2022 13:44:28 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Sat, 19 Mar 2022 15:44:28 GMT
1
servicer.mgid.com/1156929/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1156929/1?pv=5&cbuster=164770030946221904599&uniqId=0787b&childs=1225368&lct=1647388800&niet=4g&nisd=false&jsv=es6&w=1140&h=2875&maxw_6=300&maxh_6=250&cols=1&ref=&cxurl=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F&lu=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&sessionId=6235e955-0bafb&pageView=1&pvid=17fa297758186b7af38&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b0e239f2f18ddf7e06dc64e60e3c8507180e2f8f23a7b7baebf5d5c9048efc5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 14:31:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6ee6e9f6390e5bed-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
widget-ssp-performance
c.mgid.com/ 		43 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/widget-ssp-performance?time=133
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 14:31:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6ee6e9f67dbb9bb9-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1
servicer.mgid.com/1149360/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1149360/1?w=660&h=309&cols=2&pv=5&cbuster=1647700309554995160540&uniqId=14d45&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F&lu=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&sessionId=6235e955-0bafb&pageView=0&pvid=17fa297758186b7af38&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1149360.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93bf0a1facee7ac7d79939d5e48e172080841b281de3d1a61463a7ba0fe5bbc9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 14:31:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6ee6e9f6ba0a5bed-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2Q0MjQyOWVkMmI0MDE5ZDFiZDgxNjZlNjQ1YzQyNTM3LmpwZWc.webp
s-img.mgid.com/g/3839412/492x277/0x20x899x599/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3839412/492x277/0x20x899x599/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2Q0MjQyOWVkMmI0MDE5ZDFiZDgxNjZlNjQ1YzQyNTM3LmpwZWc.webp?v=1647700309-JvD51MpCWgRNt_KETu53seN_QSOSUvNCISaPjuZBG_Y
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37bbba8ffbd30285300e9571b23cb5c32edfc7740811f95ca28a258112fa9400

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:49 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:57:21 GMT
x-mg-request-uuid
9f97b9fe-1fa4-49fb-bb77-4a1b85e1511b
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ee6e9f7491a9b8c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20976
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMDgvMTAxOTI0LzcyOWIyZDdlMzZkOGFhNTBjYWM0MjdlNGQ5NTk4ODMzLmpwZz90PTE0ODkwMDQ2Mjc4MjA.webp
s-img.mgid.com/g/3805531/492x277/0x0x1023x682/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805531/492x277/0x0x1023x682/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMDgvMTAxOTI0LzcyOWIyZDdlMzZkOGFhNTBjYWM0MjdlNGQ5NTk4ODMzLmpwZz90PTE0ODkwMDQ2Mjc4MjA.webp?v=1647700309-9bPC5o7pkMGfH_IcK8e0mfsJP6nkYnlUjC8ZiwVB5Vs
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97f9639ee27e7951f93e6507ab9d203e2d003b72cfc06c6bcaffe3e8687bbc8d

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:49 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:57:33 GMT
x-mg-request-uuid
2de06352-24c5-4523-adfc-c7bbb484c8cc
age
75324
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ee6e9f749249b8c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38216
server
cloudflare
i.js
cm.mgid.com/ 		0
113 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1647700309660285658135
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1149360.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 14:31:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6ee6e9f77b545bed-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
widget-ssp-performance
c.mgid.com/ 		43 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/widget-ssp-performance?time=198
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 14:31:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6ee6e9f7887c9bb9-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
i-noref.js
cm.mgid.com/ Frame 6496 		0
62 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1647700309693698914208
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1149360.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 14:31:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6ee6e9f79b955bed-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
performance.css
video-native.mgid.com/mgPlayer/css/1.11/ 		40 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://video-native.mgid.com/mgPlayer/css/1.11/performance.css
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.es6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
5bf7378bca4930ee4e9fb8ab093c16ab60489c74376390de855b71d0c706ea57

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc32
date
Sat, 19 Mar 2022 14:31:49 GMT
content-encoding
gzip
last-modified
Fri, 21 Jan 2022 08:57:47 GMT
server
nginx
etag
"a089-5d613d01797c6-gzip"
vary
Accept-Encoding
x-cached-since
2022-03-19T12:19:25+00:00
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
6903
expires
Sun, 19 Mar 2023 12:19:25 GMT
api.min.js
a.omappapi.com/app/js/ 		206 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/api.min.js
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-152-64-17.datapacket.com
Software
BunnyCDN-CZ1-887 /
Resource Hash
1ed4734791777f57d36844df1561b04ad78e578722c5a8ce9bc6c527efbeebbf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:49 GMT
content-encoding
br
cdn-edgestorageid
887
perma-cache
MISS
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
03/14/2022 17:10:38
cdn-pullzone
293267
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-request-id
DGBKZ5TCF5Q6X9XR
x-amz-id-2
5jLwsaRKwb3PEN02Rw9zDUSEx4p8R60StS2AZWUva80TGpY853iLxzphPUXZ1bhaCAZ58WTX0O4=
server
BunnyCDN-CZ1-887
access-control-allow-origin
*
last-modified
Mon, 14 Mar 2022 17:10:30 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"8f989afc46a77cb9d0a03747f45683db"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cache-control
public, max-age=31919000
cdn-requestid
c0a642c13534cb993280c581e59d27b2
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
/
resistthemainstream.org/ 		123 B
573 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://resistthemainstream.org/?ajax-request=jnews
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a25d016e53a4de88e9bd730605fedb4f909561b8941d875ca5cd746bb84d0987

Request headers

Referer
https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 19 Mar 2022 14:31:50 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VrTf%2B4I9fn6iU1vx6THyL4W1DeJW9mowmeqSbopYLwp9YtRrKXw7g4QrsqABTJoCzoaJGqII1rRIg5m5aYRMpbPa0tlAr1EnhEVVcyFkRkLb3jBtsQc1KtSov%2BYfqva3rdA8QH6JrNtRoC9qgIjNe2uNMlrY"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
cf-ray
6ee6e9f7edb18fda-FRA
expires
Wed, 11 Jan 1984 05:00:00 GMT
Untitled-1-43-750x394.jpg
resistthemainstream.org/wp-content/uploads/2022/03/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/uploads/2022/03/Untitled-1-43-750x394.jpg
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb95c23da853b70730bbdf5ed86d9d5866bc462f22a9b095d9aee824d10e0590

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:50 GMT
cf-cache-status
EXPIRED
last-modified
Fri, 18 Mar 2022 11:48:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZDJ9mzyKfVOdnee5WEXH%2BDGfb8buLGDloAfvEVzT3CArCPH%2BVZNvk7JvrlhOXFo36hdZGybIvf1mzpZYEztJQJ6zc63F2KZSy94fnoMNAl7b2ZNXDae%2BlH0v4k8RbTkpaCA51fyLEKcA2UO3ZOP1ZY05Qyx"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ee6e9f7edb78fda-FRA
content-length
50107
expires
Mon, 18 Apr 2022 14:31:50 GMT
Fauci-1-1-360x180.jpg
resistthemainstream.org/wp-content/uploads/2022/03/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/uploads/2022/03/Fauci-1-1-360x180.jpg
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d56486ef3f954d30038a0b83610e2c7ff1e4e2422f8f76d72c5a7ad652d32f85

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:50 GMT
cf-cache-status
EXPIRED
last-modified
Fri, 18 Mar 2022 21:41:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OeayvgoJlJ0DvxShDvMsSQKIL4LWUo1gscTiet9XdeC0XyuOiU4qQXEgr919xduGJxHyNHTz282cVDXHDGkHJBXAMh8bl5i7d8eITY8p7C%2Fa9Havj1Y5TPz1UCk5OZudDWuwGD4hLpy0MpUETNPjb39vMO3F"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ee6e9f7edb88fda-FRA
content-length
10505
expires
Mon, 18 Apr 2022 14:31:50 GMT
Fauci-3-360x180.jpg
resistthemainstream.org/wp-content/uploads/2022/03/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/uploads/2022/03/Fauci-3-360x180.jpg
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
354dd855e6c947e71c9b7618e4b7aa6e13592aaf01e45b17c473b604c038cf30

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:50 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 16 Mar 2022 02:30:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mKj4eGJAQJ2JO8LIyxy%2BNV7RHRvocc8lPkBdYfAZ33hJlWmS%2FxrvCMfQPAehubopJpCmzj%2F%2B67dcD9Bzdd8bK4SfJjE7Ul8omv9kGp9g46TCP8EfAxNzNLokPy71W6lFE8DMWwswXXNgSu7NtsRyaxl35Ghk"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ee6e9f7edb98fda-FRA
content-length
11456
expires
Mon, 18 Apr 2022 14:31:50 GMT
skeleton.gif
static.adsafeprotected.com/ 		43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:d000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:14:35 GMT
via
1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
age
19433835
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control
max-age=315360000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
irktuOP17fUQbUNi8S2UJtFEyCiPmDAw73BffBo9476zp1HiAOBX8g==
/
r.skimresources.com/api/ 		150 B
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/208598X1688373.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
6927db6c60ce2347977462f4d52edadddd2b4bada30746381a4197f4601c987b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 19 Mar 2022 14:31:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://resistthemainstream.org
vary
Accept-Encoding
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
widget_iframe.a58e82e150afc25eb5372dd55a98b778.html
platform.twitter.com/widgets/ Frame 8C70 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fresistthemainstream.org
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67A7) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
316571
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Sat, 19 Mar 2022 14:31:49 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Wed, 16 Feb 2022 18:36:30 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67A7)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
udm-r3_v2.12.1.js
bid.underdog.media/ 		572 KB
172 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.underdog.media/udm-r3_v2.12.1.js
Requested by
Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=17411;tid=1;dt=6;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3e00:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3512fea879d5aa1860ff835641ac4dc5f8b9182d6f27816f95260a4d210de922

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 19:04:52 GMT
content-encoding
gzip
last-modified
Tue, 15 Mar 2022 18:58:46 GMT
server
AmazonS3
age
329218
etag
"673179aa20ca028a26bfe867a0019f7a"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
175745
x-amz-cf-id
Imq3YViLh6KlkVzExb_SPO4SN_dh-eQ4G9gwOZAXf_32_8Xdn4MOsg==
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=17411;tid=1;dt=6;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:49 GMT
content-encoding
gzip
etag
"u2JtyZzqnTXwzBUswy2r+w=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Sat, 26 Mar 2022 14:31:49 GMT
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID%3Bcb%3D0.6161566
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID%253Bcb%253D0.6161566
  • https://udmserve.net/udm/fetch.pix?dt=1;apnid=2327348148020347933;cb=0.6161566
43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;apnid=2327348148020347933;cb=0.6161566
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
HTTP/1.1
Server
68.71.249.118 , Canada, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 14:31:50 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Sat, 19 Mar 2022 14:31:49 GMT
X-Proxy-Origin
185.213.155.164; 185.213.155.164; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
286aa72c-5c8a-44e9-a560-89b588707805
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://udmserve.net/udm/fetch.pix?dt=1;apnid=2327348148020347933;cb=0.6161566
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjdEQTVENDAtREQ3Ni00N0RGLUIxNEUtMjc1MTdGRTk2NDk4&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjdEQTVENDAtREQ3Ni00N0RGLUIxNEUtMjc1MTdGRTk2NDk4&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3D67DA5D40-DD76-47DF-B14E-27517FE96498;cb=0.6161566
  • https://udmserve.net/udm/fetch.pix?pmid=67DA5D40-DD76-47DF-B14E-27517FE96498;cb=0.6161566
43 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?pmid=67DA5D40-DD76-47DF-B14E-27517FE96498;cb=0.6161566
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
HTTP/1.1
Server
68.71.249.118 , Canada, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 14:31:52 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://udmserve.net/udm/fetch.pix?pmid=67DA5D40-DD76-47DF-B14E-27517FE96498;cb=0.6161566
date
Sat, 19 Mar 2022 14:31:52 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
services
sync.technoratimedia.com/ 		0
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=54&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bsncr%3D[USER_ID]%3Bcb%3D0.6161566
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.156.92 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:50 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
667095657
access-control-allow-origin
https://resistthemainstream.org/
access-control-allow-credentials
true
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvYzdkZDY5MjQwN2NmMjlmO...
s-img.mgid.com/g/11533299/492x277/-/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533299/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvYzdkZDY5MjQwN2NmMjlmOWJlNDllZmVlYWJlYTVhMDEuanBlZw.webp?v=1647700309-IdLiAX5g52GxqjxhsKGpdVdi40E8dmkZW3XsB3JI6Mw
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
774a47a3274b099c44adc9b26b1dd0e70515553b36c9ae0e2012b9ec475fae5d

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:49 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 12:23:56 GMT
x-mg-request-uuid
a6c05070-eebd-48ca-92b6-1b97c994f74c
age
46176
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ee6e9f8693f8ffb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9806
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNi8xMDE5MjQvODU4YTZkM2Y4NzVhMmQ0M...
s-img.mgid.com/g/11533466/492x277/-/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533466/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNi8xMDE5MjQvODU4YTZkM2Y4NzVhMmQ0MjYyNDA0ZjY0ZjhlZTg1MjIuanBlZw.webp?v=1647700309-8KMf-rXq6Kb24mZE8HPRfTPNQFmFUMUMe4tQEBFRqno
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4da1c4f9b122553bed33f4ada4915dca3f4109a589d79b327ee4dd226d78a1fe

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:50 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 12:35:23 GMT
x-mg-request-uuid
80dd1754-5dfc-44ec-bf35-0816bdd614cc
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ee6e9f8694e8ffb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11530
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvNzA4Zjg4MTdjZmQxNzk3N...
s-img.mgid.com/g/11533300/492x277/-/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533300/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvNzA4Zjg4MTdjZmQxNzk3N2NlZmIzYzEzNDlhODkxYjQuanBlZw.webp?v=1647700309-h0tNQJd0--lh90QtEm62GT64rMVNY0J2S6izAzD8kgA
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b60deb0a2079173ef23e3525d66b6a0681b8305a2a699ae059c1f360bfbb882c

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:50 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 12:23:50 GMT
x-mg-request-uuid
050598ef-6c2d-4a62-8f1f-eff725a8ba85
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ee6e9f869418ffb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38134
server
cloudflare
aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzM4MDM0OGNiLmpwZWc.jpg
s-img.mgid.com/l/-/492x277/-/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/l/-/492x277/-/aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzM4MDM0OGNiLmpwZWc.jpg?v=1647700309-PIMASEcHNzsMeDiw1RuIy87CMxmd-r_G3S6T2KAG3C4
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
693c1fc05326e4380777179beeb3c1487c75efb8c83fc995a3a8d8c7c756885f

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:49 GMT
cf-cache-status
HIT
x-mg-request-uuid
c0472af3-7251-4ecd-be77-d8eaa1d23776
age
4601932
cf-polished
qual=85, origFmt=jpeg, origSize=41842
content-disposition
inline; filename="aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzM4MDM0OGNiLmpwZWc.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32968
last-modified
Thu, 11 Nov 2021 15:40:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ee6e9f869448ffb-FRA
cf-bgj
imgq:85,h2pri
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzI5YzJmMTJhMmJhYWMxOTA2OTJjOWE3NWI3ZDM3ZWI1LmpwZz90PTE0OTc5ODEyMTMzMDg.webp
s-img.mgid.com/g/3805476/492x277/0x0x629x419/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805476/492x277/0x0x629x419/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzI5YzJmMTJhMmJhYWMxOTA2OTJjOWE3NWI3ZDM3ZWI1LmpwZz90PTE0OTc5ODEyMTMzMDg.webp?v=1647700309-Q8U6Slc1wz16GhcICzbK5OFpiNNElVGHAcN1alkUH1Y
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7e32e5e847040d47488bb18845a0f48df86610553087c54e8acadeb81e08314

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:50 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:57:17 GMT
x-mg-request-uuid
4d91e568-d94d-404d-b87f-8f4d0ff3ac7b
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ee6e9f869478ffb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15702
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2MzMGIwMWVkY2MyODVjOWRiNjBmOTQ5NTVmMDg2YTdiLmpwZWc.webp
s-img.mgid.com/g/4021001/492x277/0x0x600x400/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/4021001/492x277/0x0x600x400/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2MzMGIwMWVkY2MyODVjOWRiNjBmOTQ5NTVmMDg2YTdiLmpwZWc.webp?v=1647700309-_WvUsvMWAb61OOlyeTNuV4Wz3-abSFhpycKAmlnZnO0
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
796cec06ffa8e443daa212746833ef3e0f04304e75edc1c3d213644bab554177

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:50 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:57:26 GMT
x-mg-request-uuid
854760d5-da08-4228-a779-8cf3008630e1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ee6e9f869438ffb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29590
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE5Mjg1Y2FiMDIyMDQ2ODE5NGIxNzU3ZTZmMzhjZDQ3LmpwZWc.webp
s-img.mgid.com/g/3944304/492x277/0x0x758x505/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3944304/492x277/0x0x758x505/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE5Mjg1Y2FiMDIyMDQ2ODE5NGIxNzU3ZTZmMzhjZDQ3LmpwZWc.webp?v=1647700309-YFmaNm7DoeJz67B9XZGYWZ6vn1N_EmbFD31SgiCjQVY
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecbdc9f1e55d45f2d3bc54332fb50391b3a3bd543e8d8d74af48994d0a471aff

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:50 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:50:45 GMT
x-mg-request-uuid
a34a8c88-20e4-4d3f-aefd-fafc0511d61a
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ee6e9f869558ffb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20236
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzEwMTkyNC8yMDE2LTAyLTA0LzBmMjgxYWIxNzU5MWUwMTg1OTkyMzM1ZmY0ODA2MzI2LmpwZz90PTE0NTQ2MDU2NjY3MDg.webp
s-img.mgid.com/g/3805522/492x277/0x0x492x328/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805522/492x277/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzEwMTkyNC8yMDE2LTAyLTA0LzBmMjgxYWIxNzU5MWUwMTg1OTkyMzM1ZmY0ODA2MzI2LmpwZz90PTE0NTQ2MDU2NjY3MDg.webp?v=1647700309-ke8sPIiJsA3etve9yJ4P2wjIrHepDspYsl-nFOGe2uU
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4714d22cc612d556d4bd3809a0bd3c4a3f76ae00c20ae9a6430323b37715d715

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:50 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:56:41 GMT
x-mg-request-uuid
434f79e5-33e9-447f-bfbe-670065328b33
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ee6e9f869528ffb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20178
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzE2N2M0OTZmNzkyOThhYzBlNGRhZDgwN2VhMGI2Y2U1LmpwZz90PTE0OTc5ODQwMTQ5NjU.webp
s-img.mgid.com/g/3805581/492x277/0x205x800x533/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805581/492x277/0x205x800x533/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzE2N2M0OTZmNzkyOThhYzBlNGRhZDgwN2VhMGI2Y2U1LmpwZz90PTE0OTc5ODQwMTQ5NjU.webp?v=1647700309-SlZVC7AE7oJAi72HgI9Spny9tinyr60nbSek2Svzj80
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9008e524d312aaa432d947d596ded351c2b2f668d067d0257463d67db9b88927

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:50 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:47:08 GMT
x-mg-request-uuid
f5feeca4-866b-43e2-b9d2-88ebcc9ad5d7
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ee6e9f869588ffb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16368
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzZkZDExYzI5ZWFhNzViYmU1NTUyNWNkNzYxMTQwNWY5LmpwZWc.webp
s-img.mgid.com/g/8164859/492x277/0x0x899x599/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164859/492x277/0x0x899x599/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzZkZDExYzI5ZWFhNzViYmU1NTUyNWNkNzYxMTQwNWY5LmpwZWc.webp?v=1647700309-x1-ViJhYMgBZIpc1-he7_Wf5c92mRt-s3sPXMnZFZ2o
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16a318c490048a4287abdc72e1254aba85d3501e8d4132c13b1441e10c2302fe

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:50 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:45:33 GMT
x-mg-request-uuid
e51147bd-c77b-4c6f-ba90-e28e7cb1ef03
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ee6e9f8694f8ffb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21326
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2UxYjE3OTQ4ZjBmNjQxNzA2NWEzYzY4OGUwZDVhYmRjLmpwZz90PTE0OTc5ODE2MzgxODc.webp
s-img.mgid.com/g/3805479/492x277/98x0x946x630/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805479/492x277/98x0x946x630/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2UxYjE3OTQ4ZjBmNjQxNzA2NWEzYzY4OGUwZDVhYmRjLmpwZz90PTE0OTc5ODE2MzgxODc.webp?v=1647700309-mwkmJbkCNP5KGKWyDia6banz79HdtdruSkoUt-JQEOE
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fe753ed066811d0f3f5cd833bca8f539641b96e5b69a07e3297557769be22c0

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:50 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:56:45 GMT
x-mg-request-uuid
7c3996d6-14ad-425d-8318-5f6e75010555
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ee6e9f869538ffb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14090
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzVlOWZlMDM5Nzk1OTNlNjMxZmI4MmY5MTViN2JjMWIwLmpwZWc.webp
s-img.mgid.com/g/3944293/492x277/267x105x1349x899/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3944293/492x277/267x105x1349x899/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzVlOWZlMDM5Nzk1OTNlNjMxZmI4MmY5MTViN2JjMWIwLmpwZWc.webp?v=1647700309-h6ji1r13aYRm5TU3bYcM7x1eAYiT0W_LQXeaYKv9dac
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af0c0c943bc1b57cb73f429a33eaf96c9bbd3cf4f5ae75b0dab2db289e828de0

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:50 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:57:09 GMT
x-mg-request-uuid
45786c68-abe4-4c88-a04b-be0771c9374d
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ee6e9f869548ffb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4562
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2M0NjQ1ZjgwN2MzMDJlZmNiYzQxZWVhZWRmNGE5MmZjLmpwZw.webp
s-img.mgid.com/g/8193521/492x277/0x168x565x376/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193521/492x277/0x168x565x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2M0NjQ1ZjgwN2MzMDJlZmNiYzQxZWVhZWRmNGE5MmZjLmpwZw.webp?v=1647700309-jI3ZiV8o05hiTgT45wR2dr6p-WbrX69tfwB9vayiPqw
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
241681b101eb2199fb6eec6d98b077310ae29cffdd85a0f6638e6cd9500bd9bb

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:50 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:51:22 GMT
x-mg-request-uuid
205909ba-12ee-4f66-b235-aabed32cab32
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ee6e9f869498ffb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10808
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTEtMTQvMTAxOTI0LzhjZjZjYTM3NjE0MjljYzE4NjgzNWE1NjhhY2ZhZTY1LmpwZWc_dD0xNTEwNjU1NDgxODk1.webp
s-img.mgid.com/g/8193504/492x277/88x0x631x420/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193504/492x277/88x0x631x420/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTEtMTQvMTAxOTI0LzhjZjZjYTM3NjE0MjljYzE4NjgzNWE1NjhhY2ZhZTY1LmpwZWc_dD0xNTEwNjU1NDgxODk1.webp?v=1647700309-ITyP5AyPvlQslObKx6DLCAiyu82p8gd1zzGPwSWkUTE
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4f039602be2038e0926a327c4d74c12faa59101f87717ad7ea6f145a11c2401

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:50 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:40:58 GMT
x-mg-request-uuid
9ea6035e-ec72-4843-8773-2bba2d082105
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ee6e9f8694b8ffb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12834
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvN2Y3MDBjNDkzMzcyOTQ4Z...
s-img.mgid.com/g/11533488/492x277/-/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533488/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvN2Y3MDBjNDkzMzcyOTQ4ZjI2YWY5MmZjNGVjMzJlNDQuanBn.webp?v=1647700309-zJEtS65fNoqUgXFvp8rexZDNEpXqZ3v5H0t85JuAYn0
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10e7a75cc8d0554fe6b4c85110fbc6c7b89cc36acd5dfc460ceb02cc23627790

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:50 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 12:35:43 GMT
x-mg-request-uuid
2cc31c66-b287-4613-9e1a-368e82b422b8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6ee6e9f8694d8ffb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
40748
server
cloudflare
settings
syndication.twitter.com/ Frame 8C70 		293 B
468 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=8a4bd90ef5b1fbc56586b018c7a93897ac9cb57f
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fresistthemainstream.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
c41896ee7b4524bd50de896a3e2ead44700fad37e563805235b76a6621751c3e
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time
109
date
Sat, 19 Mar 2022 14:31:49 GMT
content-encoding
gzip
last-modified
Sat, 19 Mar 2022 14:31:49 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
33b9cc14c03359c664f1d2622d7359ae73b59606f8723f187265a4317d339ee9
content-length
186
mgWidget_1.11.87.es6.js
cdn.mgid.com/js/wglibs/ 		319 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mgid.com/js/wglibs/mgWidget_1.11.87.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/r/e/resistthemainstream.org.1156929.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
536bb1cf7e5e542325a3d7fbcd156fa3c495c47550b7709bd1962b02af0b3188

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:49 GMT
content-encoding
br
cf-cache-status
HIT
age
6745
last-modified
Wed, 16 Mar 2022 10:31:45 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
0KYBDWZQJ7R3Y87D
x-amz-id-2
wYvkg8oW20CsNOUdYwcUQF/LNtI8LsA+OfX1R3XyXZLGxd7mMjgNbRWF0L80Wd1DTSK5L4qZppQ=
cf-bgj
minify
server
cloudflare
etag
W/"a682ed1108bc5c40e9be1182d3660b85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=86400
cf-ray
6ee6e9f87ad99bb9-FRA
expires
Sun, 20 Mar 2022 14:31:49 GMT
rules-p-effSsmMYCbAck.js
rules.quantcount.com/ 		3 B
429 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-effSsmMYCbAck.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 17:35:06 GMT
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
age
75404
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 21:04:20 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
D8a1j0ReAZ0iwNSW3rwft2CDklAxS5PrZ3NMvrFOkWm3mIrV3_VgkQ==
rules-p-Pz67dCqdsHfxh.js
rules.quantcount.com/ 		147 B
601 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-Pz67dCqdsHfxh.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
57b7f2b2bcdd983268775ebc6ee71d208510b285d79dd058f2717248079c59d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 13:38:02 GMT
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
age
3227
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
147
last-modified
Tue, 27 Apr 2021 19:10:31 GMT
server
AmazonS3
etag
"f7c84b69d3abe411fbfc06992543fbe2"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
N1byIQ4apsEthcuAH-jW4ESczLkrxfWgB72b4a3nfOFV4Gla_mzk1g==
page
t.skimresources.com/api/v2/ 		22 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/208598X1688373.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 14:31:49 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
22
bcv1.js
bid.underdog.media/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.underdog.media/bcv1.js
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.12.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3e00:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3f3857cb96afb4e61933c6d49b2194beb393d5072cd0bcdf1bc8def1fcfdaea8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:05:15 GMT
content-encoding
gzip
last-modified
Sat, 19 Mar 2022 14:00:03 GMT
server
AmazonS3
age
1594
etag
"c2e552fb9e6df52900ff17a8863b8645"
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
cache-control
max-age=1800
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
3748
x-amz-cf-id
fwHjK3AB8oYmbqoC0xN86Q2GJoZeUB-uyEFXoPs-XEnUeUz3ATB5iA==
rr17411v7.js
bid.underdog.media/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.underdog.media/rr17411v7.js
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.12.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3e00:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7dcc72730f201a750b2ea3381cdef5fabd046b7692b32fe7c43b3188100941f1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 13:41:38 GMT
content-encoding
gzip
last-modified
Sat, 19 Mar 2022 13:30:31 GMT
server
AmazonS3
age
3012
etag
"faafad2f40d9b05309388502dbce232b"
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
cache-control
max-age=7200
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
4551
x-amz-cf-id
Sl9t5lVmLwAWnHGNEFbHi1ysW3SORC5oO6_SOG9TbFHLCx_M7mZQOQ==
img.fetch
udmserve.net/udm/ 		1 B
470 B 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=17411;tid=1;dt=6;gdprApplies=true;consentGiven=false;consentData=cmpMissing
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.12.1.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 , Canada, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 14:31:50 GMT
Connection
Keep-Alive
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Content-Length
1
Content-Type
application/x-javascript
horizon_tweet.b9ac0a13a4a1d52c80651179f4fe9b68.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/horizon_tweet.b9ac0a13a4a1d52c80651179f4fe9b68.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67F3) /
Resource Hash
f277cc840da33f2e4731e6b3e5403d7bdcaa299304aa61452deb63e297a8523b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 14:31:50 GMT
Content-Encoding
gzip
Age
316573
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
2473
x-tw-cdn
VZ
Last-Modified
Wed, 16 Feb 2022 18:36:23 GMT
Server
ECS (frb/67F3)
Etag
"29cf2e2367fd80ea2a4908fe0d316028+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
pixel;r=834705050;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram;uht=2;fpan=1;fp...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=834705050;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram;uht=2;fpan=1;fpa=P0-788393580-1647700310015;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=resistthemainstream.org;je=0;sr=1600x1200x24;dst=0;et=1647700310015;tzo=0;ogl=locale.en_US%2Ctype.article%2Ctitle.Plan%20to%20Re-Open%20The%20Capitol%20Revealed%20After%20Being%20Closed%20for%20Two%20Years%2Cdescription.Well%20isn't%20that%20convenient%252E%252E%252E%2Curl.https%3A%2F%2Fresistthemainstream%252Eorg%2Fplan-to-re-open-the-capitol-revealed-after-being%2Csite_name.Resist%20the%20Mainstream%2Cimage.https%3A%2F%2Fresistthemainstream%252Eorg%2Fwp-content%2Fuploads%2F2022%2F03%2FUntitled-1-43%252Ejpg%2Cimage%3Awidth.1200%2Cimage%3Aheight.630%2Cimage%3Atype.image%2Fjpeg
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 14:31:50 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel;r=1694006519;labels=edge.1%2Csid.17411;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1694006519;labels=edge.1%2Csid.17411;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram;uht=2;fpan=0;fpa=P0-788393580-1647700310015;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=resistthemainstream.org;je=0;sr=1600x1200x24;dst=0;et=1647700310017;tzo=0;ogl=locale.en_US%2Ctype.article%2Ctitle.Plan%20to%20Re-Open%20The%20Capitol%20Revealed%20After%20Being%20Closed%20for%20Two%20Years%2Cdescription.Well%20isn't%20that%20convenient%252E%252E%252E%2Curl.https%3A%2F%2Fresistthemainstream%252Eorg%2Fplan-to-re-open-the-capitol-revealed-after-being%2Csite_name.Resist%20the%20Mainstream%2Cimage.https%3A%2F%2Fresistthemainstream%252Eorg%2Fwp-content%2Fuploads%2F2022%2F03%2FUntitled-1-43%252Ejpg%2Cimage%3Awidth.1200%2Cimage%3Aheight.630%2Cimage%3Atype.image%2Fjpeg
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 14:31:50 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
Tweet.html
platform.twitter.com/embed/ Frame 1547 		487 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1503480795540901896&lang=en&origin=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F&sessionId=8a4bd90ef5b1fbc56586b018c7a93897ac9cb57f&theme=light&widgetsVersion=2582c61%3A1645036219416&width=600px
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668C) /
Resource Hash
536886986ff7dd4a2cc4ceee9e5a286cd4fa8346573a8b7564cc1293ba5ba43e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Age
206
Cache-Control
public, max-age=1800
Content-Type
text/html; charset=utf-8
Date
Sat, 19 Mar 2022 14:31:50 GMT
Etag
"1ff2961abd5b04cc5e0b8c3636b3c629"
Last-Modified
Tue, 15 Mar 2022 22:32:58 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/668C)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
487
Tweet.html
platform.twitter.com/embed/ Frame 4BE0 		487 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1503480797214519297&lang=en&origin=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F&sessionId=8a4bd90ef5b1fbc56586b018c7a93897ac9cb57f&theme=light&widgetsVersion=2582c61%3A1645036219416&width=600px
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6725) /
Resource Hash
536886986ff7dd4a2cc4ceee9e5a286cd4fa8346573a8b7564cc1293ba5ba43e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Age
702
Cache-Control
public, max-age=1800
Content-Type
text/html; charset=utf-8
Date
Sat, 19 Mar 2022 14:31:50 GMT
Etag
"1ff2961abd5b04cc5e0b8c3636b3c629"
Last-Modified
Tue, 15 Mar 2022 22:32:58 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6725)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
487
jot
syndication.twitter.com/i/ 		43 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?dnt=1&l=%7B%22experiment_key%22%3A%22tfw_skeleton_loading_13398%22%2C%22bucket%22%3A%22cta%22%2C%22version%22%3Anull%2C%22data%22%3A%7B%22item_ids%22%3A%5B%221503480795540901896%22%5D%2C%22item_details%22%3A%7B%221503480795540901896%22%3A%7B%22item_type%22%3A0%7D%7D%7D%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1647700310040%2C%22dnt%22%3Atrue%2C%22client_version%22%3A%222582c61%3A1645036219416%22%2C%22format_version%22%3A1%2C%22widget_origin%22%3A%22%22%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22ddg%22%2C%22section%22%3A%22tfw_skeleton_loading_13398%22%2C%22action%22%3A%22experiment%22%7D%7D&session_id=8a4bd90ef5b1fbc56586b018c7a93897ac9cb57f
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
110
pragma
no-cache
last-modified
Sat, 19 Mar 2022 14:31:50 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
33b9cc14c03359c664f1d2622d7359ae73b59606f8723f187265a4317d339ee9
x-transaction
ee81a26874b8a1cf
expires
Tue, 31 Mar 1981 05:00:00 GMT
jot
syndication.twitter.com/i/ 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?dnt=1&l=%7B%22experiment_key%22%3A%22tfw_skeleton_loading_13398%22%2C%22bucket%22%3A%22cta%22%2C%22version%22%3Anull%2C%22data%22%3A%7B%22item_ids%22%3A%5B%221503480797214519297%22%5D%2C%22item_details%22%3A%7B%221503480797214519297%22%3A%7B%22item_type%22%3A0%7D%7D%7D%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1647700310040%2C%22dnt%22%3Atrue%2C%22client_version%22%3A%222582c61%3A1645036219416%22%2C%22format_version%22%3A1%2C%22widget_origin%22%3A%22%22%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22ddg%22%2C%22section%22%3A%22tfw_skeleton_loading_13398%22%2C%22action%22%3A%22experiment%22%7D%7D&session_id=8a4bd90ef5b1fbc56586b018c7a93897ac9cb57f
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
108
pragma
no-cache
last-modified
Sat, 19 Mar 2022 14:31:50 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
33b9cc14c03359c664f1d2622d7359ae73b59606f8723f187265a4317d339ee9
x-transaction
2f46fb173e4f9e71
expires
Tue, 31 Mar 1981 05:00:00 GMT
embed.runtime.6b5d3661e7231f9606f3.js
platform.twitter.com/embed/ Frame 1547 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1503480795540901896&lang=en&origin=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F&sessionId=8a4bd90ef5b1fbc56586b018c7a93897ac9cb57f&theme=light&widgetsVersion=2582c61%3A1645036219416&width=600px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67F3) /
Resource Hash
565b9076d7629a85fcd1ea6c5c0b2af1bf01c93777f0d6ef0c11fbacaa8e79b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1503480795540901896&lang=en&origin=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F&sessionId=8a4bd90ef5b1fbc56586b018c7a93897ac9cb57f&theme=light&widgetsVersion=2582c61%3A1645036219416&width=600px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 14:31:50 GMT
Content-Encoding
gzip
Age
316573
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
4452
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (frb/67F3)
Etag
"4fd3e986c160013643e8bc617c599e49+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.modules.aef85bf61d706d7edafa.js
platform.twitter.com/embed/ Frame 1547 		515 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.modules.aef85bf61d706d7edafa.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1503480795540901896&lang=en&origin=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F&sessionId=8a4bd90ef5b1fbc56586b018c7a93897ac9cb57f&theme=light&widgetsVersion=2582c61%3A1645036219416&width=600px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/673A) /
Resource Hash
655564f3a2be989067e2cb2c6bc9995a55ae13ec9cc0d0c3dc128961faad15e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1503480795540901896&lang=en&origin=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F&sessionId=8a4bd90ef5b1fbc56586b018c7a93897ac9cb57f&theme=light&widgetsVersion=2582c61%3A1645036219416&width=600px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 14:31:50 GMT
Content-Encoding
gzip
Age
316570
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
171389
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (frb/673A)
Etag
"b2faf8accdee57f7929c5b7623e6e7a3+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.i18n.293ca00a272b34d032a9.js
platform.twitter.com/embed/ Frame 1547 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.i18n.293ca00a272b34d032a9.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1503480795540901896&lang=en&origin=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F&sessionId=8a4bd90ef5b1fbc56586b018c7a93897ac9cb57f&theme=light&widgetsVersion=2582c61%3A1645036219416&width=600px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6762) /
Resource Hash
f6b352979b0153deb67020a332f179fb99a0822040de5e019af272c2920192b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1503480795540901896&lang=en&origin=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F&sessionId=8a4bd90ef5b1fbc56586b018c7a93897ac9cb57f&theme=light&widgetsVersion=2582c61%3A1645036219416&width=600px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 14:31:50 GMT
Content-Encoding
gzip
Age
316573
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
792
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (frb/6762)
Etag
"22e04932e731bc174868c60c46980c73+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.Tweet.c31baac24debe5533d7c.js
platform.twitter.com/embed/ Frame 1547 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.Tweet.c31baac24debe5533d7c.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1503480795540901896&lang=en&origin=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F&sessionId=8a4bd90ef5b1fbc56586b018c7a93897ac9cb57f&theme=light&widgetsVersion=2582c61%3A1645036219416&width=600px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C0) /
Resource Hash
285489efae847a15226d6c6e35a17a7ea953985b6cdd7803c6b8fba0c20ee7d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1503480795540901896&lang=en&origin=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F&sessionId=8a4bd90ef5b1fbc56586b018c7a93897ac9cb57f&theme=light&widgetsVersion=2582c61%3A1645036219416&width=600px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 14:31:50 GMT
Content-Encoding
gzip
Age
316573
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=2
Content-Length
5529
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (frb/67C0)
Etag
"b96eda3c68570721e8ffec6945c4166c+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.runtime.6b5d3661e7231f9606f3.js
platform.twitter.com/embed/ Frame 4BE0 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1503480797214519297&lang=en&origin=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F&sessionId=8a4bd90ef5b1fbc56586b018c7a93897ac9cb57f&theme=light&widgetsVersion=2582c61%3A1645036219416&width=600px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67F3) /
Resource Hash
565b9076d7629a85fcd1ea6c5c0b2af1bf01c93777f0d6ef0c11fbacaa8e79b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1503480797214519297&lang=en&origin=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F&sessionId=8a4bd90ef5b1fbc56586b018c7a93897ac9cb57f&theme=light&widgetsVersion=2582c61%3A1645036219416&width=600px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 14:31:50 GMT
Content-Encoding
gzip
Age
316573
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
4452
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (frb/67F3)
Etag
"4fd3e986c160013643e8bc617c599e49+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.modules.aef85bf61d706d7edafa.js
platform.twitter.com/embed/ Frame 4BE0 		515 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.modules.aef85bf61d706d7edafa.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1503480797214519297&lang=en&origin=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F&sessionId=8a4bd90ef5b1fbc56586b018c7a93897ac9cb57f&theme=light&widgetsVersion=2582c61%3A1645036219416&width=600px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/673A) /
Resource Hash
655564f3a2be989067e2cb2c6bc9995a55ae13ec9cc0d0c3dc128961faad15e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1503480797214519297&lang=en&origin=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F&sessionId=8a4bd90ef5b1fbc56586b018c7a93897ac9cb57f&theme=light&widgetsVersion=2582c61%3A1645036219416&width=600px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 14:31:50 GMT
Content-Encoding
gzip
Age
316570
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
171389
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (frb/673A)
Etag
"b2faf8accdee57f7929c5b7623e6e7a3+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.i18n.293ca00a272b34d032a9.js
platform.twitter.com/embed/ Frame 4BE0 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.i18n.293ca00a272b34d032a9.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1503480797214519297&lang=en&origin=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F&sessionId=8a4bd90ef5b1fbc56586b018c7a93897ac9cb57f&theme=light&widgetsVersion=2582c61%3A1645036219416&width=600px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6762) /
Resource Hash
f6b352979b0153deb67020a332f179fb99a0822040de5e019af272c2920192b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1503480797214519297&lang=en&origin=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F&sessionId=8a4bd90ef5b1fbc56586b018c7a93897ac9cb57f&theme=light&widgetsVersion=2582c61%3A1645036219416&width=600px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 14:31:50 GMT
Content-Encoding
gzip
Age
316573
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
792
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (frb/6762)
Etag
"22e04932e731bc174868c60c46980c73+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.Tweet.c31baac24debe5533d7c.js
platform.twitter.com/embed/ Frame 4BE0 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.Tweet.c31baac24debe5533d7c.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1503480797214519297&lang=en&origin=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F&sessionId=8a4bd90ef5b1fbc56586b018c7a93897ac9cb57f&theme=light&widgetsVersion=2582c61%3A1645036219416&width=600px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C0) /
Resource Hash
285489efae847a15226d6c6e35a17a7ea953985b6cdd7803c6b8fba0c20ee7d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1503480797214519297&lang=en&origin=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F&sessionId=8a4bd90ef5b1fbc56586b018c7a93897ac9cb57f&theme=light&widgetsVersion=2582c61%3A1645036219416&width=600px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 14:31:50 GMT
Content-Encoding
gzip
Age
316573
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=2
Content-Length
5529
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (frb/67C0)
Etag
"b96eda3c68570721e8ffec6945c4166c+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.vendors~ondemand.en-js.fb959cd7154f3c56a8da.js
platform.twitter.com/embed/ Frame 1547 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.en-js.fb959cd7154f3c56a8da.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668C) /
Resource Hash
0a5377eb8e83be2ee2593492f90bebbd34724ec051ef4e5332b9d4d4ea0195cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1503480795540901896&lang=en&origin=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F&sessionId=8a4bd90ef5b1fbc56586b018c7a93897ac9cb57f&theme=light&widgetsVersion=2582c61%3A1645036219416&width=600px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 14:31:50 GMT
Content-Encoding
gzip
Age
316573
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
12780
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (frb/668C)
Etag
"620123f935ecdf8c083ef823e0eeda3d+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.en-js.e84cb370ed3e40856450.js
platform.twitter.com/embed/ Frame 1547 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.en-js.e84cb370ed3e40856450.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6727) /
Resource Hash
486bcf8532c028937fb68a57bcf22a6e0862c8e1ab157ea639979d0f7ea9b74d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1503480795540901896&lang=en&origin=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F&sessionId=8a4bd90ef5b1fbc56586b018c7a93897ac9cb57f&theme=light&widgetsVersion=2582c61%3A1645036219416&width=600px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 14:31:50 GMT
Content-Encoding
gzip
Age
316573
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=2
Content-Length
1801
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (frb/6727)
Etag
"668b3e5058c7ed61a38da6c433123235+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.i18n.en-js.5cdc09e4a37a07720433.js
platform.twitter.com/embed/ Frame 1547 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.5cdc09e4a37a07720433.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6795) /
Resource Hash
790ec30d324db549e4f6f3c493251e6e7d4337f0abb13c8e8873fff8b7b235fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1503480795540901896&lang=en&origin=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F&sessionId=8a4bd90ef5b1fbc56586b018c7a93897ac9cb57f&theme=light&widgetsVersion=2582c61%3A1645036219416&width=600px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 14:31:50 GMT
Content-Encoding
gzip
Age
316573
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
1801
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (frb/6795)
Etag
"3fa047c294a1fd7d30105f7a1e2febcc+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
5f431e98-d068-4121-80c6-6b10f6bbe34f
player.ex.co/player/ 		768 KB
224 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ex.co/player/5f431e98-d068-4121-80c6-6b10f6bbe34f
Requested by
Host: cdn.mgid.com
URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.87.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
15bd07d469bbe71b547f41bade4956f8e2ee591240fed171cdee7bead7a11027

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:50 GMT
content-encoding
gzip
age
0
x-cache
HIT, HIT
access-control-max-age
600
content-length
228249
x-served-by
cache-iad-kiad7000179-IAD, cache-hhn4047-HHN
access-control-allow-origin
*
server
nginx
x-timer
S1647700310.205966,VS0,VE100
etag
W/"bfe28-lyIqK7+z8fssnjNnUlniy0l5hP0"
vary
Accept-Encoding, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
no-cache
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
1, 1
embed.vendors~ondemand.en-js.fb959cd7154f3c56a8da.js
platform.twitter.com/embed/ Frame 4BE0 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.en-js.fb959cd7154f3c56a8da.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668C) /
Resource Hash
0a5377eb8e83be2ee2593492f90bebbd34724ec051ef4e5332b9d4d4ea0195cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1503480797214519297&lang=en&origin=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F&sessionId=8a4bd90ef5b1fbc56586b018c7a93897ac9cb57f&theme=light&widgetsVersion=2582c61%3A1645036219416&width=600px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 14:31:50 GMT
Content-Encoding
gzip
Age
316573
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
12780
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (frb/668C)
Etag
"620123f935ecdf8c083ef823e0eeda3d+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.en-js.e84cb370ed3e40856450.js
platform.twitter.com/embed/ Frame 4BE0 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.en-js.e84cb370ed3e40856450.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6727) /
Resource Hash
486bcf8532c028937fb68a57bcf22a6e0862c8e1ab157ea639979d0f7ea9b74d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1503480797214519297&lang=en&origin=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F&sessionId=8a4bd90ef5b1fbc56586b018c7a93897ac9cb57f&theme=light&widgetsVersion=2582c61%3A1645036219416&width=600px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 14:31:50 GMT
Content-Encoding
gzip
Age
316573
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
1801
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (frb/6727)
Etag
"668b3e5058c7ed61a38da6c433123235+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.i18n.en-js.5cdc09e4a37a07720433.js
platform.twitter.com/embed/ Frame 4BE0 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.5cdc09e4a37a07720433.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6795) /
Resource Hash
790ec30d324db549e4f6f3c493251e6e7d4337f0abb13c8e8873fff8b7b235fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1503480797214519297&lang=en&origin=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F&sessionId=8a4bd90ef5b1fbc56586b018c7a93897ac9cb57f&theme=light&widgetsVersion=2582c61%3A1645036219416&width=600px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 14:31:50 GMT
Content-Encoding
gzip
Age
316573
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=2
Content-Length
1801
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (frb/6795)
Etag
"3fa047c294a1fd7d30105f7a1e2febcc+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
v2gny0oMys2mog17R1IiWTUBKAGEc6ZnKRVcvTKI-uJ4VrzwlHSK5YBG5My5w6PWnd23JvXOz
fearlessfaucet.com/ 		209 B
650 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fearlessfaucet.com/v2gny0oMys2mog17R1IiWTUBKAGEc6ZnKRVcvTKI-uJ4VrzwlHSK5YBG5My5w6PWnd23JvXOz
Requested by
Host: fearlessfaucet.com
URL: https://fearlessfaucet.com/v2fdl5ImIhc3r9VnbMUN5dbvfvvXftac9Qf8ypHfV3kgsyZTjlpn235Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.62.199 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
199.62.190.35.bc.googleusercontent.com
Software
/
Resource Hash
6f46e1e92fc6efecd0baf71ebccbc80c1753a2ab813ba37624b90e96325b54bc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
access-control-allow-methods
POST, OPTIONS
x-datacenter
gce-europe-west1
date
Sat, 19 Mar 2022 14:31:50 GMT
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-spot-kh86
content-type
application/json; charset=utf-8
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-buildnumber
491834569
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
209
expires
Sat, 19 Mar 2022 14:31:49 GMT
embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.784c14fad3ed09aa7f26.js
platform.twitter.com/embed/ Frame 1547 		418 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.784c14fad3ed09aa7f26.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BA) /
Resource Hash
62e15c717c858b539583d56df60087d0f0851a69480f52e5637a50fd60d1e53e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1503480795540901896&lang=en&origin=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F&sessionId=8a4bd90ef5b1fbc56586b018c7a93897ac9cb57f&theme=light&widgetsVersion=2582c61%3A1645036219416&width=600px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 14:31:50 GMT
Content-Encoding
gzip
Age
316573
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
118888
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (frb/67BA)
Etag
"837121804a3c0a218129592fe2f12885+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.vendors~ondemand.Tweet.d4dc6d9f20302d27b041.js
platform.twitter.com/embed/ Frame 1547 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.d4dc6d9f20302d27b041.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6776) /
Resource Hash
96840d8bad80f92a013bab64796aa1a29ae6f08e8b5d519e25f37877098b391d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1503480795540901896&lang=en&origin=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F&sessionId=8a4bd90ef5b1fbc56586b018c7a93897ac9cb57f&theme=light&widgetsVersion=2582c61%3A1645036219416&width=600px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 14:31:50 GMT
Content-Encoding
gzip
Age
316573
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=173
Content-Length
10666
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (frb/6776)
Etag
"f62e0963926319acfa13d3ac4b7b0d38+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.44711848a6d644a51d82.js
platform.twitter.com/embed/ Frame 1547 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.44711848a6d644a51d82.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BC) /
Resource Hash
ffcca73fcf57a9104b8b1c23c45b32b01994b657acff47a8b8737a51b5049657

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1503480795540901896&lang=en&origin=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F&sessionId=8a4bd90ef5b1fbc56586b018c7a93897ac9cb57f&theme=light&widgetsVersion=2582c61%3A1645036219416&width=600px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 14:31:50 GMT
Content-Encoding
gzip
Age
316573
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
5646
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (frb/67BC)
Etag
"4d13e6c6f6b371c7531e1f6cb42e8677+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.Tweet.3debca4342f31b7db9e1.js
platform.twitter.com/embed/ Frame 1547 		57 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.Tweet.3debca4342f31b7db9e1.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67F3) /
Resource Hash
171b2560bfb2a27b4387a2f3c5b2454535409c0c15b6bcb084f5327ed0db2188

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1503480795540901896&lang=en&origin=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F&sessionId=8a4bd90ef5b1fbc56586b018c7a93897ac9cb57f&theme=light&widgetsVersion=2582c61%3A1645036219416&width=600px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 14:31:50 GMT
Content-Encoding
gzip
Age
316573
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=2
Content-Length
13185
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (frb/67F3)
Etag
"982e43879d90b230cc9448e954bc2cbe+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
v2pls3P7yzlOPd8MsBYDyzAE1aSBiRBY0A3H0sztaqPzH7yqkOy7uOQL5mKRe7GJyKhHJAViE
fearlessfaucet.com/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fearlessfaucet.com/v2pls3P7yzlOPd8MsBYDyzAE1aSBiRBY0A3H0sztaqPzH7yqkOy7uOQL5mKRe7GJyKhHJAViE
Requested by
Host: fearlessfaucet.com
URL: https://fearlessfaucet.com/v2fdl5ImIhc3r9VnbMUN5dbvfvvXftac9Qf8ypHfV3kgsyZTjlpn235Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.62.199 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
199.62.190.35.bc.googleusercontent.com
Software
/
Resource Hash
b05ce4798b8e18bb0025144c59c1d1325d349d9844ce81705d9e3a16d8bca69e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
x-datacenter
gce-europe-west1
date
Sat, 19 Mar 2022 14:31:50 GMT
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-spot-kh86
content-type
application/json; charset=utf-8
access-control-allow-origin
https://resistthemainstream.org
access-control-allow-credentials
true
access-control-allow-methods
POST, OPTIONS
x-buildnumber
491834569
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
1367
embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.784c14fad3ed09aa7f26.js
platform.twitter.com/embed/ Frame 4BE0 		418 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.784c14fad3ed09aa7f26.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BA) /
Resource Hash
62e15c717c858b539583d56df60087d0f0851a69480f52e5637a50fd60d1e53e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1503480797214519297&lang=en&origin=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F&sessionId=8a4bd90ef5b1fbc56586b018c7a93897ac9cb57f&theme=light&widgetsVersion=2582c61%3A1645036219416&width=600px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 14:31:50 GMT
Content-Encoding
gzip
Age
316573
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
118888
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (frb/67BA)
Etag
"837121804a3c0a218129592fe2f12885+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.vendors~ondemand.Tweet.d4dc6d9f20302d27b041.js
platform.twitter.com/embed/ Frame 4BE0 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.d4dc6d9f20302d27b041.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6776) /
Resource Hash
96840d8bad80f92a013bab64796aa1a29ae6f08e8b5d519e25f37877098b391d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1503480797214519297&lang=en&origin=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F&sessionId=8a4bd90ef5b1fbc56586b018c7a93897ac9cb57f&theme=light&widgetsVersion=2582c61%3A1645036219416&width=600px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 14:31:50 GMT
Content-Encoding
gzip
Age
316573
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=165
Content-Length
10666
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (frb/6776)
Etag
"f62e0963926319acfa13d3ac4b7b0d38+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.44711848a6d644a51d82.js
platform.twitter.com/embed/ Frame 4BE0 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.44711848a6d644a51d82.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BC) /
Resource Hash
ffcca73fcf57a9104b8b1c23c45b32b01994b657acff47a8b8737a51b5049657

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1503480797214519297&lang=en&origin=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F&sessionId=8a4bd90ef5b1fbc56586b018c7a93897ac9cb57f&theme=light&widgetsVersion=2582c61%3A1645036219416&width=600px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 14:31:50 GMT
Content-Encoding
gzip
Age
316573
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
5646
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (frb/67BC)
Etag
"4d13e6c6f6b371c7531e1f6cb42e8677+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.Tweet.3debca4342f31b7db9e1.js
platform.twitter.com/embed/ Frame 4BE0 		57 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.Tweet.3debca4342f31b7db9e1.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67F3) /
Resource Hash
171b2560bfb2a27b4387a2f3c5b2454535409c0c15b6bcb084f5327ed0db2188

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1503480797214519297&lang=en&origin=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F&sessionId=8a4bd90ef5b1fbc56586b018c7a93897ac9cb57f&theme=light&widgetsVersion=2582c61%3A1645036219416&width=600px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 14:31:50 GMT
Content-Encoding
gzip
Age
316573
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
13185
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (frb/67F3)
Etag
"982e43879d90b230cc9448e954bc2cbe+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
events
prd-collector-anon.ex.co/main/ 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/5f431e98-d068-4121-80c6-6b10f6bbe34f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.78.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-78-200.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://resistthemainstream.org
date
Sat, 19 Mar 2022 14:31:51 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
css2
fonts.googleapis.com/ 		2 KB
549 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 19 Mar 2022 12:54:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 19 Mar 2022 14:31:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 19 Mar 2022 14:31:50 GMT
hls.min.js
player.avplayer.com/script/2/2.55/libs/ 		247 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/5f431e98-d068-4121-80c6-6b10f6bbe34f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:50 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdu6xL9vZrltTUvDKnXQzibfMA-uDG79tRFMOGfB_TO6CYIv2e3b12_ByRZhYw4vma0s_tGz-_OW10A0nnFeqrd3Bz98iA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
71831
last-modified
Sun, 10 Jan 2021 14:52:52 GMT
server
UploadServer
etag
"7888b98658e8cef4a98786556ccdab66"
vary
Accept-Encoding
x-goog-hash
crc32c=vMWMIg==, md5=eIi5hljozvSph4ZVbM2rZg==
content-language
en
x-goog-generation
1610290372874389
cache-control
public, max-age=300
x-goog-stored-content-length
71831
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 19 Mar 2022 14:36:50 GMT
truncated
/ 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		385 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		237 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		238 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		411 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		240 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
AVmanager.js
player.aniview.com/script/6.1/ Frame 197B 		364 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/5f431e98-d068-4121-80c6-6b10f6bbe34f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
624bb529d39e9f16e1be8aaeb07645c36c9a44f32ed2cb8f48e08657b076e68c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:50 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvX_hutG41CYO-3GkD5Vsd4Vw50LSHkfEw71HeNtkLNRflm7_XKe_hoRQUEaivKcf6NQCBK_6GNAy50_957FMk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
104648
last-modified
Thu, 17 Mar 2022 07:46:20 GMT
server
UploadServer
etag
"edfdc1c027f3005cf82800fd81f3275d"
vary
Accept-Encoding
x-goog-hash
crc32c=B5yC1g==, md5=7f3BwCfzAFz4KAD9gfMnXQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1647503180640239
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
104648
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 19 Mar 2022 14:36:50 GMT
events
prd-collector-anon.ex.co/main/ 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/5f431e98-d068-4121-80c6-6b10f6bbe34f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.78.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-78-200.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://resistthemainstream.org
date
Sat, 19 Mar 2022 14:31:51 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
track
atrack.avplayer.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M16&cb=1647700310485&cid=6187a5a49268ad27da7716d8&VERSION=4.136.2&AV_PAGE_LOAD_UID=a01c5e37-e242-4242-8e07-30f1543b053a&AV_CDIM4=a01c5e37-e242-4242-8e07-30f1543b053a&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.241.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-241-167.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:51 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.jpg
mcd.ex.co/video/upload/so_4/v1490095101/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcd.ex.co/video/upload/so_4/v1490095101/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.jpg
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.26 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-26.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
1bca4a705ef93f6b9bafd53dc72d65bf27043528bf4b6a3ca1221e106199dcfb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 14:31:50 GMT
Cache-Tag
299890703640246977373298896385374012786,500985839247587350039760902055362878337,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
37027
X-Served-By
cache-wdc5534-WDC
Last-Modified
Wed, 26 May 2021 08:05:18 GMT
Server
cloudinary
X-Timer
S1647338313.350511,VS0,VE47
ETag
"2732577eca40b841e4df6e310613968a"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31195514
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
tweet
cdn.syndication.twimg.com/ Frame 1547 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/tweet?features=tfw_experiments_cookie_expiration%3A1209600%3Btfw_horizon_tweet_embed_9555%3Ahte%3Btfw_skeleton_loading_13398%3Acta%3Btfw_space_card%3Aoff&id=1503480795540901896&lang=en
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.aef85bf61d706d7edafa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_f / Express
Resource Hash
ed32cfad367c05510973eab6fa8177438819604f254c815680d91328cdf5ae32
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding
gzip
etag
W/"658-ggjtWWQ0r0e5wTtnHjq3vfajaRM"
x-powered-by
Express
access-control-allow-methods
GET
server-timing
"x-cache;desc= ,x-tw-cdn;desc=VZ",edge;dur=164
strict-transport-security
max-age=631138519
x-xss-protection
0
x-response-time
148
server
tsa_f
x-frame-options
SAMEORIGIN
date
Sat, 19 Mar 2022 14:31:51 GMT
vary
Origin, Accept-Encoding
x-tw-cdn
VZ, VZ
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=60
access-control-allow-credentials
true
x-connection-hash
ed59381398db80641139c18faf36b54a26d1982ff22c8059502905b5c783fee0
x-content-type-options
nosniff
access-contol-allow-origin
platform.twitter.com
tweet
cdn.syndication.twimg.com/ Frame 4BE0 		2 KB
827 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/tweet?features=tfw_experiments_cookie_expiration%3A1209600%3Btfw_horizon_tweet_embed_9555%3Ahte%3Btfw_skeleton_loading_13398%3Acta%3Btfw_space_card%3Aoff&id=1503480797214519297&lang=en
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.aef85bf61d706d7edafa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_f / Express
Resource Hash
79a2dbf4e2eb66acd4700aae0f79c2c1ba5d226315fdee02649cb9c974fb583a
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding
gzip
etag
W/"65a-Q7sol99YTKN5hyLnMCyMT15GOtE"
x-powered-by
Express
access-control-allow-methods
GET
server-timing
"x-cache;desc= ,x-tw-cdn;desc=VZ",edge;dur=170
strict-transport-security
max-age=631138519
x-xss-protection
0
x-response-time
155
server
tsa_f
x-frame-options
SAMEORIGIN
date
Sat, 19 Mar 2022 14:31:51 GMT
vary
Origin, Accept-Encoding
x-tw-cdn
VZ, VZ
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=60
access-control-allow-credentials
true
x-connection-hash
672d9a56448cf095cf9cf6586307b57a7a53174e89a494c33840fbd6951a2c4f
x-content-type-options
nosniff
access-contol-allow-origin
platform.twitter.com
ModalEngage
fearlessfaucet.com/v2ijdbEvhEMkGvav4qhPIKhs6PHp_4AOomU5-sPVQ1BFjdjMcoVqOE2ccx3oGPhOdTfEx-0k/ 		110 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fearlessfaucet.com/v2ijdbEvhEMkGvav4qhPIKhs6PHp_4AOomU5-sPVQ1BFjdjMcoVqOE2ccx3oGPhOdTfEx-0k/ModalEngage
Requested by
Host: fearlessfaucet.com
URL: https://fearlessfaucet.com/v2fdl5ImIhc3r9VnbMUN5dbvfvvXftac9Qf8ypHfV3kgsyZTjlpn235Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.62.199 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
199.62.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4c51ec235361ffe2bec8239a632f104d53aaeedae0cd8fa6eba949f193698590
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://resistthemainstream.org/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"d0715a6599d2e542d708aba7df748b19dbcae4179e345961bd7e32f9dcd29411"
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-spot-kh86
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://resistthemainstream.org
cache-control
private, must-revalidate, max-age=21600
access-control-allow-credentials
true
access-control-allow-methods
POST, OPTIONS
x-buildnumber
491834569
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
date
Sat, 19 Mar 2022 14:31:50 GMT
signal-2021-09-28-044331_004.png
resistthemainstream.org/wp-content/uploads/2021/09/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resistthemainstream.org/wp-content/uploads/2021/09/signal-2021-09-28-044331_004.png
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39693d4392ebd1c477d05019dac27f82b2a6feabdd96a0aac472ac1284ea1329

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:51 GMT
cf-cache-status
EXPIRED
last-modified
Tue, 28 Sep 2021 02:50:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nHsRlCPSiB74GS1JYuUOxDNUbr%2Ff104KsD8Wv4CV4kVlNkIBEwbuHE%2B6sEvoZ9hLQrsJCl7sTJwddE8NR%2BbkgWPZF0I4wW5mPkZy3H9Ix4ymt9EDbQ8jeJLszCaT2kvb59CDfkhisYPj3NkHs8MnPGonZfo1"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=16070400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6ee6e9ff9e998fda-FRA
content-length
5322
expires
Mon, 18 Apr 2022 14:31:51 GMT
css
fonts.googleapis.com/ 		4 KB
649 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,300
Requested by
Host: fearlessfaucet.com
URL: https://fearlessfaucet.com/v2ijdbEvhEMkGvav4qhPIKhs6PHp_4AOomU5-sPVQ1BFjdjMcoVqOE2ccx3oGPhOdTfEx-0k/ModalEngage
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
71009aa13da8c6f0432a2bc73e476fe2d8b1a117e719d8214008c9a26090f7aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 19 Mar 2022 13:49:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 19 Mar 2022 14:31:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 19 Mar 2022 14:31:51 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=resistthemainstream.org&sn=&cd4=a01c5e37-e242-4242-8e07-30f1543b053a&cd5=default&ic=0&tgt=0&app=&wi=679&he=383&test=&d36=6.2.6&apppkg=&fv=3&proto=https&pid=56ea678d181f46c76f8b45fb&cid=6187a5a49268ad27da7716d8&stagid=&stplid=&e=inventory&vi=0&cb=1647700311059
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.241.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-241-167.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:51 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
premiumsrv.aniview.com/api/adserver/tag/ 		32 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://premiumsrv.aniview.com/api/adserver/tag/?VERSION=4.136.2&AV_PAGE_LOAD_UID=a01c5e37-e242-4242-8e07-30f1543b053a&AV_CDIM4=a01c5e37-e242-4242-8e07-30f1543b053a&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default&AV_VIDEOURL=https%3A%2F%2Fmcd.ex.co%2Fvideo%2Fupload%2Fsp_hd%2Fv1490095101%2Flandscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&AV_CHANNELID=6187a5a49268ad27da7716d8&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=resistthemainstream.org&AV_DADPOS=3&d36=6.2.6&responsive=1&sver=2&avtoken=311059&AV_WIDTH=679&AV_HEIGHT=383&AV_DNT=0&cb=1647700311109
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.165.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-165-141.compute-1.amazonaws.com
Software
/
Resource Hash
f4e0407d130a8433bf9f370c0a0a35b2fec21fb0fe29f31137e42556830ad204

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:51 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 08 Mar 2022 00:45:11 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v19/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 18:02:06 GMT
x-content-type-options
nosniff
age
246585
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13036
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 17:39:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Mar 2023 18:02:06 GMT
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.m3u8
mcd.ex.co/video/upload/sp_hd/v1490095101/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/sp_hd/v1490095101/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.26 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-26.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
50fd1b0192e22f68957f2f557255fc06d698bfd8bfa8e168596f443e5b5831f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 14:31:51 GMT
Cache-Tag
299890703640246977373298896385374012786,394554537382471183304184472313687845759,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
1127
X-Served-By
cache-wdc5535-WDC
Last-Modified
Wed, 09 Jun 2021 05:29:07 GMT
Server
cloudinary
X-Timer
S1638941994.177004,VS0,VE0
ETag
"a42c7ae8b866ad428f953d7bc38769d0"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=22799323
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
jot
syndication.twitter.com/i/ Frame 1547 		43 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1647700311167%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%222582c61%3A1645036219416%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22b82980d95a44a%3A1646854163148%22%2C%22item_ids%22%3A%5B%221503480795540901896%22%5D%2C%22item_details%22%3A%7B%221503480795540901896%22%3A%7B%22item_type%22%3A0%7D%7D%7D&dnt=1
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
108
pragma
no-cache
last-modified
Sat, 19 Mar 2022 14:31:51 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
33b9cc14c03359c664f1d2622d7359ae73b59606f8723f187265a4317d339ee9
x-transaction
3f5634afe2ba2db8
expires
Tue, 31 Mar 1981 05:00:00 GMT
jot
syndication.twitter.com/i/ Frame 1547 		43 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1647700311168%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%222582c61%3A1645036219416%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22b82980d95a44a%3A1646854163148%22%2C%22item_ids%22%3A%5B%221503480795540901896%22%5D%2C%22item_details%22%3A%7B%221503480795540901896%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A839.8999996185303%7D&dnt=1
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
109
pragma
no-cache
last-modified
Sat, 19 Mar 2022 14:31:51 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
33b9cc14c03359c664f1d2622d7359ae73b59606f8723f187265a4317d339ee9
x-transaction
772daf9b6daf127c
expires
Tue, 31 Mar 1981 05:00:00 GMT
jot
syndication.twitter.com/i/ Frame 4BE0 		43 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1647700311191%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%222582c61%3A1645036219416%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-1%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22b82980d95a44a%3A1646854163148%22%2C%22item_ids%22%3A%5B%221503480797214519297%22%5D%2C%22item_details%22%3A%7B%221503480797214519297%22%3A%7B%22item_type%22%3A0%7D%7D%7D&dnt=1
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
109
pragma
no-cache
last-modified
Sat, 19 Mar 2022 14:31:51 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
33b9cc14c03359c664f1d2622d7359ae73b59606f8723f187265a4317d339ee9
x-transaction
10a93ec229dc477e
expires
Tue, 31 Mar 1981 05:00:00 GMT
jot
syndication.twitter.com/i/ Frame 4BE0 		43 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1647700311192%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%222582c61%3A1645036219416%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-1%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22b82980d95a44a%3A1646854163148%22%2C%22item_ids%22%3A%5B%221503480797214519297%22%5D%2C%22item_details%22%3A%7B%221503480797214519297%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A839.6000003814697%7D&dnt=1
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
112
pragma
no-cache
last-modified
Sat, 19 Mar 2022 14:31:51 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
33b9cc14c03359c664f1d2622d7359ae73b59606f8723f187265a4317d339ee9
x-transaction
949d583892a647e5
expires
Tue, 31 Mar 1981 05:00:00 GMT
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.m3u8
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1608312869/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.26 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-26.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
3fd866705913987f41eae0cd3122f984656896b60daf4385f99ed0e356978e33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 14:31:51 GMT
Cache-Tag
299890703640246977373298896385374012786,484104238383510269782950376486441993307,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
1331
X-Served-By
cache-wdc5537-WDC
Last-Modified
Fri, 28 May 2021 02:55:25 GMT
Server
cloudinary
X-Timer
S1638944855.651350,VS0,VE1
ETag
"b87901333b21d30f970a9d9982f6400d"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=22802130
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
v2gny0oMys2mog17R1IiWTUBKAGEc6ZnKRVcvTKI-uJ4VrzwlHSK5YBG5My5w6PWnd23JvXOz
fearlessfaucet.com/ 		196 B
280 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fearlessfaucet.com/v2gny0oMys2mog17R1IiWTUBKAGEc6ZnKRVcvTKI-uJ4VrzwlHSK5YBG5My5w6PWnd23JvXOz
Requested by
Host: fearlessfaucet.com
URL: https://fearlessfaucet.com/v2fdl5ImIhc3r9VnbMUN5dbvfvvXftac9Qf8ypHfV3kgsyZTjlpn235Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.62.199 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
199.62.190.35.bc.googleusercontent.com
Software
/
Resource Hash
7a0280668b97265f29b47011937c02e67dd6018f7e4cf6694f6dc665d289b4ed
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
access-control-allow-methods
POST, OPTIONS
x-datacenter
gce-europe-west1
date
Sat, 19 Mar 2022 14:31:51 GMT
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-spot-kh86
content-type
application/json; charset=utf-8
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-buildnumber
491834569
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
196
expires
Sat, 19 Mar 2022 14:31:50 GMT
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1608312869/ 		114 KB
115 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.26 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-26.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
bc871abfceed2f798929653305bcf0c2997c58d7f4f2e86afa881927900d2eb6

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-116747

Response headers

Date
Sat, 19 Mar 2022 14:31:51 GMT
Cache-Tag
299890703640246977373298896385374012786,484104238383510269782950376486441993307,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 0-116747/913116
Connection
keep-alive
Content-Length
116748
X-Served-By
cache-wdc5574-WDC
Last-Modified
Fri, 28 May 2021 02:55:25 GMT
Server
cloudinary
X-Timer
S1638944740.502891,VS0,VE1
ETag
"a7d8f4b80d06c540ff9289b382f53422"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=22801979
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
456d1189-0c1f-4376-a39b-d4a756de6536
https://resistthemainstream.org/ 		63 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://resistthemainstream.org/456d1189-0c1f-4376-a39b-d4a756de6536
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
64352
Content-Type
text/javascript
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.m3u8
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.26 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-26.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
07b28c082dd42dd5f74447cf4d9351338f6c1e81984a42989fe3978d699af694

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 14:31:51 GMT
Cache-Tag
299890703640246977373298896385374012786,242129432464203716531710096271398543033,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
1342
X-Served-By
cache-wdc5537-WDC
Last-Modified
Fri, 28 May 2021 02:55:30 GMT
Server
cloudinary
X-Timer
S1638944911.520939,VS0,VE1
ETag
"61fce59e82eca3dfbd97c9bb6ec77a6d"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=22802148
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		199 KB
199 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.26 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-26.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
80e7ae17ac456d2b2cc8d8e5b0d34085903b49ba27050029d81938b8d3a9b5ce

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-203415

Response headers

Date
Sat, 19 Mar 2022 14:31:51 GMT
Cache-Tag
299890703640246977373298896385374012786,233322687990412021556170905870126409175,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 0-203415/1551376
Connection
keep-alive
Content-Length
203416
X-Served-By
cache-wdc5537-WDC
Last-Modified
Wed, 26 May 2021 04:26:17 GMT
Server
cloudinary
X-Timer
S1638944800.999030,VS0,VE0
ETag
"66e1730abb08340cae5f745a9b2d0b31"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=22802153
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		121 KB
122 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.26 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-26.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
8a6e2d4bbbe4f00b6a81ab036c29d0471f1755d4bf48285c433ec79ad3c0b132

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=203416-327683

Response headers

Date
Sat, 19 Mar 2022 14:31:51 GMT
Cache-Tag
299890703640246977373298896385374012786,233322687990412021556170905870126409175,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 203416-327683/1551376
Connection
keep-alive
Content-Length
124268
X-Served-By
cache-wdc5537-WDC
Last-Modified
Wed, 26 May 2021 04:26:17 GMT
Server
cloudinary
X-Timer
S1638944800.999030,VS0,VE0
ETag
"66e1730abb08340cae5f745a9b2d0b31"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=22802153
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
truncated
/ 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://resistthemainstream.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 18:59:49 GMT
x-content-type-options
nosniff
age
329522
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Mar 2023 18:59:49 GMT
events
prd-collector-anon.ex.co/main/ 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/5f431e98-d068-4121-80c6-6b10f6bbe34f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.78.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-78-200.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://resistthemainstream.org
date
Sat, 19 Mar 2022 14:31:51 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		168 KB
168 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.26 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-26.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
fc19d2f154f953b4c51b865cec0bb6aebd2e149ea59b98354c19f2cfe8759ad2

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=327684-499327

Response headers

Date
Sat, 19 Mar 2022 14:31:51 GMT
Cache-Tag
299890703640246977373298896385374012786,233322687990412021556170905870126409175,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 327684-499327/1551376
Connection
keep-alive
Content-Length
171644
X-Served-By
cache-wdc5537-WDC
Last-Modified
Wed, 26 May 2021 04:26:17 GMT
Server
cloudinary
X-Timer
S1638944800.999030,VS0,VE0
ETag
"66e1730abb08340cae5f745a9b2d0b31"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=22802153
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B732 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647700311369-970019729674-006807-000-007304%26biddername%3D1%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=58611
expires
Sun, 20 Mar 2022 06:48:42 GMT
date
Sat, 19 Mar 2022 14:31:51 GMT
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame 8D2D
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647700311369-970019729674-006807-000-007304%26biddername%3D42%26key%3D
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647700311369-970019729674-006807-000-007304%26biddername%3D42%26key%3D&s=190719&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647700311369-970019729674-006807-000-007304%26biddername%3D42%26key%3D&s=190719&C=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-29-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d7e420e0c7988b6c43e5748792096a2e865533f5b2ee905c4b5fc6eac7633cb9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|241|45|39|57|156|13|218
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Sat, 19 Mar 2022 14:31:51 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 19 Mar 2022 14:31:51 GMT
Content-Length
1803
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
379
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647700311369-970019729674-006807-000-007304%26biddername%3D42%26key%3D&s=190719&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sat, 19 Mar 2022 14:31:51 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 19 Mar 2022 14:31:51 GMT
Connection
keep-alive
usync.html
eus.rubiconproject.com/ Frame DD98
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"40014-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 19 Mar 2022 14:31:51 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
date
Sat, 19 Mar 2022 14:31:51 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
pixel
ap.lijit.com/ Frame CAB1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647700311369-970019729674-006807-000-007304%26biddername%3D18%26key%3D%24UID
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

Date
Sat, 19 Mar 2022 14:31:51 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
X-Sovrn-Pod
ad_ap1ams1
events
prd-collector-anon.ex.co/main/ 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/5f431e98-d068-4121-80c6-6b10f6bbe34f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.78.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-78-200.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://resistthemainstream.org
date
Sat, 19 Mar 2022 14:31:51 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
avpb4.js
player.aniview.com/script/6.1/ Frame 197B 		352 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb4.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
854a441c2debc6a2b76c243d59d6b5b5de2271eeb3c504bb51cb2f05a6736f16

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:51 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduLfYLoR4HNQRkngMz76SufwCf5Bu1_zcFDFbqmnp3YPPx5-g_9xMmT-RXgy_ixTyZ_LnUGTms1YjJmSNGki5DiN5pcwQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
108168
last-modified
Tue, 15 Mar 2022 06:30:29 GMT
server
UploadServer
etag
"3cef7c5304a6ef97d74168fb793b7c3c"
vary
Accept-Encoding
x-goog-hash
crc32c=hNbHAQ==, md5=PO98UwSm75fXQWj7eTt8PA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1647325829409155
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
108168
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 19 Mar 2022 14:36:51 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=resistthemainstream.org&rs=resistthemainstream.org&sid=10947&t=1647700311&cip=185.213.155.164&sn=&tgt=0&osv=10&bv=99.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1647700311369-970019729674-006807-000-007304&cha=0.7&stagid=&stplid=&d35=&d36=6.2.6&cb=44416157044&cd4=a01c5e37-e242-4242-8e07-30f1543b053a&cd5=default&cd1=4.136.2&d9=1000&d37=realtime&AV_WIDTH=679&AV_HEIGHT=383&nid=56ea678d181f46c76f8b45fb&ncid=6187a5a49268ad27da7716d8&e=request&cb=1647700311454&asid=60ebfe94ebe867570438e997%2C5fbe1a1fd09dbe29472667bb%2C59f5f23628a0612040036b8f%2C5e1b272e28a06142643c20cd%2C5fbe5add3443ef680f0480d7%2C5c5a9a6228a0617b9619af99%2C60c60c3b1731ed2b383f0908%2C604e0bb1f199b154cc115338%2C6187a5a23223786bb66bb49e%2C5ee3d57071193a26344a4076%2C6187a5a2beecd3492774a80b%2C60ebfe86a4a7792110515aa4%2C6187a5a2f2ea41121e3cbd26&ofpr=%2C4%2C3%2C2.25%2C%2C2%2C%2C2%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by
Host: resistthemainstream.org
URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.241.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-241-167.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:51 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
vast2
tag.targeting.unrulymedia.com/rmp/216513/0/ 		168 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/216513/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&w=679&h=383&cbb=7700311452
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 14:31:51 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://resistthemainstream.org
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
vast2
tag.targeting.unrulymedia.com/rmp/234705/0/ 		168 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/234705/0/vast2?adtype=video&compMode=and&dim=101&vastfw=vpaid&z=1r&url=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&w=679&h=383&cbb=7700311452
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 14:31:51 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://resistthemainstream.org
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
translator
hbopenbid.pubmatic.com/ 		0
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://resistthemainstream.org
date
Sat, 19 Mar 2022 14:31:53 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
prebid-server.rubiconproject.com/openrtb2/ 		187 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.111.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-111-41.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a6a93c7976009eacd3cf47337bb7dc58b296dd975117c66b955896ea553c8c0e

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 14:31:51 GMT
content-encoding
gzip
x-prebid
pbs-java/1.84.0
content-type
application/json
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		187 B
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.111.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-111-41.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
577b14e66de3298bc80a169b516aa722aff525c8ee54a73fa8f2212560c6a645

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 14:31:51 GMT
content-encoding
gzip
x-prebid
pbs-java/1.84.0
content-type
application/json
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
177
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.111.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-111-41.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
131c437397cd4ee2123047ad2be0b556fc702ce15f7c3cd8a5fe2400bf4f769a

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 14:31:51 GMT
content-encoding
gzip
x-prebid
pbs-java/1.84.0
content-type
application/json
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
mvo
tag.1rx.io/rmp/203144/0/ 		0
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/203144/0/mvo?z=1r&hbv=6.11,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://resistthemainstream.org
pragma
no-cache
date
Sat, 19 Mar 2022 14:31:51 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
usync.js
eus.rubiconproject.com/ Frame DD98 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
438516fa8162e51e80edee405e616a604df367fb55c5a672be5c9a40f2db651c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 14:31:51 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=63739
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9539
Expires
Sun, 20 Mar 2022 08:14:10 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame B732 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=65883692&p=158554&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647700311369-970019729674-006807-000-007304%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:50 GMT
content-length
0
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		142 KB
142 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.26 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-26.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
320f9c10b94c5fd531ca60c0fae62fbb1fa70712e1a9caf5d8f37a3a79d3e7ca

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=499328-644463

Response headers

Date
Sat, 19 Mar 2022 14:31:51 GMT
Cache-Tag
299890703640246977373298896385374012786,233322687990412021556170905870126409175,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 499328-644463/1551376
Connection
keep-alive
Content-Length
145136
X-Served-By
cache-wdc5537-WDC
Last-Modified
Wed, 26 May 2021 04:26:17 GMT
Server
cloudinary
X-Timer
S1638944800.999030,VS0,VE0
ETag
"66e1730abb08340cae5f745a9b2d0b31"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=22802153
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
khaos.jpg
token.rubiconproject.com/ Frame DD98 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/jpg
pixel
cm.g.doubleclick.net/ Frame 8D2D 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YjXpV2LU7V7YMkcDy3QF8AAABKEAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647700311369-970019729674-006807-000-007304%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 14:31:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 8D2D
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YjXpV2LU7V7YMkcDy3QF8AAABKEAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YjXpV2LU7V7YMkcDy3QF8AAABKEAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YjXpV2LU7V7YMkcDy3QF8AAABKEAAAAB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647700311369-970019729674-006807-000-007304%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Mar 2022 14:31:52 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
MNXWB2ZJ81JYX3K8VXET
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 19 Mar 2022 14:31:51 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
JHN2YEJDW8A46SMB6AEN
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YjXpV2LU7V7YMkcDy3QF8AAABKEAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 8D2D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YjXpV2LU7V7YMkcDy3QF8AAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELmvFSVPisJD8JHvOaCWurw&google_cver=1&gdpr=1
43 B
985 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELmvFSVPisJD8JHvOaCWurw&google_cver=1&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647700311369-970019729674-006807-000-007304%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Server
104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-29-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Mar 2022 14:31:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 19 Mar 2022 14:31:51 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Mar 2022 14:31:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELmvFSVPisJD8JHvOaCWurw&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 8D2D 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647700311369-970019729674-006807-000-007304%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 14:31:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 8D2D
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5142336720005317206
43 B
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5142336720005317206
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647700311369-970019729674-006807-000-007304%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Server
104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-29-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Mar 2022 14:31:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 19 Mar 2022 14:31:51 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5142336720005317206
Date
Sat, 19 Mar 2022 14:31:51 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cookiesync
bttrack.com/pixel/ Frame 8D2D 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647700311369-970019729674-006807-000-007304%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

X-ServerName
Track003-iad
Pragma
no-cache
Date
Sat, 19 Mar 2022 14:31:51 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
crum
dsum-sec.casalemedia.com/ Frame 8D2D
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
43 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647700311369-970019729674-006807-000-007304%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Server
104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-29-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Mar 2022 14:31:51 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 19 Mar 2022 14:31:51 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
date
Sat, 19 Mar 2022 14:31:51 GMT
access-control-allow-credentials
true
x-powered-by
Express
content-length
0
vary
Origin
keep-alive
timeout=5
ibs:dpid=23728&dpuuid=YjXpV2LU7V7YMkcDy3QF8AAA%261185
dpm.demdex.net/ Frame 8D2D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YjXpV2LU7V7YMkcDy3QF8AAA%261185?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647700311369-970019729674-006807-000-007304%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.228.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-228-167.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
cookiesyncendpoint
sync.aniview.com/ Frame 8D2D 		0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1647700311369-970019729674-006807-000-007304&biddername=42&key=YjXpV2LU7V7YMkcDy3QF8AAA%261185
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1647700311369-970019729674-006807-000-007304%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.101.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-101-249.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:51 GMT
content-length
0
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame DD98 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17136
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
d3682eda7e5cb79782b1d5475f50e8fc
Content-Type
image/gif
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		125 KB
126 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.26 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-26.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
db720757cace02ecc1e88d824648d67676e1e25ce8a7cb00a65c7c5ba89e4661

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=644464-772679

Response headers

Date
Sat, 19 Mar 2022 14:31:51 GMT
Cache-Tag
299890703640246977373298896385374012786,233322687990412021556170905870126409175,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 644464-772679/1551376
Connection
keep-alive
Content-Length
128216
X-Served-By
cache-wdc5537-WDC
Last-Modified
Wed, 26 May 2021 04:26:17 GMT
Server
cloudinary
X-Timer
S1638944800.999030,VS0,VE0
ETag
"66e1730abb08340cae5f745a9b2d0b31"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=22802153
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		147 KB
148 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.26 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-26.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
3093b0c5dc79ef06886e2ddd238e466e2b43d35e5aeca027ae47f6c4fe003451

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=772680-923455

Response headers

Date
Sat, 19 Mar 2022 14:31:51 GMT
Cache-Tag
299890703640246977373298896385374012786,233322687990412021556170905870126409175,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 772680-923455/1551376
Connection
keep-alive
Content-Length
150776
X-Served-By
cache-wdc5537-WDC
Last-Modified
Wed, 26 May 2021 04:26:17 GMT
Server
cloudinary
X-Timer
S1638944800.999030,VS0,VE0
ETag
"66e1730abb08340cae5f745a9b2d0b31"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=22802153
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=resistthemainstream.org&rs=resistthemainstream.org&sid=10947&t=1647700311&cip=185.213.155.164&sn=&tgt=0&osv=10&bv=99.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1647700311369-970019729674-006807-000-007304&cha=0.7&stagid=&stplid=&d35=&d36=6.2.6&cb=44416157044&cd4=a01c5e37-e242-4242-8e07-30f1543b053a&cd5=default&cd1=4.136.2&d9=1000&d37=realtime&AV_WIDTH=679&AV_HEIGHT=383&nid=56ea678d181f46c76f8b45fb&ncid=6187a5a49268ad27da7716d8&e=bid&cb=1647700313016&asid=60ebfe94ebe867570438e997%2C6187a5a23223786bb66bb49e%2C5ee3d57071193a26344a4076%2C6187a5a2beecd3492774a80b%2C60ebfe86a4a7792110515aa4%2C6187a5a2f2ea41121e3cbd26&ofpr=%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.241.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-241-167.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:53 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 197B 		371 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
215667f9e3ec661991bab882d051bde245e642548a5b25b7a8500a67c28dcf50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126232
x-xss-protection
0
expires
Sat, 19 Mar 2022 14:31:53 GMT
bridge3.505.0_en.html
imasdk.googleapis.com/js/core/ Frame BCFE 		590 KB
192 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
196644
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 16 Mar 2022 20:13:15 GMT
expires
Thu, 16 Mar 2023 20:13:15 GMT
cache-control
public, max-age=31536000
last-modified
Wed, 16 Mar 2022 20:06:38 GMT
content-type
text/html
age
238718
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 197B 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 19 Mar 2022 14:31:54 GMT
bridge3.505.0_en.html
imasdk.googleapis.com/js/core/ Frame D0C9 		590 KB
192 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
196644
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 16 Mar 2022 20:13:15 GMT
expires
Thu, 16 Mar 2023 20:13:15 GMT
cache-control
public, max-age=31536000
last-modified
Wed, 16 Mar 2022 20:06:38 GMT
content-type
text/html
age
238718
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.505.0_en.html
imasdk.googleapis.com/js/core/ Frame B6E7 		590 KB
192 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
196644
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 16 Mar 2022 20:13:15 GMT
expires
Thu, 16 Mar 2023 20:13:15 GMT
cache-control
public, max-age=31536000
last-modified
Wed, 16 Mar 2022 20:06:38 GMT
content-type
text/html
age
238718
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.505.0_en.html
imasdk.googleapis.com/js/core/ Frame 8BCF 		590 KB
192 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
196644
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 16 Mar 2022 20:13:15 GMT
expires
Thu, 16 Mar 2023 20:13:15 GMT
cache-control
public, max-age=31536000
last-modified
Wed, 16 Mar 2022 20:06:38 GMT
content-type
text/html
age
238718
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.505.0_en.html
imasdk.googleapis.com/js/core/ Frame E394 		590 KB
192 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
196644
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 16 Mar 2022 20:13:15 GMT
expires
Thu, 16 Mar 2023 20:13:15 GMT
cache-control
public, max-age=31536000
last-modified
Wed, 16 Mar 2022 20:06:38 GMT
content-type
text/html
age
238718
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.com/adsid/ Frame 197B 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=resistthemainstream.org
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 19 Mar 2022 14:31:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 857F 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 13:34:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3420
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 19 Mar 2022 14:34:53 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 31C3 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 13:34:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3420
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 19 Mar 2022 14:34:53 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E58E 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 13:34:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3420
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 19 Mar 2022 14:34:53 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame CCB2 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 13:34:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3420
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 19 Mar 2022 14:34:53 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame C26E 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 13:34:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3420
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 19 Mar 2022 14:34:53 GMT
371.json
id5-sync.com/g/v2/ 		213 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/371.json
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.5.231 , France, ASN16276 (OVH, FR),
Reverse DNS
p35.id5-sync.com
Software
/
Resource Hash
0f109a1c51496fb3a941944e895c9eb64311bbd9e356018796933e568824cff2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://resistthemainstream.org
Date
Sat, 19 Mar 2022 14:31:52 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C988 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=58609
expires
Sun, 20 Mar 2022 06:48:42 GMT
date
Sat, 19 Mar 2022 14:31:53 GMT
vary
Accept-Encoding
ads
pubads.g.doubleclick.net/gampad/ Frame 8BCF 		2 KB
947 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2C22431668266%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_resistthemainstream.org_9&sz=400x300%7C640x400%7C640x480&description_url=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&cust_params=publisher_name%3Dresistthemainstream.org&env=vp&correlator=2042226922304316&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&max_ad_duration=35000&vid_t=How%20to%20Protect%20Your%20Phone%20in%20Cold%20Weather&vid_d=43&vid_kw=monochrome%20photography%2Cfinger%2Cjohns%20hopkins%20university%2Csmartphone%2Ckyrgyzstan%2Cportable%20communications%20device%2Cmonochrome%2Cdisplay%20device%2Cmobile%20device%2Cmobile%20phone&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=2758553450&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=8242D48F-23A0-49E9-B893-F3BC2CA7A7B7&nel=0&eid=44737475%2C44754420%2C44758374&top=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&url=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&dt=1647700313922&cookie_enabled=1&scor=329149102197226&ged=ve4_td4_er4061.320.4213.620_vi0.0.1200.1600_vp0_eb16488
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
cfc33a6f458e2330b1cfe0aa817c2e6c5e4511204f285d032f9f5dca30e05946
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
873
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame D0C9 		2 KB
956 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2C22431668266%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_resistthemainstream.org_3&sz=400x300%7C640x400%7C640x480&description_url=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&cust_params=publisher_name%3Dresistthemainstream.org&env=vp&correlator=4141617996097388&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&max_ad_duration=35000&vid_t=How%20to%20Protect%20Your%20Phone%20in%20Cold%20Weather&vid_d=43&vid_kw=monochrome%20photography%2Cfinger%2Cjohns%20hopkins%20university%2Csmartphone%2Ckyrgyzstan%2Cportable%20communications%20device%2Cmonochrome%2Cdisplay%20device%2Cmobile%20device%2Cmobile%20phone&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=2179158817&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=8242D48F-23A0-49E9-B893-F3BC2CA7A7B7&nel=0&eid=44737475%2C44754420%2C44758374&top=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&url=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&dt=1647700313936&cookie_enabled=1&scor=1107043893697041&ged=ve4_td4_er4061.320.4213.620_vi0.0.1200.1600_vp0_ts0_eb16488
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
82ab57a55e312cd05a7f6566942c70ed84845f383d7dd7a5b02a4b0e4a8a8f61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
876
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame BCFE 		156 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1147316625754851&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=3721417804&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=8242D48F-23A0-49E9-B893-F3BC2CA7A7B7&nel=0&eid=44737475%2C44754420%2C44758374&top=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&url=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&dt=1647700313941&cookie_enabled=1&scor=1106249703690856&ged=ve4_td4_er4061.320.4213.620_vi0.0.1200.1600_vp0_ts0_eb16488
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame E394 		2 KB
946 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2C22431668266%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_resistthemainstream.org_5&sz=400x300%7C640x400%7C640x480&description_url=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&cust_params=publisher_name%3Dresistthemainstream.org&env=vp&correlator=2183322735655223&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&max_ad_duration=35000&vid_t=How%20to%20Protect%20Your%20Phone%20in%20Cold%20Weather&vid_d=43&vid_kw=monochrome%20photography%2Cfinger%2Cjohns%20hopkins%20university%2Csmartphone%2Ckyrgyzstan%2Cportable%20communications%20device%2Cmonochrome%2Cdisplay%20device%2Cmobile%20device%2Cmobile%20phone&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=2376058707&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=8242D48F-23A0-49E9-B893-F3BC2CA7A7B7&nel=0&eid=44737475%2C44754420%2C44758374&top=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&url=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&dt=1647700313945&cookie_enabled=1&scor=1197633876649260&ged=ve4_td4_er4061.320.4213.620_vi0.0.1200.1600_vp0_ts0_eb16488
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
3898ac66217dc0171824b3dcf84127506d9f2bd6dff092424035a7e203c50eec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
876
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame B6E7 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_3&description_url=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3246354673206899&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=1166742729&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=8242D48F-23A0-49E9-B893-F3BC2CA7A7B7&nel=0&eid=44737475%2C44754420%2C44758374&top=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&url=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&dt=1647700313949&cookie_enabled=1&scor=3648939729246318&ged=ve4_td4_er4061.320.4213.620_vi0.0.1200.1600_vp0_ts0_eb16488
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=resistthemainstream.org&rs=resistthemainstream.org&sid=10947&t=1647700311&cip=185.213.155.164&sn=&tgt=0&osv=10&bv=99.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1647700311369-970019729674-006807-000-007304&cha=0.7&stagid=&stplid=&d35=&d36=6.2.6&cb=44416157044&cd4=a01c5e37-e242-4242-8e07-30f1543b053a&cd5=default&cd1=4.136.2&d9=1000&d37=realtime&AV_WIDTH=679&AV_HEIGHT=383
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.69.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-69-20.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 19 Mar 2022 14:31:54 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ads
pubads.g.doubleclick.net/gampad/ Frame D0C9 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F94166617%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_resistthemainstream.org_3&sz=400x300%7C640x400%7C640x480&cust_params=publisher_name%3Dresistthemainstream.org&url=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1181461&min_ad_duration=0&max_ad_duration=30000&ppos=1&lip=true&sid=8242D48F-23A0-49E9-B893-F3BC2CA7A7B7&adk=2179158817&cookie_enabled=1&correlator=4141617996097388&dt=1647700314427&ged=ve4_td4_tt0_pd4_la4000_er4061.320.4444.999_vi0.0.1200.1600_vp0_ts0_eb16491&is_amp=0&npa=false&omid_p=Google1%2Fh.3.505.0&osd=2&scor=1107043893697041&sdk_apis=2%2C7%2C8&top=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&vis=1&u_so=l&eid=44737475%2C44754420%2C44758374&hl=en&frm=0&sdki=44d&sdkv=h.3.505.0&sdr=1&vid_d=43&nel=0&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&cnc=22431668266&kfa=0&tfcd=0&ctv=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		127 KB
128 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.26 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-26.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
20d39c4e213e747dee4aa55bf503a5eff52c1d294ac947a97742c25fae160730

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=923456-1053927

Response headers

Date
Sat, 19 Mar 2022 14:31:54 GMT
Cache-Tag
299890703640246977373298896385374012786,233322687990412021556170905870126409175,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 923456-1053927/1551376
Connection
keep-alive
Content-Length
130472
X-Served-By
cache-wdc5537-WDC
Last-Modified
Wed, 26 May 2021 04:26:17 GMT
Server
cloudinary
X-Timer
S1638944800.999030,VS0,VE0
ETag
"66e1730abb08340cae5f745a9b2d0b31"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=22802150
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
bridge3.505.0_en.html
imasdk.googleapis.com/js/core/ Frame 5F3A 		590 KB
192 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
196644
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 16 Mar 2022 20:13:15 GMT
expires
Thu, 16 Mar 2023 20:13:15 GMT
cache-control
public, max-age=31536000
last-modified
Wed, 16 Mar 2022 20:06:38 GMT
content-type
text/html
age
238719
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.com/adsid/ Frame 197B 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=resistthemainstream.org
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 19 Mar 2022 14:31:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4991 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 13:34:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3421
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 19 Mar 2022 14:34:53 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 8BCF 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F94166617%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_resistthemainstream.org_9&sz=400x300%7C640x400%7C640x480&cust_params=publisher_name%3Dresistthemainstream.org&url=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1181461&min_ad_duration=0&max_ad_duration=30000&ppos=1&lip=true&sid=8242D48F-23A0-49E9-B893-F3BC2CA7A7B7&adk=2758553450&cookie_enabled=1&correlator=2042226922304316&dt=1647700314761&ged=ve4_td5_tt1_pd5_la5000_er4061.320.4444.999_vi0.0.1200.1600_vp0_ts1_eb16491&is_amp=0&npa=false&omid_p=Google1%2Fh.3.505.0&osd=2&scor=329149102197226&sdk_apis=2%2C7%2C8&top=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&vis=1&u_so=l&eid=44737475%2C44754420%2C44758374&hl=en&frm=0&sdki=44d&sdkv=h.3.505.0&sdr=1&vid_d=43&nel=0&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&cnc=22431668266&kfa=0&tfcd=0&ctv=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 5F3A 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_450&description_url=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3580637681125670&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=807932265&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=8242D48F-23A0-49E9-B893-F3BC2CA7A7B7&nel=0&eid=44737475%2C44754420%2C44758374&top=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&url=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&dt=1647700314864&cookie_enabled=1&scor=4136245307092992&ged=ve4_td5_tt1_pd5_la5000_er4061.320.4213.620_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame E394 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F94166617%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_resistthemainstream.org_5&sz=400x300%7C640x400%7C640x480&cust_params=publisher_name%3Dresistthemainstream.org&url=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1181461&min_ad_duration=0&max_ad_duration=30000&ppos=1&lip=true&sid=8242D48F-23A0-49E9-B893-F3BC2CA7A7B7&adk=2376058707&cookie_enabled=1&correlator=2183322735655223&dt=1647700315016&ged=ve4_td5_tt1_pd5_la5000_er4061.320.4444.999_vi0.0.1200.1600_vp0_ts0_eb16491&is_amp=0&npa=false&omid_p=Google1%2Fh.3.505.0&osd=2&scor=1197633876649260&sdk_apis=2%2C7%2C8&top=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&vis=1&u_so=l&eid=44737475%2C44754420%2C44758374&hl=en&frm=0&sdki=44d&sdkv=h.3.505.0&sdr=1&vid_d=43&nel=0&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&cnc=22431668266&kfa=0&tfcd=0&ctv=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:55 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame C988 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=29373664&p=158901&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
ecb03b6976832980c115d41b0627ad23d53d86bcb8c6e7135d86e2caddcc0062

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:56 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame AA59
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=67DA5D40-DD76-47DF-B14E-27517FE96498
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=67DA5D40-DD76-47DF-B14E-27517FE96498
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=67DA5D40-DD76-47DF-B14E-27517FE96498
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 19 Mar 2022 14:31:56 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Sat, 19 Mar 2022 14:31:56 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=67DA5D40-DD76-47DF-B14E-27517FE96498
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 842B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e34d6235-e95e-4f00-b2f3-acb372b16986&gdpr=0&gdpr_consent=
42 B
598 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e34d6235-e95e-4f00-b2f3-acb372b16986&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 19 Mar 2022 09:09:47 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug0023:0:380
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Sat, 19 Mar 2022 14:31:58 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4256 109297d master hkg-pixel-x7 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e34d6235-e95e-4f00-b2f3-acb372b16986&gdpr=0&gdpr_consent=
Expires
Sat, 19 Mar 2022 14:31:57 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 9357
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3563802131417035447
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3563802131417035447
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 19 Mar 2022 14:31:56 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug016:0:340
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3563802131417035447
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 2933 		43 B
364 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 19 Mar 2022 14:31:56 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Sat, 19 Mar 2022 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1013547
strict-transport-security
max-age=31536000; preload;
Pug
simage2.pubmatic.com/AdServer/ Frame FB1C
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7076818970845575319
42 B
385 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7076818970845575319
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 19 Mar 2022 14:31:55 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug015:0:558
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Sat, 19 Mar 2022 14:31:56 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7076818970845575319
Pug
simage2.pubmatic.com/AdServer/ Frame 8940
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YjXpXAAON3j-zQAy&gdpr=0&gdpr_consent=&_test=YjXpXAAON3j-zQAy
1 B
238 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YjXpXAAON3j-zQAy&gdpr=0&gdpr_consent=&_test=YjXpXAAON3j-zQAy
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 19 Mar 2022 14:31:56 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
amspug018:0:519
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YjXpXAAON3j-zQAy&gdpr=0&gdpr_consent=&_test=YjXpXAAON3j-zQAy
accept-ranges
bytes
date
Sat, 19 Mar 2022 14:31:56 GMT
via
1.1 varnish
x-served-by
cache-hhn4039-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1647700317.705884,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
redir
rtb-csync.smartadserver.com/ Frame B85B
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGT00wN0VhOU1BQURJZW03VzRDUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFOM07Ea9MAADIem7W4CQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAFOM07Ea9MAADIem7W4CQ&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFOM07Ea9MAADIem7W4CQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...
43 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFOM07Ea9MAADIem7W4CQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.114 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

content-type
image/gif
date
Sat, 19 Mar 2022 14:31:56 GMT
transfer-encoding
chunked

Redirect headers

Date
Sat, 19 Mar 2022 14:31:57 GMT
location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFOM07Ea9MAADIem7W4CQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 2CD6
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=0jWVwq5ARcVoeCuCzdMiwLnVm6Q
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=0jWVwq5ARcVoeCuCzdMiwLnVm6Q
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 19 Mar 2022 14:31:56 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug016:0:301
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Sat, 19 Mar 2022 14:31:56 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=0jWVwq5ARcVoeCuCzdMiwLnVm6Q
Content-Length
159
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame CCC2
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 19 Mar 2022 14:31:55 GMT
content-type
text/html; charset=utf-8
x-lat
amspug016:2:205
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Sat, 19 Mar 2022 14:31:56 GMT
server
_
i.match
s.tribalfusion.com/z/ Frame 2906
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
417 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 19 Mar 2022 14:31:56 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6ee6ea23de9a90e6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Sat, 19 Mar 2022 14:31:56 GMT
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
178
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6ee6ea22cc9690e6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pub
matching.truffle.bid/sync/ Frame C29A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.54.172 -, , ASN (),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx/1.21.4
Date
Sat, 19 Mar 2022 14:31:56 GMT
Connection
keep-alive
Strict-Transport-Security
max-age=15768000
cookiesync
core.iprom.net/ Frame 1784 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Vary
Accept-Encoding
X-adserver-worker
komodo-0b0578c1318e@version_1.387v2
Connection
close
X-server-arch
v2
Content-Type
image/gif
Content-Length
43
X-core-time
0ms
Date
Sat, 19 Mar 2022 14:31:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 580C
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1647700316626
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4283574749
  • https://sync.1rx.io/usersync/tradedesk/31953ae0-5185-4079-bbe2-4ce0b15e88ab
  • https://sync.targeting.unrulymedia.com/csync/RX-5e95c069-10fb-4a79-afb9-13f03f3c1f64-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5e95c069-10fb-4a79-afb9-13f03f3c1f64-003
42 B
426 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5e95c069-10fb-4a79-afb9-13f03f3c1f64-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sat, 19 Mar 2022 08:15:11 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug0022:0:416
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Sat, 19 Mar 2022 14:31:56 GMT
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5e95c069-10fb-4a79-afb9-13f03f3c1f64-003
etag
RX5e95c06910fb4a79afb913f03f3c1f64003
bridge
cm.adgrx.com/ Frame AECE 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.179 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Date
Sat, 19 Mar 2022 14:31:56 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-7
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
dpe
ad4m.at/ad/ Frame F669 		15 B
891 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 19 Mar 2022 14:31:56 GMT
content-type
text/plain; charset=utf-8
content-length
15
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
max-age=43200, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
HIT
age
1558430
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6ee6ea22e86691d7-FRA
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame B903
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8f633365-f17b-4e6a-8831-50662e2916e5-tuct92f6edc&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
147 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8f633365-f17b-4e6a-8831-50662e2916e5-tuct92f6edc&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Sat, 19 Mar 2022 14:31:56 GMT
via
1.1 varnish
x-served-by
cache-hhn4047-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1647700317.668473,VS0,VE9
content-length
0

Redirect headers

server
nginx
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8f633365-f17b-4e6a-8831-50662e2916e5-tuct92f6edc&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Sat, 19 Mar 2022 14:31:56 GMT
via
1.1 varnish
x-served-by
cache-hhn4074-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1647700317.623414,VS0,VE9
x-vcl-time-ms
9
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C988
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Z9pdQN12R9-xTidRf-lkmA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Protocol
H2
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:56 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=58606
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Sun, 20 Mar 2022 06:48:42 GMT

Redirect headers

pragma
no-cache
date
Sat, 19 Mar 2022 14:31:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame C988
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9afe6235-e95e-4400-a6df-ff2c374626f8
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9afe6235-e95e-4400-a6df-ff2c374626f8
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:57 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 19 Mar 2022 14:31:57 GMT
Server
MT3 4256 109297d master hkg-pixel-x5 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9afe6235-e95e-4400-a6df-ff2c374626f8
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 19 Mar 2022 14:31:56 GMT
mw
mwzeom.zeotap.com/ Frame C988
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=67DA5D40-DD76-47DF-B14E-27517FE96498
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=31953ae0-5185-4079-bbe2-4ce0b15e88ab&icm
  • https://spl.zeotap.com/?zdid=1332&zcluid=4c2b2a0b78e874e5
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1dd87566-2a2c-4d66-7855-ed1de346e481&reqId=e10e831e-f44f-492d-575d-f6bae6bb635c&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEPCYI_yU5Tq1iLEJhoraVwo&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1dd87566-2a2c-4d66-7855-ed1de346e481&reqId=e10e831e-f44f-492d-575d-f6b...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEPCYI_yU5Tq1iLEJhoraVwo&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1dd87566-2a2c-4d66-7855-ed1de346e481&reqId=e10e831e-f44f-492d-575d-f6bae6bb635c&zcluid=4c2b2a0b78e874e5&zdid=1332
Protocol
H2
Server
2606:4700:10::6816:1957 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6ee6ea249d2c5c38-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sat, 19 Mar 2022 14:31:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEPCYI_yU5Tq1iLEJhoraVwo&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1dd87566-2a2c-4d66-7855-ed1de346e481&reqId=e10e831e-f44f-492d-575d-f6bae6bb635c&zcluid=4c2b2a0b78e874e5&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C988
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIhPdurd_dfXB-1uRJncbDg&google_cver=1
42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIhPdurd_dfXB-1uRJncbDg&google_cver=1
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:56 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug008:0:502
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 19 Mar 2022 14:31:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIhPdurd_dfXB-1uRJncbDg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame C988 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.182 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:56 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 18 Mar 2022 14:31:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C988
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5007390519281441664
42 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5007390519281441664
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:56 GMT
cache-control
no-store, no-cache, private
x-lat
amspug005:0:625
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 19 Mar 2022 14:31:56 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5007390519281441664
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame C988
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=31953ae0-5185-4079-bbe2-4ce0b15e88ab
42 B
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=31953ae0-5185-4079-bbe2-4ce0b15e88ab
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:55 GMT
cache-control
no-store, no-cache, private
x-lat
amspug017:0:928
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 19 Mar 2022 14:31:56 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=31953ae0-5185-4079-bbe2-4ce0b15e88ab
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame C988
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2327348148020347933&gdpr=0&gdpr_consent=
42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2327348148020347933&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:56 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:402
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sat, 19 Mar 2022 14:31:56 GMT
X-Proxy-Origin
185.213.155.164; 185.213.155.164; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
42a946ab-cf0a-4d34-942e-3861d6190297
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2327348148020347933&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C988
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=dcq7RybBvURuyL5AJ56lQyWZu0RunLFFcci70nN2
42 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=dcq7RybBvURuyL5AJ56lQyWZu0RunLFFcci70nN2
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:56 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug005:0:426
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 19 Mar 2022 14:31:56 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=dcq7RybBvURuyL5AJ56lQyWZu0RunLFFcci70nN2
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
67DA5D40-DD76-47DF-B14E-27517FE96498
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame C988 		43 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/67DA5D40-DD76-47DF-B14E-27517FE96498?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:1ccc:1602:f60c:87b8 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:57 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame C988
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=67DA5D40-DD76-47DF-B14E-27517FE96498&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=67DA5D40-DD76-47DF-B14E-27517FE96498&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9RzZnQBE2uW0feVRbAGD.k8OIB2R2AI-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9RzZnQBE2uW0feVRbAGD.k8OIB2R2AI-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 13:19:14 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9RzZnQBE2uW0feVRbAGD.k8OIB2R2AI-~A&gdpr=0&gdpr_consent=
date
Sat, 19 Mar 2022 14:31:56 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame C988
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_uid=a0402443-f02d-4ad4-b449-5cc48fafe3cd
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_uid=a0402443-f02d-4ad4-b449-5cc48fafe3cd
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=23c536e0-7ccb-4d4a-b1f5-833ff83ce1a4&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a0402443-f02d-4ad4-b449-5cc48fafe3cd&gdpr=&gdpr_consent=&gdpr_pd=
1 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a0402443-f02d-4ad4-b449-5cc48fafe3cd&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 08:11:23 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0021:0:405
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a0402443-f02d-4ad4-b449-5cc48fafe3cd&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sat, 19 Mar 2022 14:31:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame C988
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:489fe1a1-c7df-4bed-b3e7-f7f319e2d21c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:489fe1a1-c7df-4bed-b3e7-f7f319e2d21c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:55 GMT
cache-control
no-store, no-cache, private
x-lat
amspug003:0:372
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:489fe1a1-c7df-4bed-b3e7-f7f319e2d21c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sat, 19 Mar 2022 14:31:56 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame C988
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8644512593635429044&gdpr=0&gdpr_consent=&us_privacy=
1 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8644512593635429044&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:55 GMT
cache-control
no-store, no-cache, private
x-lat
amspug008:0:556
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8644512593635429044&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 19 Mar 2022 14:31:56 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame C988 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=67DA5D40-DD76-47DF-B14E-27517FE96498&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 14:31:56 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame C988
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2327348148020347933
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2327348148020347933
Protocol
H2
Server
185.64.189.110 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:56 GMT
cache-control
no-store, no-cache, private
x-lat
amspug014:0:264
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sat, 19 Mar 2022 14:31:56 GMT
X-Proxy-Origin
185.213.155.164; 185.213.155.164; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
ac1ee893-db93-4476-af5f-4d10c56708b1
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2327348148020347933
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C988
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:56 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:420
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 19 Mar 2022 14:31:56 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
d1ba4609
rtb.gumgum.com/getuid/ Frame C988 		35 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.89.136 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 14:31:56 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-MHSJPPB6JE&gtm=2oe3e0&_p=1386409109&sr=1600x1200&ul=en-us&cid=1375555129.1647700308&_s=2&dl=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&dt=Plan%20to%20Re-Open%20The%20Capitol%20Revealed%20After%20Being%20Closed%20for%20Two%20Years&sid=1647700307&sct=1&seg=0&en=scroll&_et=4342&epn.percent_scrolled=90
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MHSJPPB6JE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 14:31:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/ 		184 KB
184 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1608312869/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.26 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-26.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
e249689202d578760f311db8af1646c07100fa7fbcf73b82e229813efd14813a

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=1053928-1241927

Response headers

Date
Sat, 19 Mar 2022 14:31:58 GMT
Cache-Tag
299890703640246977373298896385374012786,233322687990412021556170905870126409175,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 1053928-1241927/1551376
Connection
keep-alive
Content-Length
188000
X-Served-By
cache-wdc5537-WDC
Last-Modified
Wed, 26 May 2021 04:26:17 GMT
Server
cloudinary
X-Timer
S1638944800.999030,VS0,VE0
ETag
"66e1730abb08340cae5f745a9b2d0b31"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=22802146
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
events
prd-collector-anon.ex.co/main/ 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/5f431e98-d068-4121-80c6-6b10f6bbe34f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.78.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-78-200.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://resistthemainstream.org
date
Sat, 19 Mar 2022 14:31:58 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
track
atrack.avplayer.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=playerLoaded&cb=1647700318485&cid=6187a5a49268ad27da7716d8&VERSION=4.136.2&AV_PAGE_LOAD_UID=a01c5e37-e242-4242-8e07-30f1543b053a&AV_CDIM4=a01c5e37-e242-4242-8e07-30f1543b053a&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.241.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-241-167.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:58 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
c.mgid.com/vs/ 		43 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?tid=601&iid=1156929&e=load&o=%7B%22timeOffset%22%3A0%2C%22adPlayer%22%3Anull%2C%22uuid%22%3A%224ff2e7a7-a791-11ec-aed4-e43d1a2a53a0%22%2C%22subId%22%3A0%2C%22sticky%22%3A0%2C%22viewable%22%3A0%2C%22tt%22%3A%22Referral%22%2C%22ts%22%3A%22telegram%22%7D&t=0&c=48428&h=_DBqIA2aw-DtZtrXJ0XoZ2_MHmXami5An1IhDh5Ltfw32R52ST_rn9bv_HGXLxK5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 14:31:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6ee6ea2e9bbe9bb9-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
mgPlayer_v2_sprite.svg
video-native.mgid.com/mgPlayer/img/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video-native.mgid.com/mgPlayer/img/mgPlayer_v2_sprite.svg
Requested by
Host: video-native.mgid.com
URL: https://video-native.mgid.com/mgPlayer/css/1.11/performance.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e59c0f735471d90ea02234c6d94ee8fb9033ddd50f3f6b50ecf238dba336b842

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video-native.mgid.com/mgPlayer/css/1.11/performance.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc32
date
Sat, 19 Mar 2022 14:31:58 GMT
content-encoding
gzip
last-modified
Wed, 07 Jul 2021 14:37:30 GMT
server
nginx
etag
"c1c-5c6897a74212b-gzip"
vary
Accept-Encoding
x-cached-since
2022-03-04T20:36:07+00:00
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
1154
expires
Sat, 04 Mar 2023 20:36:07 GMT
landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.jpg
mcd.ex.co/video/upload/so_4/v1490095101/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcd.ex.co/video/upload/so_4/v1490095101/landscape21549519-b2a1-412c-b650-b1b8ec7f270e_1608312733579.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.104.52.26 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-104-52-26.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
1bca4a705ef93f6b9bafd53dc72d65bf27043528bf4b6a3ca1221e106199dcfb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 19 Mar 2022 14:31:58 GMT
Cache-Tag
299890703640246977373298896385374012786,500985839247587350039760902055362878337,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
37027
X-Served-By
cache-wdc5534-WDC
Last-Modified
Wed, 26 May 2021 08:05:18 GMT
Server
cloudinary
X-Timer
S1647338313.350511,VS0,VE47
ETag
"2732577eca40b841e4df6e310613968a"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31195506
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
SPug
simage4.pubmatic.com/AdServer/ Frame C988 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158901&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:31:58 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=resistthemainstream.org&rs=resistthemainstream.org&sid=10947&t=1647700311&cip=185.213.155.164&sn=&tgt=0&osv=10&bv=99.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1647700311369-970019729674-006807-000-007304&cha=0.7&stagid=&stplid=&d35=&d36=6.2.6&cb=44416157044&cd4=a01c5e37-e242-4242-8e07-30f1543b053a&cd5=default&cd1=4.136.2&d9=1000&d37=realtime&AV_WIDTH=679&AV_HEIGHT=383
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.69.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-69-20.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 19 Mar 2022 14:31:59 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=resistthemainstream.org&rs=resistthemainstream.org&sid=10947&t=1647700311&cip=185.213.155.164&sn=&tgt=0&osv=10&bv=99.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1647700311369-970019729674-006807-000-007304&cha=0.7&stagid=&stplid=&d35=&d36=6.2.6&cb=44416157044&cd4=a01c5e37-e242-4242-8e07-30f1543b053a&cd5=default&cd1=4.136.2&d9=1000&d37=realtime&AV_WIDTH=679&AV_HEIGHT=383&nid=56ea678d181f46c76f8b45fb&ncid=6187a5a49268ad27da7716d8&e=request&cb=1647700320296&asid=5fbe5add3443ef680f0480d7%2C60ebfe94ebe867570438e997%2C5e1b272e28a06142643c20cd%2C6187a5a23223786bb66bb49e%2C604e0bb1f199b154cc115338%2C60c60c3b1731ed2b383f0908%2C5c5a9a6228a0617b9619af99%2C60ebfe86a4a7792110515aa4%2C6187a5a2f2ea41121e3cbd26%2C6187a5a2beecd3492774a80b&ofpr=%2C%2C2.25%2C%2C2%2C%2C2%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.241.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-241-167.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:32:00 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
vast2
tag.targeting.unrulymedia.com/rmp/216513/0/ 		168 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/216513/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&w=679&h=383&cbb=7700320294
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 14:32:00 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://resistthemainstream.org
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
vast2
tag.targeting.unrulymedia.com/rmp/234705/0/ 		168 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/234705/0/vast2?adtype=video&compMode=and&dim=101&vastfw=vpaid&z=1r&url=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&w=679&h=383&cbb=7700320296
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 14:32:00 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://resistthemainstream.org
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.111.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-111-41.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e526629498fd0346097685edb47433f590f0b26647ca359eb111cf0f6dd44fe7

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 14:32:00 GMT
content-encoding
gzip
x-prebid
pbs-java/1.84.0
content-type
application/json
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		187 B
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.111.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-111-41.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e222a2eda8e63edd686ca417a1a32504ffcd5d74fcaa062a641795ed2b33616f

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Mar 2022 14:32:00 GMT
content-encoding
gzip
x-prebid
pbs-java/1.84.0
content-type
application/json
access-control-allow-origin
https://resistthemainstream.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
expires
0
mvo
tag.1rx.io/rmp/203144/0/ 		0
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/203144/0/mvo?z=1r&hbv=6.11,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://resistthemainstream.org
pragma
no-cache
date
Sat, 19 Mar 2022 14:32:00 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=resistthemainstream.org&rs=resistthemainstream.org&sid=10947&t=1647700311&cip=185.213.155.164&sn=&tgt=0&osv=10&bv=99.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1647700311369-970019729674-006807-000-007304&cha=0.7&stagid=&stplid=&d35=&d36=6.2.6&cb=44416157044&cd4=a01c5e37-e242-4242-8e07-30f1543b053a&cd5=default&cd1=4.136.2&d9=1000&d37=realtime&AV_WIDTH=679&AV_HEIGHT=383&nid=56ea678d181f46c76f8b45fb&ncid=6187a5a49268ad27da7716d8&e=bid&cb=1647700320390&asid=60ebfe94ebe867570438e997%2C6187a5a23223786bb66bb49e%2C60ebfe86a4a7792110515aa4%2C6187a5a2f2ea41121e3cbd26%2C6187a5a2beecd3492774a80b&ofpr=%2C%2C%2C%2C&fpo=%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.241.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-241-167.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:32:00 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
bridge3.505.0_en.html
imasdk.googleapis.com/js/core/ Frame E0F3 		590 KB
192 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
196644
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 16 Mar 2022 20:13:15 GMT
expires
Thu, 16 Mar 2023 20:13:15 GMT
cache-control
public, max-age=31536000
last-modified
Wed, 16 Mar 2022 20:06:38 GMT
content-type
text/html
age
238725
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.com/adsid/ Frame 197B 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=resistthemainstream.org
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 19 Mar 2022 14:32:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E8E6 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 13:34:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3427
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 19 Mar 2022 14:34:53 GMT
bridge3.505.0_en.html
imasdk.googleapis.com/js/core/ Frame E9EB 		590 KB
192 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
196644
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 16 Mar 2022 20:13:15 GMT
expires
Thu, 16 Mar 2023 20:13:15 GMT
cache-control
public, max-age=31536000
last-modified
Wed, 16 Mar 2022 20:06:38 GMT
content-type
text/html
age
238725
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.505.0_en.html
imasdk.googleapis.com/js/core/ Frame C8A2 		590 KB
192 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
196644
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 16 Mar 2022 20:13:15 GMT
expires
Thu, 16 Mar 2023 20:13:15 GMT
cache-control
public, max-age=31536000
last-modified
Wed, 16 Mar 2022 20:06:38 GMT
content-type
text/html
age
238725
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.505.0_en.html
imasdk.googleapis.com/js/core/ Frame 4614 		590 KB
192 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
196644
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 16 Mar 2022 20:13:15 GMT
expires
Thu, 16 Mar 2023 20:13:15 GMT
cache-control
public, max-age=31536000
last-modified
Wed, 16 Mar 2022 20:06:38 GMT
content-type
text/html
age
238725
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.505.0_en.html
imasdk.googleapis.com/js/core/ Frame DD8A 		590 KB
192 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
196644
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 16 Mar 2022 20:13:15 GMT
expires
Thu, 16 Mar 2023 20:13:15 GMT
cache-control
public, max-age=31536000
last-modified
Wed, 16 Mar 2022 20:06:38 GMT
content-type
text/html
age
238725
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame DF1E 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 13:34:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3427
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 19 Mar 2022 14:34:53 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 505A 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 13:34:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3427
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 19 Mar 2022 14:34:53 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4032 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 13:34:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3427
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 19 Mar 2022 14:34:53 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9605 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 13:34:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3427
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 19 Mar 2022 14:34:53 GMT
track
atrack.avplayer.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M18&cb=1647700320540&cid=6187a5a49268ad27da7716d8&VERSION=4.136.2&AV_PAGE_LOAD_UID=a01c5e37-e242-4242-8e07-30f1543b053a&AV_CDIM4=a01c5e37-e242-4242-8e07-30f1543b053a&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.241.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-241-167.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://resistthemainstream.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:32:00 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ads
pubads.g.doubleclick.net/gampad/ Frame E0F3 		2 KB
909 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2C22431668266%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_resistthemainstream.org_3&sz=400x300%7C640x400%7C640x480&description_url=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&cust_params=publisher_name%3Dresistthemainstream.org&env=vp&correlator=4401113983979342&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&max_ad_duration=35000&vid_t=How%20to%20Protect%20Your%20Phone%20in%20Cold%20Weather&vid_d=43&vid_kw=monochrome%20photography%2Cfinger%2Cjohns%20hopkins%20university%2Csmartphone%2Ckyrgyzstan%2Cportable%20communications%20device%2Cmonochrome%2Cdisplay%20device%2Cmobile%20device%2Cmobile%20phone&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=3721417804&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=8242D48F-23A0-49E9-B893-F3BC2CA7A7B7&nel=0&eid=44737475%2C44754420%2C44758374&top=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&url=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&dt=1647700320943&cookie_enabled=1&scor=2300247482427730&ged=ve4_td11_tt7_pd11_la11000_er4048.321.4200.621_vi0.0.1200.1600_vp0_ts6_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
23162c5d4fa60c51de8ddf27d95a63aea46726050bd1b3960b63853913369201
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:32:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame E9EB 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_3&description_url=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1377607473850292&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=2179158817&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=8242D48F-23A0-49E9-B893-F3BC2CA7A7B7&nel=0&eid=44737475%2C44754420%2C44758374&top=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&url=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&dt=1647700320948&cookie_enabled=1&scor=1046885979302210&ged=ve4_td11_tt7_pd11_la11000_er4048.321.4200.621_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:32:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame C8A2 		2 KB
910 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2C22431668266%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_resistthemainstream.org_9&sz=400x300%7C640x400%7C640x480&description_url=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&cust_params=publisher_name%3Dresistthemainstream.org&env=vp&correlator=785933377253535&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&max_ad_duration=35000&vid_t=How%20to%20Protect%20Your%20Phone%20in%20Cold%20Weather&vid_d=43&vid_kw=monochrome%20photography%2Cfinger%2Cjohns%20hopkins%20university%2Csmartphone%2Ckyrgyzstan%2Cportable%20communications%20device%2Cmonochrome%2Cdisplay%20device%2Cmobile%20device%2Cmobile%20phone&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=1166742729&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=8242D48F-23A0-49E9-B893-F3BC2CA7A7B7&nel=0&eid=44737475%2C44754420%2C44758374&top=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&url=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&dt=1647700320953&cookie_enabled=1&scor=4169732383191724&ged=ve4_td11_tt7_pd11_la11000_er4048.321.4200.621_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
1bcb14619776642deab0f111ef49ea131cbe8dd9e1d097d85d52f655e14ab19a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:32:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
883
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 4614 		2 KB
910 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2C22431668266%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_resistthemainstream.org_5&sz=400x300%7C640x400%7C640x480&description_url=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&cust_params=publisher_name%3Dresistthemainstream.org&env=vp&correlator=1077379099807402&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&max_ad_duration=35000&vid_t=How%20to%20Protect%20Your%20Phone%20in%20Cold%20Weather&vid_d=43&vid_kw=monochrome%20photography%2Cfinger%2Cjohns%20hopkins%20university%2Csmartphone%2Ckyrgyzstan%2Cportable%20communications%20device%2Cmonochrome%2Cdisplay%20device%2Cmobile%20device%2Cmobile%20phone&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=2758553450&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=8242D48F-23A0-49E9-B893-F3BC2CA7A7B7&nel=0&eid=44737475%2C44754420%2C44758374&top=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&url=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&dt=1647700320956&cookie_enabled=1&scor=3840532489145278&ged=ve4_td11_tt7_pd11_la11000_er4048.321.4200.621_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
1fac56887cef3c3f087e04eb12bd07f6ceff07e68e2b460930a2b01eafba7540
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:32:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
883
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame DD8A 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_450&description_url=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3665577841207550&sdkv=h.3.505.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=2376058707&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.505.0&sid=8242D48F-23A0-49E9-B893-F3BC2CA7A7B7&nel=0&eid=44737475%2C44754420%2C44758374&top=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&url=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&dt=1647700320962&cookie_enabled=1&scor=210410553893927&ged=ve4_td11_tt7_pd11_la11000_er4048.321.4200.621_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:32:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=resistthemainstream.org&rs=resistthemainstream.org&sid=10947&t=1647700311&cip=185.213.155.164&sn=&tgt=0&osv=10&bv=99.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1647700311369-970019729674-006807-000-007304&cha=0.7&stagid=&stplid=&d35=&d36=6.2.6&cb=44416157044&cd4=a01c5e37-e242-4242-8e07-30f1543b053a&cd5=default&cd1=4.136.2&d9=1000&d37=realtime&AV_WIDTH=679&AV_HEIGHT=383
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.197.69.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-197-69-20.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://resistthemainstream.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 19 Mar 2022 14:32:01 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ads
pubads.g.doubleclick.net/gampad/ Frame E0F3 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F94166617%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_resistthemainstream.org_3&sz=400x300%7C640x400%7C640x480&cust_params=publisher_name%3Dresistthemainstream.org&url=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1181461&min_ad_duration=0&max_ad_duration=30000&ppos=1&lip=true&sid=8242D48F-23A0-49E9-B893-F3BC2CA7A7B7&adk=3721417804&cookie_enabled=1&correlator=4401113983979342&dt=1647700321063&ged=ve4_td11_tt7_pd11_la11000_er4048.321.4431.1000_vi0.0.1200.1600_vp0_ts0_eb16491&is_amp=0&npa=false&omid_p=Google1%2Fh.3.505.0&osd=2&scor=2300247482427730&sdk_apis=2%2C7%2C8&top=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&vis=1&u_so=l&eid=44737475%2C44754420%2C44758374&hl=en&frm=0&sdki=44d&sdkv=h.3.505.0&sdr=1&vid_d=43&nel=0&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&cnc=22431668266&kfa=0&tfcd=0&ctv=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:32:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame C8A2 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F94166617%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_resistthemainstream.org_9&sz=400x300%7C640x400%7C640x480&cust_params=publisher_name%3Dresistthemainstream.org&url=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1181461&min_ad_duration=0&max_ad_duration=30000&ppos=1&lip=true&sid=8242D48F-23A0-49E9-B893-F3BC2CA7A7B7&adk=1166742729&cookie_enabled=1&correlator=785933377253535&dt=1647700321493&ged=ve4_td11_tt7_pd11_la11000_er4048.321.4431.1000_vi0.0.1200.1600_vp0_ts0_eb16491&is_amp=0&npa=false&omid_p=Google1%2Fh.3.505.0&osd=2&scor=4169732383191724&sdk_apis=2%2C7%2C8&top=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&vis=1&u_so=l&eid=44737475%2C44754420%2C44758374&hl=en&frm=0&sdki=44d&sdkv=h.3.505.0&sdr=1&vid_d=43&nel=0&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&cnc=22431668266&kfa=0&tfcd=0&ctv=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:32:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 4614 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F94166617%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_resistthemainstream.org_5&sz=400x300%7C640x400%7C640x480&cust_params=publisher_name%3Dresistthemainstream.org&url=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1181461&min_ad_duration=0&max_ad_duration=30000&ppos=1&lip=true&sid=8242D48F-23A0-49E9-B893-F3BC2CA7A7B7&adk=2758553450&cookie_enabled=1&correlator=1077379099807402&dt=1647700321818&ged=ve4_td12_tt8_pd12_la12000_er4048.321.4431.1000_vi0.0.1200.1600_vp0_ts1_eb16491&is_amp=0&npa=false&omid_p=Google1%2Fh.3.505.0&osd=2&scor=3840532489145278&sdk_apis=2%2C7%2C8&top=https%3A%2F%2Fresistthemainstream.org%2Fplan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years%2F%3Futm_source%3Dtelegram&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&vis=1&u_so=l&eid=44737475%2C44754420%2C44758374&hl=en&frm=0&sdki=44d&sdkv=h.3.505.0&sdr=1&vid_d=43&nel=0&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&cnc=22431668266&kfa=0&tfcd=0&ctv=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.505.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 14:32:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.viglink.com
URL
https://api.viglink.com/api/ping

Verdicts & Comments Add Verdict or Comment

198 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 function| structuredClone object| oncontextlost object| oncontextrestored function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI function| vglnk function| gtag object| dataLayer object| OneSignal string| jnews_ajax_url function| _0x5c17bc function| _0x1c00 function| _0x30ff object| jnews object| jnewsDataStorage object| _wpemojiSettings object| google_tag_manager object| google_tag_data object| gaGlobal function| admiral object| googletag object| PDFObject undefined| $ function| jQuery object| ldAdInit object| jnews_module_54375_0_6235e82685d59 number| HYVOR_TALK_WEBSITE object| HYVOR_TALK_CONFIG object| jnews_module_54375_1_6235e82692210 object| jfla boolean| jQueryScriptOutputted function| initJQuery string| HYVOR_TALK_DOMAIN object| __twttrll object| twttr object| __twttr object| hyvorTalkCommentCount boolean| __v5k function| vl_cB function| vl_disable function| vglnk_16477003089046 function| vglnk_16477003089057 object| _ldAdIdMap object| _mgIntExchangeNews object| MarketGidInfC1156929 function| MarketGidCContextBlock1156929 function| MarketGidCMainBlock1156929 function| MarketGidCInternalExchangeBlock1156929 function| MarketGidCRejectBlock1156929 function| MarketGidCInternalExchangeLoggerBlock1156929 function| MarketGidCObserverBlock1156929 function| MarketGidCSendDimensionsBlock1156929 function| MarketGidCRtbBlock1156929 function| MarketGidCDiscountBlock1156929 function| MarketGidCContentPreviewBlock1156929 boolean| mg_loaded_720235_1156929 object| MarketGidInfC1149360 function| MarketGidCContextBlock1149360 function| MarketGidCMainBlock1149360 function| MarketGidCInternalExchangeBlock1149360 function| MarketGidCRejectBlock1149360 function| MarketGidCInternalExchangeLoggerBlock1149360 function| MarketGidCObserverBlock1149360 function| MarketGidCSendDimensionsBlock1149360 function| MarketGidCRtbBlock1149360 function| MarketGidCContentPreviewBlock1149360 function| MarketGidCResponsiveBlock1149360 boolean| mg_loaded_720235_1149360 object| MarketGidInfC1261872 function| MarketGidCContextBlock1261872 function| MarketGidCMainBlock1261872 function| MarketGidCInternalExchangeBlock1261872 function| MarketGidCRejectBlock1261872 function| MarketGidCInternalExchangeLoggerBlock1261872 function| MarketGidCObserverBlock1261872 function| MarketGidCSendDimensionsBlock1261872 function| MarketGidCRtbBlock1261872 function| MarketGidCDiscountBlock1261872 function| MarketGidCContentPreviewBlock1261872 boolean| mg_loaded_720235_1261872 function| 4dm1r11545242527 object| onClickExcludes function| mgReject1156929 function| mgLoadAds1156929_0787b function| MarketGidCReject1156929 function| MarketGidLoadGoods1156929_0787b function| mgReject1225368 function| mgLoadAds1225368_0787b function| MarketGidCReject1225368 function| MarketGidLoadGoods1225368_0787b object| _mgq function| _mgqp number| _mgqt number| _mgqi object| addComment function| EvEmitter function| imagesLoaded object| jnewsoption object| twemoji object| wp string| _mgCanonicalUri boolean| _mgPageViewEndPoint720235 string| _mgPvid function| mgReject1149360 function| mgLoadAds1149360_14d45 function| MarketGidCReject1149360 function| MarketGidLoadGoods1149360_14d45 function| mgReject1261872 function| mgLoadAds1261872_13544 function| MarketGidCReject1261872 function| MarketGidLoadGoods1261872_13544 boolean| MarketGidCSvsdsFlag boolean| _mgPageView720235 boolean| i.js.loaded boolean| i-noref.js.loaded object| lazySizesConfig object| lazySizes function| Waypoint object| html5 object| Modernizr object| tve_dash_front object| TVE_Dash object| jnews_select_share boolean| wpquads_adblocker_check boolean| wpquads_adblocker_check_2 object| tcb_post_lists object| TL_Const object| rtm object| omapi_data object| udm_ads_queue boolean| udm_edge_init object| _qoptions object| _qevents function| onYouTubeIframeAPIReady number| progressTimer function| quantserve function| __qc object| ezt function| qtrack function| OptinMonsterApp boolean| om_loaded function| udm_r3Chunk object| udm_r3 object| _pbjsGlobals function| endedHandler function| udm_process_ads_queue function| delete_udm_edge function| reload_udm_edge object| udmRenderRates function| _mgLib1_11_87 function| _mgwqp object| udmCompiledBlockedCreativeIds object| udmDefinedBlockedCreativeIds object| com object| STREAM_CONFIGS string| STREAM_ID string| __EXCO_INTEGRATION_TYPE function| _avcp object| regeneratorRuntime object| __EXCO string| pbPageIdentifier object| admrlWpJsonP function| Hls function| av_sciv_hndlr1647700311049 object| storageAni number| google_global_correlator object| closure_lm_906445

40 Cookies

Domain/Path Name / Value
resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years Name: quads_browser_width
Value: 1600
resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years Name: exco-uid
Value: a7ac8916hmjanhgn
.mgid.com/ Name: __cf_bm
Value: XHhk7rj5nxgOOAxsWqWzUQNg2nUSf8mv91.Nm2.ydTY-1647700308-0-AUMygN9zDozvwkw3/dVTiU/5VODe1aYXV9AevXlLATlt5cTtowvH3/BDikWCpr5V4ynTVWPRygL3MKB1MFw4+7M=
.resistthemainstream.org/ Name: _ga
Value: GA1.2.1375555129.1647700308
.resistthemainstream.org/ Name: _gid
Value: GA1.2.182817348.1647700309
.resistthemainstream.org/ Name: _gat
Value: 1
servicer.mgid.com/ Name: __mglb
Value: ed02bb11b748a9279413c1eb8e47c448
.mgid.com/ Name: muidn
Value: m2jNiedI4Sv7
.udmserve.net/ Name: dt
Value: ADA30483-BE9C-369B-8197-7C5276F8CFC3
.resistthemainstream.org/ Name: paywall_product
Value: false
resistthemainstream.org/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%7D%2C%22C1156929%22%3A%7B%22page%22%3A1%2C%22time%22%3A1647700309804%7D%2C%22C1149360%22%3A%7B%22page%22%3A1%2C%22time%22%3A1647700309602%7D%2C%22C1261872%22%3A%7B%22page%22%3A1%7D%7D
.adnxs.com/ Name: uuid2
Value: 2327348148020347933
resistthemainstream.org/ Name: udmsrc
Value: %7B%22utm_source%22%3A%22telegram%22%7D
.quantserve.com/ Name: mc
Value: 6235e956-062df-1fa36-d9720
.resistthemainstream.org/ Name: __qca
Value: P0-788393580-1647700310015
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.udmserve.net/ Name: apnid
Value: 2327348148020347933
.resistthemainstream.org/ Name: _admrla
Value: 2.2-7720749ae9e094ea-507c88ed-a791-11ec-8a4e-8d8bab9234e6
.pubmatic.com/ Name: SyncRTB3
Value: 1648857600%3A220
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 67DA5D40-DD76-47DF-B14E-27517FE96498
.doubleclick.net/ Name: IDE
Value: AHWqTUlSLesMMBrUTuCDX2ibSWYr4ZjY5GC077jXVP_JnWEmnKqFRIcXOZbdoTD3J0M
.pubmatic.com/ Name: PUBMDCID
Value: 3
.resistthemainstream.org/ Name: _awl
Value: 2.1647700311.0.5-41a65b4a1c6dc932caf53855c21257bf-6763652d6575726f70652d7765737431-0
.aniview.com/ Name: aniC
Value: 1647700311369-970019729674-006807-000-007304
.pubmatic.com/ Name: pi
Value: 156505:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
resistthemainstream.org/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.casalemedia.com/ Name: CMID
Value: YjXpV2LU7V7YMkcDy3QF8AAA
.casalemedia.com/ Name: CMPS
Value: 3269
.casalemedia.com/ Name: CMPRO
Value: 1185
.casalemedia.com/ Name: CMST
Value: YjXpV2I16VcA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAPvFyGtoZmJubmBgbGhobmwGAM8hxo0QAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0MTI2NjM3MjAwMDU2BNJmQnyGulmpxS5BeRaeiaVB6QA4EucHJQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0MTI2NjM3MjAwMDU2BNJmQnyGulmpxS5BeRaeiaVB6VK8hmYm5uYGBsaGhubGZgAEMZB4NAAAAA
.casalemedia.com/ Name: CMRUM3
Value: 2d6235e9572760CAESELmvFSVPisJD8JHvOaCWurw&9c6235e95705a00&f16235e95705a0&e66235e9572760&276235e9570b40&396235e95705a0&da6235e9572760
.aniview.com/ Name: 2_C_42
Value: YjXpV2LU7V7YMkcDy3QF8AAA&1185
sync.aniview.com/ Name: 2_C_42
Value: YjXpV2LU7V7YMkcDy3QF8AAA&1185
.udmserve.net/ Name: udmts
Value: 1647700312.0
.udmserve.net/ Name: pmid
Value: 67DA5D40-DD76-47DF-B14E-27517FE96498
.resistthemainstream.org/ Name: _ga_MHSJPPB6JE
Value: GS1.1.1647700307.1.0.1647700312.0

3 Console Messages

Source Level URL
Text
javascript error URL: https://resistthemainstream.org/plan-to-re-open-the-capitol-revealed-after-being-closed-for-two-years/?utm_source=telegram
Message:
Access to XMLHttpRequest at 'https://api.viglink.com/api/ping' from origin 'https://resistthemainstream.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.viglink.com/api/ping
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.omappapi.com
a.tribalfusion.com
a.volvelle.tech
ad.turn.com
ad4m.at
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
ap.lijit.com
api.viglink.com
atrack.avplayer.com
bh.contextweb.com
bid.underdog.media
bttrack.com
c.mgid.com
c1.adform.net
cdn.mgid.com
cdn.syndication.twimg.com
cdn.viglink.com
cdn1.decide.dev
cdn2.lockerdomecdn.com
cm.adgrx.com
cm.g.doubleclick.net
cm.mgid.com
core.iprom.net
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fearlessfaucet.com
fonts.googleapis.com
fonts.gstatic.com
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
jsc.mgid.com
lockerdome.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
matching.truffle.bid
mcd.ex.co
mwzeom.zeotap.com
p.rfihub.com
p.skimresources.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
platform.twitter.com
player.aniview.com
player.avplayer.com
player.ex.co
pr-bh.ybp.yahoo.com
prd-collector-anon.ex.co
prebid-server.rubiconproject.com
premiumsrv.aniview.com
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
r.skimresources.com
resistthemainstream.org
rtb-csync.smartadserver.com
rtb.gumgum.com
rules.quantcount.com
s-img.mgid.com
s.amazon-adsystem.com
s.skimresources.com
s.tribalfusion.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
servicer.mgid.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssum.casalemedia.com
static.adsafeprotected.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.aniview.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
syndication.twitter.com
t.skimresources.com
tag.1rx.io
tag.targeting.unrulymedia.com
talk.hyvor.com
token.rubiconproject.com
track1.aniview.com
trc.taboola.com
udmserve.net
um.simpli.fi
ups.analytics.yahoo.com
video-native.mgid.com
www.google-analytics.com
www.googletagmanager.com
x.bidswitch.net
api.viglink.com
103.229.206.240
104.102.29.65
104.104.52.26
104.108.144.214
104.109.78.125
104.154.142.214
104.19.134.78
104.19.135.78
104.244.42.8
142.250.184.226
142.250.185.226
150.136.156.92
151.101.129.44
151.101.130.49
151.101.66.132
151.139.128.11
169.50.137.182
178.250.2.151
178.62.202.251
18.156.0.31
18.185.196.75
185.152.64.17
185.183.112.155
185.33.221.15
185.33.221.53
185.64.189.110
185.64.189.112
185.64.190.80
185.64.190.81
185.86.139.114
192.132.33.46
192.82.242.208
193.0.160.128
195.5.165.20
198.148.27.140
198.47.127.19
2.19.35.65
2001:678:cb4:bbbb::11
209.54.177.54
213.155.156.180
213.19.147.43
213.19.147.45
23.88.75.187
2600:9000:2156:1e00:9:d7ff:bd00:93a1
2600:9000:2156:3e00:5:c4ab:c3c0:93a1
2600:9000:2156:b600:6:44e3:f8c0:93a1
2600:9000:2156:d000:8:48e:53c0:93a1
2600:9000:2156:f200:a:cbb7:a940:93a1
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6816:1957
2606:4700:20::681a:256
2606:4700:20::681a:891
2606:4700:20::681a:bd1
2606:4700::6810:a10d
2606:4700::6812:c05
2620:116:800d:21:ee05:6a01:4b41:8c89
2a00:1450:4001:800::2006
2a00:1450:4001:808::2008
2a00:1450:4001:80e::200a
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82b::200a
2a00:1450:400c:c00::9d
2a02:26f0:6c00:2ab::2c79
2a02:26f0:6c00::210:bb91
2a02:fa8:8806:12::1400
2a03:90c0:41:2801::254
2a04:4e42::300
2a05:d018:d29:3602:1ccc:1602:f60c:87b8
3.212.101.249
3.33.220.150
3.67.111.41
34.102.253.54
35.190.59.101
35.190.62.199
35.190.91.160
35.201.67.47
35.210.178.101
37.157.4.28
44.197.69.20
5.161.54.172
51.195.5.231
51.210.112.236
52.31.32.190
52.31.89.136
52.6.241.167
52.71.178.197
54.175.165.141
54.87.78.200
63.32.228.167
66.155.71.149
68.71.249.118
69.173.144.165
69.173.151.100
72.251.245.179
72.251.249.14
8.28.7.84
85.114.159.93
032748afc697ad6c81591cf5304a1395a1045dff8604fdfeaaa06d8365ea92bf
04481253fc5a43fc96bca1ba82cb9747a6fc7be634cb609bbaff26bee1022f5f
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336
07b28c082dd42dd5f74447cf4d9351338f6c1e81984a42989fe3978d699af694
0a5377eb8e83be2ee2593492f90bebbd34724ec051ef4e5332b9d4d4ea0195cf
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f109a1c51496fb3a941944e895c9eb64311bbd9e356018796933e568824cff2
10d10d857f0b9ee4649d0b0531ea87e1527a0dbbc3f3647cebfcd922c6c37ba5
10e7a75cc8d0554fe6b4c85110fbc6c7b89cc36acd5dfc460ceb02cc23627790
1152d50e9f5854ed80eb9fb9e56e1db92d3c2164d15e867593347c675c4885aa
131c437397cd4ee2123047ad2be0b556fc702ce15f7c3cd8a5fe2400bf4f769a
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
15bd07d469bbe71b547f41bade4956f8e2ee591240fed171cdee7bead7a11027
16a318c490048a4287abdc72e1254aba85d3501e8d4132c13b1441e10c2302fe
171b2560bfb2a27b4387a2f3c5b2454535409c0c15b6bcb084f5327ed0db2188
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed
1bca4a705ef93f6b9bafd53dc72d65bf27043528bf4b6a3ca1221e106199dcfb
1bcb14619776642deab0f111ef49ea131cbe8dd9e1d097d85d52f655e14ab19a
1ed4734791777f57d36844df1561b04ad78e578722c5a8ce9bc6c527efbeebbf
1fac56887cef3c3f087e04eb12bd07f6ceff07e68e2b460930a2b01eafba7540
20d39c4e213e747dee4aa55bf503a5eff52c1d294ac947a97742c25fae160730
215667f9e3ec661991bab882d051bde245e642548a5b25b7a8500a67c28dcf50
23162c5d4fa60c51de8ddf27d95a63aea46726050bd1b3960b63853913369201
241681b101eb2199fb6eec6d98b077310ae29cffdd85a0f6638e6cd9500bd9bb
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
285489efae847a15226d6c6e35a17a7ea953985b6cdd7803c6b8fba0c20ee7d2
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ecad403abe6094919937758649c7fe968b8339a0b958e232acab55ca87ef02b
3093b0c5dc79ef06886e2ddd238e466e2b43d35e5aeca027ae47f6c4fe003451
31a2b87637211d065cc2722c6ce0a173c4defdbaa4ff7b8144ff6902457aa017
320f9c10b94c5fd531ca60c0fae62fbb1fa70712e1a9caf5d8f37a3a79d3e7ca
3512fea879d5aa1860ff835641ac4dc5f8b9182d6f27816f95260a4d210de922
354dd855e6c947e71c9b7618e4b7aa6e13592aaf01e45b17c473b604c038cf30
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37bbba8ffbd30285300e9571b23cb5c32edfc7740811f95ca28a258112fa9400
3898ac66217dc0171824b3dcf84127506d9f2bd6dff092424035a7e203c50eec
38ad74927dffa428f88472c101c2d2f1fd943032ccdea08170ab2391c0f4c2a9
39693d4392ebd1c477d05019dac27f82b2a6feabdd96a0aac472ac1284ea1329
3bdbb60dabb0ff07219b1ce86d9d59f9d49a1bb412ec7a2a6566c4f9afd32286
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f3857cb96afb4e61933c6d49b2194beb393d5072cd0bcdf1bc8def1fcfdaea8
3fd866705913987f41eae0cd3122f984656896b60daf4385f99ed0e356978e33
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
438516fa8162e51e80edee405e616a604df367fb55c5a672be5c9a40f2db651c
46d6f9ea0f21c418991891eb13b8e73d8340d795b0b0cae6bb6ef1fe4ab1a299
4714d22cc612d556d4bd3809a0bd3c4a3f76ae00c20ae9a6430323b37715d715
486bcf8532c028937fb68a57bcf22a6e0862c8e1ab157ea639979d0f7ea9b74d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b0e239f2f18ddf7e06dc64e60e3c8507180e2f8f23a7b7baebf5d5c9048efc5
4c51ec235361ffe2bec8239a632f104d53aaeedae0cd8fa6eba949f193698590
4da1c4f9b122553bed33f4ada4915dca3f4109a589d79b327ee4dd226d78a1fe
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
50fd1b0192e22f68957f2f557255fc06d698bfd8bfa8e168596f443e5b5831f3
536886986ff7dd4a2cc4ceee9e5a286cd4fa8346573a8b7564cc1293ba5ba43e
536bb1cf7e5e542325a3d7fbcd156fa3c495c47550b7709bd1962b02af0b3188
565b9076d7629a85fcd1ea6c5c0b2af1bf01c93777f0d6ef0c11fbacaa8e79b6
577b14e66de3298bc80a169b516aa722aff525c8ee54a73fa8f2212560c6a645
57b7f2b2bcdd983268775ebc6ee71d208510b285d79dd058f2717248079c59d1
5bf7378bca4930ee4e9fb8ab093c16ab60489c74376390de855b71d0c706ea57
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
624bb529d39e9f16e1be8aaeb07645c36c9a44f32ed2cb8f48e08657b076e68c
62e15c717c858b539583d56df60087d0f0851a69480f52e5637a50fd60d1e53e
655564f3a2be989067e2cb2c6bc9995a55ae13ec9cc0d0c3dc128961faad15e9
67c07c0e4ec4c5d0bc7e227dbe689dd03035b4cb0f8394574e1b6740af383461
67ebf650147a9122e94ff1b25a78a82e903b92b877821c1479de69f00f59d429
6927db6c60ce2347977462f4d52edadddd2b4bada30746381a4197f4601c987b
693c1fc05326e4380777179beeb3c1487c75efb8c83fc995a3a8d8c7c756885f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f46e1e92fc6efecd0baf71ebccbc80c1753a2ab813ba37624b90e96325b54bc
6fe753ed066811d0f3f5cd833bca8f539641b96e5b69a07e3297557769be22c0
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
71009aa13da8c6f0432a2bc73e476fe2d8b1a117e719d8214008c9a26090f7aa
71a1935b3ad6191ba5bc69f86429029d95d965b6c15dbb21943868ab0bbe8fc8
73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e
735ba0855a8e681e98e185111aae755c396d6c0f889c40947b6d758551075f6e
769968d586489050b97c345679dc9d6f2121a1c26c368c939ef6d0894a8025b0
76e0bd45add7e97d531583fc2c296ce699eeeccdebd54f2eaa0741aa00eb63c4
774a47a3274b099c44adc9b26b1dd0e70515553b36c9ae0e2012b9ec475fae5d
777ed778de6f8fc2f1d332610998bf45a8c9c4601ea0f96c91ec92052708f6f6
790ec30d324db549e4f6f3c493251e6e7d4337f0abb13c8e8873fff8b7b235fb
796cec06ffa8e443daa212746833ef3e0f04304e75edc1c3d213644bab554177
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
79a2dbf4e2eb66acd4700aae0f79c2c1ba5d226315fdee02649cb9c974fb583a
7a0280668b97265f29b47011937c02e67dd6018f7e4cf6694f6dc665d289b4ed
7dcc72730f201a750b2ea3381cdef5fabd046b7692b32fe7c43b3188100941f1
80e7ae17ac456d2b2cc8d8e5b0d34085903b49ba27050029d81938b8d3a9b5ce
82ab57a55e312cd05a7f6566942c70ed84845f383d7dd7a5b02a4b0e4a8a8f61
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846130dc6caff52dec180174ec1c779571d95270a360d56f1070ae411fe55dfa
854a441c2debc6a2b76c243d59d6b5b5de2271eeb3c504bb51cb2f05a6736f16
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a6e2d4bbbe4f00b6a81ab036c29d0471f1755d4bf48285c433ec79ad3c0b132
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9008e524d312aaa432d947d596ded351c2b2f668d067d0257463d67db9b88927
90dbd457fafa4a6773f9f7c83a7c25feb3ac139ee764cac153bf6f9f5612aa07
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
93bf0a1facee7ac7d79939d5e48e172080841b281de3d1a61463a7ba0fe5bbc9
96840d8bad80f92a013bab64796aa1a29ae6f08e8b5d519e25f37877098b391d
97f9639ee27e7951f93e6507ab9d203e2d003b72cfc06c6bcaffe3e8687bbc8d
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a76630aeb16240e83f630491860681c35ec807a778524dafd8841013388cdd7
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a25d016e53a4de88e9bd730605fedb4f909561b8941d875ca5cd746bb84d0987
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6a93c7976009eacd3cf47337bb7dc58b296dd975117c66b955896ea553c8c0e
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae63276d13de5376dd9d5d0dd2d330cb131ace6ab96008ddcad724acff553cea
af0c0c943bc1b57cb73f429a33eaf96c9bbd3cf4f5ae75b0dab2db289e828de0
b05ce4798b8e18bb0025144c59c1d1325d349d9844ce81705d9e3a16d8bca69e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b60deb0a2079173ef23e3525d66b6a0681b8305a2a699ae059c1f360bfbb882c
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b
bc871abfceed2f798929653305bcf0c2997c58d7f4f2e86afa881927900d2eb6
bdbf5949e75852c4765edd7c3e01863b61b9c03958baf6098343767bd9b891bb
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3d6f43856edb4773691473aba669b43e4b4a0caeae37d2f8fa19456f1b8adae
c41896ee7b4524bd50de896a3e2ead44700fad37e563805235b76a6621751c3e
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c5133e29e20238bb5e141f5311da5e3676a81672a61a5ad99abcdac7f3f85e32
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c7137a7356ab546f5553a51fa1a85e9eda2b23692689621443a089f683b95eec
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb95c23da853b70730bbdf5ed86d9d5866bc462f22a9b095d9aee824d10e0590
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd1cc14b59f5918e11725643ef36381b85cf569c6626fb4fdbe39c2eba9bdfe8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfbfb77a8ec93c492ddb23650915dc98fd562a4e7c1071dc18194f78933ff4d1
cfc33a6f458e2330b1cfe0aa817c2e6c5e4511204f285d032f9f5dca30e05946
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d56486ef3f954d30038a0b83610e2c7ff1e4e2422f8f76d72c5a7ad652d32f85
d7e420e0c7988b6c43e5748792096a2e865533f5b2ee905c4b5fc6eac7633cb9
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293
db720757cace02ecc1e88d824648d67676e1e25ce8a7cb00a65c7c5ba89e4661
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dddf32236809554a2b9015a25adf0484a5d60f547682a6d13631f15b3d247f07
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e222a2eda8e63edd686ca417a1a32504ffcd5d74fcaa062a641795ed2b33616f
e249689202d578760f311db8af1646c07100fa7fbcf73b82e229813efd14813a
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede
e2e60e9eae839d6b2e857c708f6d02ae6069141594b941a1590cd5c5435d42f4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992
e526629498fd0346097685edb47433f590f0b26647ca359eb111cf0f6dd44fe7
e59c0f735471d90ea02234c6d94ee8fb9033ddd50f3f6b50ecf238dba336b842
e7e32e5e847040d47488bb18845a0f48df86610553087c54e8acadeb81e08314
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecb03b6976832980c115d41b0627ad23d53d86bcb8c6e7135d86e2caddcc0062
ecbdc9f1e55d45f2d3bc54332fb50391b3a3bd543e8d8d74af48994d0a471aff
ed32cfad367c05510973eab6fa8177438819604f254c815680d91328cdf5ae32
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f277cc840da33f2e4731e6b3e5403d7bdcaa299304aa61452deb63e297a8523b
f4e0407d130a8433bf9f370c0a0a35b2fec21fb0fe29f31137e42556830ad204
f4f039602be2038e0926a327c4d74c12faa59101f87717ad7ea6f145a11c2401
f62e11b110b6233da7f94fc6715e2d026d3dd3cc22fa394623ba16c9316fa8f8
f6b352979b0153deb67020a332f179fb99a0822040de5e019af272c2920192b1
fb5011b47580532b2f4140243658824b83e672b9a1e7efc2bac24d0cee7973b0
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e
fc19d2f154f953b4c51b865cec0bb6aebd2e149ea59b98354c19f2cfe8759ad2
fc36001176809c54fe050368b70394598595dae41be3d65fcf4b940c2a6b8fed
fc9c3fcc4471623d464db7a4744808d67f44d3037866797a3fce2c046685c9bd
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
ffcca73fcf57a9104b8b1c23c45b32b01994b657acff47a8b8737a51b5049657