hotair.com Open in urlscan Pro
2606:4700::6812:1d31 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click1.hotairemail.com/lkdpmlydppwrmdpdrdmgyrfnnhrnndhyqqglcmwmmnnjzdj_bjclzfdgcgcypqgzqlcddd.html?a=9262b43ed2dfe90f7f...
Effective URL:
https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=ha...
Submission: On August 04 via api (August 4th 2022, 6:05:42 pm UTC) from US — Scanned from DE

Summary HTTP 157 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 60 IPs in 8 countries across 43 domains to perform 157 HTTP transactions. The main IP is 2606:4700::6812:1d31, located in United States and belongs to CLOUDFLARENET, US. The main domain is hotair.com. The Cisco Umbrella rank of the primary domain is 112969.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 21st 2022. Valid for: a year.

This is the only time hotair.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	74.214.203.11 74.214.203.11	14618 (AMAZON-AES) (AMAZON-AES)
9	2606:4700::68... 2606:4700::6812:1d31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:fa00:4:b8d7:18c0:21	16509 (AMAZON-02) (AMAZON-02)
4	65.9.71.118 65.9.71.118	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:d25	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	205.185.216.10 205.185.216.10	20446 (STACKPATH...) (STACKPATH-CDN)
4	205.185.216.42 205.185.216.42	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700:440... 2606:4700:440e::ac40:9c1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:350... 2a02:26f0:3500:16::215:148b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	34.95.69.49 34.95.69.49	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3030::6815:5476	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:205... 2600:9000:2057:6200:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
3	172.98.57.101 172.98.57.101	399647 (RUMBLE) (RUMBLE)
1	2606:4700::68... 2606:4700::6812:8ef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:132b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6811:b9b1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	52.72.58.170 52.72.58.170	14618 (AMAZON-AES) (AMAZON-AES)
2	18.200.116.66 18.200.116.66	16509 (AMAZON-02) (AMAZON-02)
3	63.35.106.166 63.35.106.166	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	99.86.4.6 99.86.4.6	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2602:803:c004... 2602:803:c004:200::143	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	216.52.2.19 216.52.2.19	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
13	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	143.204.215.111 143.204.215.111	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:6c0... 2a02:26f0:6c00:2bf::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:400c:c0b::9a	15169 (GOOGLE) (GOOGLE)
2	141.95.98.70 141.95.98.70	16276 (OVH) (OVH)
1 4	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
11	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6810:f015	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400e:80d::200a	15169 (GOOGLE) (GOOGLE)
2	147.75.85.120 147.75.85.120	54825 (PACKET) (PACKET)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
3	147.75.83.64 147.75.83.64	54825 (PACKET) (PACKET)
1	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	54.220.48.180 54.220.48.180	16509 (AMAZON-02) (AMAZON-02)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:b6b1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
157	60

1 74.214.203.11 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)

click1.hotairemail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6812:1d31 (United States)

ASN13335 (CLOUDFLARENET, US)

hotair.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:fa00:4:b8d7:18c0:21 (United States)

ASN16509 (AMAZON-02, US)

d60r6iww29z6r.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.71.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-118.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d25 (United States)

ASN13335 (CLOUDFLARENET, US)

townhall.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

cdn.townhall.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

media.townhall.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:5476 (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:6200:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.98.57.101 (Canada)

ASN399647 (RUMBLE, CA)

rumble.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:8ef (United States)

ASN13335 (CLOUDFLARENET, US)

twitchy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:132b (United States)

ASN13335 (CLOUDFLARENET, US)

pjmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:b9b1 (United States)

ASN13335 (CLOUDFLARENET, US)

experience.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-v3.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.72.58.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-58-170.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.200.116.66 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-116-66.eu-west-1.compute.amazonaws.com

tk.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 63.35.106.166 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-106-166.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-6.fra6.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2602:803:c004:200::143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.19 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.141 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-111.fra53.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00:2bf::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.98.70 (France)

ASN16276 (OVH, FR)
PTR: ns3216620.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

sp.rmbl.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:f015 (United States)

ASN13335 (CLOUDFLARENET, US)

c2.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:80d::200a (Ireland)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.85.120 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

api.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

63a97030d4209d9e379e7236e88f577e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.75.83.64 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

p1cluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
comcluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.220.48.180 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-48-180.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b6b1 (United States)

ASN13335 (CLOUDFLARENET, US)

auth.hotair.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 222 stats.g.doubleclick.net — Cisco Umbrella Rank: 118 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55	250 KB
14	townhall.com townhall.com — Cisco Umbrella Rank: 31609 cdn.townhall.com — Cisco Umbrella Rank: 78902 media.townhall.com — Cisco Umbrella Rank: 41080	373 KB
12	revcontent.com trends.revcontent.com — Cisco Umbrella Rank: 2367 cdn.revcontent.com — Cisco Umbrella Rank: 6611 img.revcontent.com — Cisco Umbrella Rank: 8379 images.revcontent.com — Cisco Umbrella Rank: 5856	295 KB
10	typekit.net use.typekit.net — Cisco Umbrella Rank: 566 p.typekit.net — Cisco Umbrella Rank: 677	320 KB
10	hotair.com hotair.com — Cisco Umbrella Rank: 112969 auth.hotair.com — Cisco Umbrella Rank: 158240	291 KB
9	cxense.com cdn.cxense.com — Cisco Umbrella Rank: 4600 api.cxense.com — Cisco Umbrella Rank: 6343 p1cluster.cxense.com — Cisco Umbrella Rank: 6831 comcluster.cxense.com — Cisco Umbrella Rank: 4401 id.cxense.com — Cisco Umbrella Rank: 8805	72 KB
8	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 528	9 KB
7	googlesyndication.com 63a97030d4209d9e379e7236e88f577e.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 124 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	116 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52 region1.google-analytics.com — Cisco Umbrella Rank: 2742	20 KB
6	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 323 tk.amazon-adsystem.com — Cisco Umbrella Rank: 36219	44 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 374	109 KB
5	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 10 adservice.google.com — Cisco Umbrella Rank: 98	1 KB
5	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 732 gum.criteo.com — Cisco Umbrella Rank: 401 mug.criteo.com — Cisco Umbrella Rank: 2755	1 KB
5	tinypass.com experience.tinypass.com — Cisco Umbrella Rank: 6904 cdn.tinypass.com — Cisco Umbrella Rank: 5198 buy.tinypass.com — Cisco Umbrella Rank: 4075 id.tinypass.com — Cisco Umbrella Rank: 12807 api-v3.tinypass.com — Cisco Umbrella Rank: 15522	92 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5596 adservice.google.de — Cisco Umbrella Rank: 8117	1 KB
3	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1443 id5-sync.com — Cisco Umbrella Rank: 541	14 KB
3	rumble.com rumble.com — Cisco Umbrella Rank: 19050	34 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67 imasdk.googleapis.com — Cisco Umbrella Rank: 448	332 KB
2	rmbl.ws sp.rmbl.ws — Cisco Umbrella Rank: 25237	34 KB
2	rlcdn.com ats.rlcdn.com — Cisco Umbrella Rank: 1366 api.rlcdn.com — Cisco Umbrella Rank: 802	38 KB
2	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 496 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 518	64 KB
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 1370	15 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	114 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 381	386 B
1	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 1452	332 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 289	17 KB
1	piano.io c2.piano.io — Cisco Umbrella Rank: 3842 api-esp.piano.io Failed	3 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1685	324 B
1	privacymanager.io geo.privacymanager.io — Cisco Umbrella Rank: 1424	596 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 238	22 KB
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 679	739 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1018	201 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	29 KB
1	gstatic.com fonts.gstatic.com	10 KB
1	pjmedia.com pjmedia.com — Cisco Umbrella Rank: 107970	88 KB
1	twitchy.com twitchy.com — Cisco Umbrella Rank: 53448	21 KB
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1197	15 KB
1	npttech.com www.npttech.com — Cisco Umbrella Rank: 4318	3 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1249	5 KB
1	cloudfront.net d60r6iww29z6r.cloudfront.net	41 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 423	23 KB
1	hotairemail.com 1 redirects click1.hotairemail.com	502 B
0	criteo.net Failed static.criteo.net Failed
157	43

	Domain	Requested by
11	securepubads.g.doubleclick.net	d60r6iww29z6r.cloudfront.net www.googletagservices.com securepubads.g.doubleclick.net hotair.com
9	hotair.com	hotair.com static.cloudflareinsights.com
8	fastlane.rubiconproject.com	townhall.com
8	cdn.townhall.com	hotair.com
8	use.typekit.net	hotair.com use.typekit.net
6	images.revcontent.com	hotair.com
5	cdn.ampproject.org	d60r6iww29z6r.cloudfront.net
4	tpc.googlesyndication.com	d60r6iww29z6r.cloudfront.net hotair.com
4	www.google.com	1 redirects hotair.com
4	cdn.cxense.com	d60r6iww29z6r.cloudfront.net cdn.cxense.com
4	www.google-analytics.com	d60r6iww29z6r.cloudfront.net www.google-analytics.com hotair.com
4	media.townhall.com	hotair.com
4	c.amazon-adsystem.com	hotair.com c.amazon-adsystem.com
3	trends.revcontent.com	d60r6iww29z6r.cloudfront.net trends.revcontent.com cdn.revcontent.com
3	rumble.com	d60r6iww29z6r.cloudfront.net rumble.com
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
2	cdn.revcontent.com	d60r6iww29z6r.cloudfront.net
2	api.cxense.com	d60r6iww29z6r.cloudfront.net
2	imasdk.googleapis.com	d60r6iww29z6r.cloudfront.net
2	sp.rmbl.ws	hotair.com
2	www.google.de	hotair.com
2	id5-sync.com	cdn.id5-sync.com ads.pubmatic.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	region1.google-analytics.com	www.googletagmanager.com
2	tk.amazon-adsystem.com	c.amazon-adsystem.com
2	i.clean.gg	d60r6iww29z6r.cloudfront.net
2	p.typekit.net	use.typekit.net client
2	townhall.com	hotair.com d60r6iww29z6r.cloudfront.net
2	www.googletagmanager.com	hotair.com d60r6iww29z6r.cloudfront.net
1	auth.hotair.com	cdn.tinypass.com
1	api.rlcdn.com	ads.pubmatic.com
1	match.adsrvr.org	ads.pubmatic.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	googleads.g.doubleclick.net	hotair.com
1	api-v3.tinypass.com	d60r6iww29z6r.cloudfront.net
1	img.revcontent.com	hotair.com
1	id.cxense.com	d60r6iww29z6r.cloudfront.net
1	comcluster.cxense.com	cdn.cxense.com
1	s0.2mdn.net	d60r6iww29z6r.cloudfront.net
1	p1cluster.cxense.com	cdn.cxense.com
1	63a97030d4209d9e379e7236e88f577e.safeframe.googlesyndication.com	d60r6iww29z6r.cloudfront.net
1	adservice.google.com	d60r6iww29z6r.cloudfront.net
1	adservice.google.de	d60r6iww29z6r.cloudfront.net
1	c2.piano.io	cdn.tinypass.com
1	id.tinypass.com	d60r6iww29z6r.cloudfront.net
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	buy.tinypass.com	d60r6iww29z6r.cloudfront.net
1	geo.privacymanager.io	d60r6iww29z6r.cloudfront.net
1	ib.adnxs.com	townhall.com
1	bidder.criteo.com	townhall.com
1	ap.lijit.com	townhall.com
1	hbopenbid.pubmatic.com	townhall.com
1	cdn.tinypass.com	d60r6iww29z6r.cloudfront.net
1	cdn.id5-sync.com	d60r6iww29z6r.cloudfront.net
1	ats.rlcdn.com	d60r6iww29z6r.cloudfront.net
1	ping.chartbeat.net	hotair.com
1	www.googletagservices.com	d60r6iww29z6r.cloudfront.net
1	experience.tinypass.com	d60r6iww29z6r.cloudfront.net
1	fonts.gstatic.com	fonts.googleapis.com
1	pjmedia.com	hotair.com
1	twitchy.com	hotair.com
1	static.chartbeat.com	d60r6iww29z6r.cloudfront.net
1	ads.pubmatic.com	d60r6iww29z6r.cloudfront.net
1	www.npttech.com	hotair.com
1	static.cloudflareinsights.com	hotair.com
1	d60r6iww29z6r.cloudfront.net	hotair.com
1	cdn.jsdelivr.net	hotair.com
1	fonts.googleapis.com	hotair.com
1	click1.hotairemail.com	1 redirects
0	api-esp.piano.io Failed	d60r6iww29z6r.cloudfront.net
0	static.criteo.net Failed	d60r6iww29z6r.cloudfront.net
157	73

This site contains links to these domains. Also see Links.

Domain
googleads.g.doubleclick.net
adssettings.google.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-21` - `2023-05-21`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2022-03-07` - `2023-04-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-21` - `2023-04-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.townhall.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-01` - `2023-03-04`	a year	crt.sh
i.clean.gg GTS CA 1D4	`2022-06-10` - `2022-09-08`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
*.rumble.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-11` - `2022-12-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.piano.io Sectigo RSA Domain Validation Secure Server CA	`2021-08-19` - `2022-09-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
tk.amazon-adsystem.com Amazon	`2022-03-16` - `2023-04-14`	a year	crt.sh
revcontent.com Amazon	`2022-07-25` - `2023-08-23`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.privacymanager.io Amazon	`2021-09-25` - `2022-10-24`	a year	crt.sh
*.cxense.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-17` - `2023-04-17`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2022-06-01` - `2022-08-30`	3 months	crt.sh
*.id5-sync.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
sp.rmbl.ws R3	`2022-07-31` - `2022-10-29`	3 months	crt.sh
piano.io Cloudflare Inc ECC CA-3	`2022-04-27` - `2023-04-26`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
cdn.revcontent.com R3	`2022-07-12` - `2022-10-10`	3 months	crt.sh
img.revcontent.com R3	`2022-07-16` - `2022-10-14`	3 months	crt.sh
images.revcontent.com R3	`2022-07-09` - `2022-10-07`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
auth.hotair.com Cloudflare Inc ECC CA-3	`2021-11-14` - `2022-11-13`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
Frame ID: 4C4E998B5BEC06637582FF8DABB53BAB
Requests: 149 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: E776AD6729BB33C98A7193C811A1B576
Requests: 4 HTTP requests in this frame

Frame: https://63a97030d4209d9e379e7236e88f577e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DD2260C83D68FE623D6C2D6CE707FECF
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.523.0_en.html
Frame ID: 2B1681DEF952746D5F84DFF7CF0F398F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://click1.hotairemail.com/lkdpmlydppwrmdpdrdmgyrfnnhrnndhyqqglcmwmmnnjzdj_bjclzfdgcgcypqgzqlcddd.html?... HTTP 302
https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

157
Requests

97 %
HTTPS

57 %
IPv6

43
Domains

73
Subdomains

60
IPs

8
Countries

2904 kB
Transfer

6920 kB
Size

45
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://googleads.g.doubleclick.net/aclk?sa=l&ai=CnUgWbgrsYpm-DY3O3gPmhYzwDZa0if1qodWLg9AQ2tkeEAEg0e2gF2CVgoCAwAegAYbvq5UCyAEC4AIAqAMByAMIqgTaAk_QAC-W5w14JcgUnVbEQYeoSU0g2-CCD65t1THC24-SoPyUChoeyrxp-bV_mDj4qR8eyXW1b29ebOApcTBBDwoWp6wTfAT9OXDDVNxHAxGpWsTwLIH4ARdnJb0084mPbpPc4NNo_qeFxNrM-p1SXZhAnyuWjLjgf17bSK5SeN10ccYmZq2-cR8MOGGsMtPkweD7ldEgcMW3ZYQLZERwPh0MylBPRVM-oawUPp7nJshatezVx7T6tZvp8XDK9doZ4_UgfDmZSU2M10jw9iJElTK5jaYv_1EzTJ-d1Ku1Rq8W0dZQBzhe7gskOXHF09onMRQPrtUm_RU8nzpDlGaw5bOeamUKw0Ptl9sYDHX5_OvpTqG2wysxmUcvTVcA-8qpSx2B4oZ6IHWQIXztYuZ9dTgKqoB-8q89growaPdnb34wiBTvpvr5O-y7-2gxd0mztZCrY1LOlKgsWDfABJ-G2dzaA-AEAaAGAoAH4pDU6gGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcB0ggSCIjhgBAQARgdMgOqggE6AoBAsQn2lOfNb8uIoYAKA5gLAcgLAbgMAdgTDNAVAZgWAfgWAYAXAQ&ae=1&num=1&sig=AOD64_3FzFNNV4DAYvMuLiyHn3uoRsxDPw&client=ca-pub-3522377144365482&nx=CLICK_X&ny=CLICK_Y&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)&uaw=UACH(wow64)&uafvl=UACH(fullVersionList)&nb=2&adurl=https://www.cotosen.com/activity/best-seller-f-6811/%3Ftspu%3DSP220708FYM1,SP220721G4ML,SP2205185KNE,SP21091365L3,SP220418G0DF,SP220629NJB7,SP2207142JS2,SP220530SNW2,SP220722NKJO,SP2207220MK1,SP22072556AL,SP220706OFG9%26utm_source%3Dgoogle%26utm_medium%3D7223384835%26utm_campaign%3D13952110718~%5BU2164%5D~%26utm_adset%3D127432803103%26utm_content%3D614838005270%26utm_term%3DU2164%26gclid%3DEAIaIQobChMIma2hkeOt-QIVDad3Ch3mAgPeEAEYASAAEgJgpPD_BwE

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/whythisad?source=display&reasons=AS7gl4IZhNatdxfThLR8loIqTb3rTaGvVBDU2M4PVDq5Dsgl9esKCC3TLueNb_KLgoCiQLVv-Q85670wMjLt25wNNjsx5Q0L0YFOMY-J2c4Upf1JYPKFchiAjHfHtYasaAEQJkyIu1nMcgmqUflEEcyaD8piOB0Wtn1hmcWisqPlK4aMcALYKDABbIfgHyO0kI0x7KeHjEIEB5ipA843deeD2rgVCZbc3mA42KzPn61sOcIE6CTtONHgYAPSms02juegLKYEM8u2J3yRxjmww_2P2Z06V-MUayo0_NbZbEA_uMq21O9ETqCOgZ40uZAAn50h0LLtqQfIXP5NaoTT-sXSa9UB3oLafSYn0mvIY3iQDEZAr9Sd8IMm_6UGgIq1fSgd4Z3zL7d7AGFWQxG9Jo4eKXQd0er4YlED1mItQe16dFvd5c81oC5G1KetmotaI3qfykHN6N2Nsl-lDcHQ6cREx49_D4p0qp6yNRj2O3nEk3rA_ZU_ENzYaaA9Uer2Qn7Q4B_13Du0hqQcXEHsg_y8qkxXWZDJvErM2dS6VyNkT4BUad37fVdwAB3eDa4ysuvUprjU5oR73l-mUh0LYw4ko9ZR_rsBGoQWIE7ibTuwj080gH7eaxNNSL25pkX7hxFnC82BtPKk6Zvgr_Der-mns92C3yP262Sn5iX0pCXokzR7Sq6G7OcK16m-H_ko995npBGkP6lv1l43K9Nj1ZB85nOYG6CjFumAEnsaqOnxNLUtOzQyfOgs9ItGtc_MyR8NFG505oryohxZFqT0qTfYDzc37abDuP0Y63XW5FBNqgbNpXL4stkWKznhsr9OQ79VGXuzuicCDehLt7LitV9wBtgvJ3Af26JnsJFQyPSM9SEV5ADYXLbqO-e5aFHJPBfdzM2f83FHvh9OCHdOzkPKmIEg7dMoTUPS8Cr9z6B7j3_GzWJcuRPzBIaUJeMJmFGvZpXhjdkOb4m8gvMv6fCTCXaIBjVWyLdrYNrUV0Rj0yiABDBWa__wSKraLwKTSpfrxElAg76yphYeEumJiCNHZ3IeJaavArk5VrYPnc5QUGOwGu4Auu7k3XTcXiXy9AVyDNq3q9TBFvXvfLlH9AZkd2bhyifZrS8x-dIVKvy1V-xATJF6la7bztYwHxDrh39_GoHYsQi4l938N7UHMTaZRZUe6S3ugTQA2wdtZlrrkCBljpI2KPSLVBF5xg-9PHg9OhkuEguc6U4AtVtKqgjdleoGMs-UyrPh1baD3PMtrEan5PYfPu6ltw6XHjSXMGAs4rFRq8PabO5gurVaFJ4LIJ1HBPafSLuaC6mGmdoWUN_9B8HuTMlBXDEYFXlIfHz8jKGv_9GuyD8aQI76OzronF8zj23c3YchunMfU4HOWvmP_wXdffNr6TnLIh5f2-h8f_p_6XkopqZQzp-ppxsCHUN-cavxz0K-5PGhBWVPYlMsSn_h9UcOoy7ZjeSB-bfYUJBwD8jWyL-sqlarAG1tl6QG7_SVF6Vm1T8AcIW8hCRaLLIeOBHjn8b5zGIck96u7cUvT_JohQcoMoVcQVeOJt-6iGaSUPVc931aNcmdpuat0ccFfi2vFqW6uxcPv68-Tvw_vFYrJFrJOGSolLAR-rJ_NFqQhusScPUZLMIVg9bSWi2v34YbJGhq6wbSsHxSzlvJIOr_v0rT-PdS5k9YrQYgbSzfKBqziBL0rRJDXZOGina97iQuHB2ZHUnUSbXhx2REOuEKtqQMq_2j8TvA8eTyH-U95SKYnIYMWn4ahAbHMuRqGpSFF72JWkS7A0U6JOsaTM3jeyQSYjzEYp___oZNlm003FXhb3dspQ

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click1.hotairemail.com/lkdpmlydppwrmdpdrdmgyrfnnhrnndhyqqglcmwmmnnjzdj_bjclzfdgcgcypqgzqlcddd.html?a=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6 HTTP 302
https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 144

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 146

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhotair.com%2F&domain=hotair.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=fyD5w3w1Y3cvMWZGQ3UwM0FOV2k2a3VGR2FraEVLYWpyOW1HWGd4RHExLzFCSkJyTG9hOVdJUkMyL2tEc1B2T1R2RS9ZbXNVRi9waksxdndKQUJtMDVOeEZCaGRVaFR0bzFxMkFKODVvbHJGbDlTV3I1ejFxMFZlR3Jad2tOaG1hU2VsVE5zZVI3OHN3K2RkRkRSRUZYRjF2dXZPUWNyWkJIeWxTQXBLVzVWL2p2amFyZTNHT1dJQ3E5N2gvTzVrZDREQ01jdWJwMWlCOWQ5eEswb2pIbWVlTGJRejJzb2pPbVBPTngwaHFsaW9EOWdrPXw&cppv=2

157 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358 Show response
hotair.com//jazz-shaw/2022/08/04/
Redirect Chain

https://click1.hotairemail.com/lkdpmlydppwrmdpdrdmgyrfnnhrnndhyqqglcmwmmnnjzdj_bjclzfdgcgcypqgzqlcddd.html?a=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa...

70 KB
18 KB

529ms
501ms

Document
text/html

2606:4700::6812:1d31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 464de9edffd979e97057c493e5686a4a48999fb29d88ca23b2b393b8d8612b71

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=30
cf-cache-status: MISS
cf-ray: 735938c77a74901f-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 04 Aug 2022 18:05:33 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 04 Aug 2022 18:06:03 GMT
last-modified: Thu, 04 Aug 2022 18:05:33 GMT
request-context: appId=cid-v1:71fb93d9-6e72-4c2c-822e-69b0c80a7a0d
server: cloudflare
vary: Accept-Encoding
x-powered-by: ASP.NET
x-soup: no

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html;charset=utf-8
Date: Thu, 04 Aug 2022 18:05:32 GMT
Keep-Alive: timeout=60
Location: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
Server: Apache-Coyote/1.1

GET
H2 200 zuk7wta.css
use.typekit.net/ 11 KB
1 KB 34ms
10ms Stylesheet
text/css 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/zuk7wta.css

Requested by

Host: hotair.com
URL: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

b25448959f4d05c6a3b63b34d3c75a93f626eedb4f53d466649cacfb6b424038

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Thu, 04 Aug 2022 18:05:33 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1235

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1 KB 45ms
18ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Oswald:wght@400&display=fallback

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4578a7e1f8c031503fc06d3d9e234f0925d5c47fc11f364468eff2e543858295

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 18:05:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 04 Aug 2022 18:05:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Aug 2022 18:05:33 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 152 KB
23 KB 28ms
7ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hotair.com/
Origin: https://hotair.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 8376297
x-jsd-version: 5.0.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 22977
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
x-served-by: cache-fra19169-FRA, cache-hhn4051-HHN
x-jsd-version-type: version
date: Thu, 04 Aug 2022 18:05:33 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 styles.css
hotair.com/dist/ 34 KB
8 KB 22ms
21ms Stylesheet
text/css 2606:4700::6812:1d31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hotair.com/dist/styles.css?v=6cQp4aNmUMfoT-HgDY8XlqoHx3YXwm8923UmH90poMg
Requested by: Host: hotair.com
URL: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 29a4270e5283199ada52b5958457405e3fd1ee70b4ff5a844abfe16fe889c998

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:33 GMT
content-encoding: br
cf-cache-status: HIT
age: 40
x-powered-by: ASP.NET
x-soup: no
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
request-context: appId=cid-v1:71fb93d9-6e72-4c2c-822e-69b0c80a7a0d
last-modified: Mon, 01 Aug 2022 18:59:52 GMT
server: cloudflare
etag: W/"1d8a5d8e15ec3ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=30
cf-ray: 735938caaedc901f-FRA
expires: Thu, 04 Aug 2022 18:06:03 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
42 KB 57ms
19ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-2595430-1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e2007293804996e37afbebe6577f82709450854b005b18277b94f9e465c178a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:33 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42910
x-xss-protection: 0
expires: Thu, 04 Aug 2022 18:05:33 GMT

GET
H2 200 script.js Show response
d60r6iww29z6r.cloudfront.net/ 118 KB
41 KB 36ms
8ms Script
application/javascript 2600:9000:2057:fa00:4:b8d7:18c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d60r6iww29z6r.cloudfront.net/script.js
Requested by: Host: hotair.com
URL: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:fa00:4:b8d7:18c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c5fdee2e53bed07246b2963e16560429dd28f6b7ac67505787c91eefd412a1f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 17:58:23 GMT
content-encoding: gzip
last-modified: Thu, 04 Aug 2022 16:40:35 GMT
server: AmazonS3
age: 431
etag: W/"93749342e7321e2f2fa68b5059c3fb00"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
cache-control: max-age=600,public,must-revalidate
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: pNxlAnI0OipaP2e3ULaMUwLmUdTnNAbMk6E3myXlQXnQH0_SvG5smg==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 140 KB
39 KB 55ms
9ms Script
application/javascript 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: hotair.com
URL: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 04 Aug 2022 17:39:30 GMT
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront), 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
last-modified: Thu, 30 Jun 2022 20:51:38 GMT
server: AmazonS3
age: 1564
etag: W/"72916dde70b34122b394074010b382ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1, FRA56-C1
content-encoding: gzip
x-amz-cf-id: P6_se0LqYoQRBW535bilAhs0YZq3X5lMkYsatmYqDoiQr_jFD7MfrQ==

GET
H2 200 prebid-responsive-pubmatic.js Show response
townhall.com/resources/js/ 8 KB
3 KB 50ms
20ms Script
application/javascript 2606:4700::6812:d25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://townhall.com/resources/js/prebid-responsive-pubmatic.js?v=4.17.0
Requested by: Host: hotair.com
URL: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7fb6d42e0895120606ac20bdca1b11273c1dca07402ba16d332ca7b29612429d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Jun 2022 16:43:48 GMT
server: cloudflare
age: 1012
x-powered-by: ASP.NET
etag: W/"4bcfe0186977d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
x-soup: no
cf-ray: 735938cacdaf6997-FRA
expires: Thu, 04 Aug 2022 18:35:33 GMT

GET
H2 200 logo-hotair.svg
cdn.townhall.com/web/thm/ 2 KB
2 KB 67ms
12ms Image
image/svg+xml 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.townhall.com/web/thm/logo-hotair.svg
Requested by: Host: hotair.com
URL: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 93b992c14fdbd8938b07d2dae1398848fb9996a6e7fa2d7ec1535879cfc7b946

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 04 Aug 2022 18:05:33 GMT
last-modified: Tue, 14 Apr 2020 03:11:56 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: xmyqfFCKFn9y4kVGseibNA==
etag: 0x8D7E02196E10DA6
x-hw: 1659636333.dop212.fr8.t,1659636333.cds154.fr8.hn,1659636333.cds282.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: e70dff78-001e-0054-7a93-a24a3d000000
cache-control: max-age=30920513
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 1618

GET
H2 200 subscriptions-badge-vip.svg
cdn.townhall.com/web/thm/ 723 B
917 B 67ms
12ms Image
image/svg+xml 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.townhall.com/web/thm/subscriptions-badge-vip.svg
Requested by: Host: hotair.com
URL: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e6f95a20ad0d4ab6f51386613106c956d1f7d3179417086853c9957025d117b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 04 Aug 2022 18:05:33 GMT
last-modified: Tue, 14 Apr 2020 03:28:27 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: WXOFmzm7VODNBktCEtDS8A==
etag: 0x8D7E023E532E6C3
x-hw: 1659636333.dop212.fr8.t,1659636333.cds154.fr8.hn,1659636333.cds272.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 1c68a3d0-d01e-001c-3866-8d91b0000000
cache-control: max-age=28592260
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 723

GET
H2 200 1a4f578a-db95-41e7-99b0-e009dc9f7452-860x475.jpg
media.townhall.com/townhall/reu/o/2018/85/ 63 KB
64 KB 59ms
13ms Image
image/jpeg 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.townhall.com/townhall/reu/o/2018/85/1a4f578a-db95-41e7-99b0-e009dc9f7452-860x475.jpg
Requested by: Host: hotair.com
URL: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: nginx /
Resource Hash: d494aec2cea97e4c22e6527ebc10c9eca4ad5e67f85f18ab73175400642b3033

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:33 GMT
server: nginx
x-img: thmbor3
etag: "a5916de38a970f973329ac49d656ad1d3d02b0c0"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-length: 64956
accept-ranges: bytes
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
cache-tag: img
x-hw: 1659636333.dop054.fr8.t,1659636333.cds154.fr8.hn,1659636333.cds280.fr8.c

GET
H3 200 email-decode.min.js Show response
hotair.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
937 B 16ms
16ms Script
application/javascript 2606:4700::6812:1d31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hotair.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1d31 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Aug 2022 16:27:01 GMT
server: cloudflare
etag: W/"62e95055-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 735938cafc04bb7a-FRA
vary: Accept-Encoding
expires: Sat, 06 Aug 2022 18:05:33 GMT

GET
H2 200 trending-icon.svg
cdn.townhall.com/web/thm/ 559 B
754 B 67ms
13ms Image
image/svg+xml 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.townhall.com/web/thm/trending-icon.svg
Requested by: Host: hotair.com
URL: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7c09a6a020c5272b7b5990676ab9c02020f080fa1e31f0afea2c3dcb04f21053

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 04 Aug 2022 18:05:33 GMT
last-modified: Wed, 29 Jul 2020 14:48:55 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: /jRYsx2lIeJPC64HM5PbWw==
etag: 0x8D833CE84746ADD
x-hw: 1659636333.dop212.fr8.t,1659636333.cds154.fr8.hn,1659636333.cds130.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 8432ff7f-f01e-006a-564e-614aaa000000
cache-control: max-age=23743907
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 559

GET
H3 200 main.js Show response
hotair.com/dist/ 10 KB
4 KB 17ms
17ms Script
application/javascript 2606:4700::6812:1d31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hotair.com/dist/main.js?v=uTDbL_BQdlvHD-HQpSM4xbnCNAUecuQxqHf8kQg_d9M
Requested by: Host: hotair.com
URL: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1d31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b930db2ff050765bc70fe1d0a52338c5b9c234051e72e431a877fc91083f77d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:33 GMT
content-encoding: br
cf-cache-status: HIT
age: 40
x-powered-by: ASP.NET
x-soup: no
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
request-context: appId=cid-v1:71fb93d9-6e72-4c2c-822e-69b0c80a7a0d
last-modified: Mon, 01 Aug 2022 18:59:52 GMT
server: cloudflare
etag: W/"1d8a5d8e15e6378"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=30
cf-ray: 735938cb0c37bb7a-FRA
expires: Thu, 04 Aug 2022 18:06:03 GMT

GET
H3 200 runtime.js Show response
hotair.com/dist/ 1 KB
1 KB 15ms
15ms Script
application/javascript 2606:4700::6812:1d31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hotair.com/dist/runtime.js?v=4xFEM9JxDv_G8ojbBJW8G_N5FLtZP46O3vVOW5QTUYQ
Requested by: Host: hotair.com
URL: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1d31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e3114433d2710effc6f288db0495bc1bf37914bb593f8e8edef54e5b94135184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:33 GMT
content-encoding: br
cf-cache-status: HIT
age: 39
x-powered-by: ASP.NET
x-soup: no
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
request-context: appId=cid-v1:71fb93d9-6e72-4c2c-822e-69b0c80a7a0d
last-modified: Mon, 01 Aug 2022 18:59:52 GMT
server: cloudflare
etag: W/"1d8a5d8e15e41c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=30
cf-ray: 735938cb1c4ebb7a-FRA
expires: Thu, 04 Aug 2022 18:06:03 GMT

GET
H3 200 vendors.js Show response
hotair.com/dist/ 241 KB
81 KB 25ms
25ms Script
application/javascript 2606:4700::6812:1d31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hotair.com/dist/vendors.js?v=f0BZTjJgWUzvo5VI71aEA-eyB_dHKeCVCQRd3qnATTQ
Requested by: Host: hotair.com
URL: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1d31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7f40594e3260594cefa39548ef568403e7b207f74729e09509045ddea9c04d34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:33 GMT
content-encoding: br
cf-cache-status: HIT
age: 39
x-powered-by: ASP.NET
x-soup: no
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
request-context: appId=cid-v1:71fb93d9-6e72-4c2c-822e-69b0c80a7a0d
last-modified: Mon, 01 Aug 2022 18:59:52 GMT
server: cloudflare
etag: W/"1d8a5d8e15d8136"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=30
cf-ray: 735938cb3c7ebb7a-FRA
expires: Thu, 04 Aug 2022 18:06:03 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 59ms
42ms Script
text/javascript 2606:4700:440e::ac40:9c1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: hotair.com
URL: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://hotair.com/
Origin: https://hotair.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:33 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 735938cb5cbe9b3a-FRA

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 39ms
6ms Stylesheet
text/css 2a02:26f0:3500:16::215:148b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=zuk7wta&ht=tk&f=139.140.173.174.175.176.25136.25137.6812.6813.6814.6815.6816.6817.6818.6819&a=83695280&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/zuk7wta.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:33 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 142ms
108ms Preflight
text/plain 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://hotair.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Thu, 04 Aug 2022 18:05:33 GMT
server: nginx/1.21.6
via: 1.1 google

GET
H2 200 advertising.js Show response
www.npttech.com/ 7 KB
3 KB 43ms
15ms Script
application/javascript 2606:4700:3030::6815:5476
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: hotair.com
URL: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5476 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2282
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: AAASRYWE5Q8JGRJ9
x-amz-id-2: XlvYpdux2+htcCuqdpUiYvwQxbqHB8h5FMetlXe444ZZNM+t6liNrBdxvh4Q8HEi4TrJ32Pxsc4=
last-modified: Wed, 19 Jun 2019 08:25:01 GMT
server: cloudflare
etag: W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YMGwKYt%2F9DOzU%2BQ8L5pqGyo4Ysiq3rHDWhnrluq20hUP2a1r%2BzyXtfWmxd9%2FZw6BQCIxKkyEQu3OOGEBJ9EWPX90XsFug2Ge5r5r5OF7535w2A0ias3d71lKi4OgGjH4btO%2F%2BbRIBsxRGqKVyac%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=28800
x-amz-version-id: hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cf-ray: 735938cb6ae9bb80-FRA

POST
H3 200 1a Show response
i.clean.gg/ 0
15 B 138ms
108ms XHR
application/octet-stream 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: d60r6iww29z6r.cloudfront.net
URL: https://d60r6iww29z6r.cloudfront.net/script.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hotair.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 04 Aug 2022 18:05:33 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/156799/2939/ 208 KB
64 KB 47ms
7ms Script
application/javascript 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/156799/2939/pwt.js
Requested by: Host: d60r6iww29z6r.cloudfront.net
URL: https://d60r6iww29z6r.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ad687eb07a376431adff16996abbf36a0cbe26cc2564d4a5eb4cec208bdf1dc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:33 GMT
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 23:05:40 GMT
server: Apache
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=139079
accept-ranges: bytes
content-type: application/javascript
content-length: 65077
expires: Sat, 06 Aug 2022 08:43:32 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 47ms
7ms Script
application/x-javascript 2600:9000:2057:6200:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: d60r6iww29z6r.cloudfront.net
URL: https://d60r6iww29z6r.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6200:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 16:53:36 GMT
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 00:50:34 GMT
server: nginx
age: 4317
etag: W/"62d7515a-933f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: nmJQpsPUyXun4n-9Tero4HU4sQhQjTHj3DYvyzh37-WjUuJ97bsjhg==
expires: Thu, 04 Aug 2022 18:53:36 GMT

GET
DATA 200
OK truncated
/ 273 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 953c39b93c46656e2d25a28dd13379498f98e991a78f682c4a42c951bc87a0f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 l
use.typekit.net/af/d45b9a/000000000000000077359577/30/ 33 KB
33 KB 28ms
7ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/d45b9a/000000000000000077359577/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/zuk7wta.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: ccaac2a8b85879c92bbd73e67512e8e8ab0e719ad0163193081ea6abb20031cc

Request headers

Referer: https://use.typekit.net/zuk7wta.css
Origin: https://hotair.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:33 GMT
server: nginx
etag: "f806d2fcac6bea1cced8320378bba8659e3a95e8"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33364

GET
H2 200 l
use.typekit.net/af/98e3f6/000000000000000077359562/30/ 33 KB
34 KB 34ms
13ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/98e3f6/000000000000000077359562/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/zuk7wta.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: af3b3037b84be1ef0f0dfafc75bd30480c05ac2ccda8bee8c9188308a8b81221

Request headers

Referer: https://use.typekit.net/zuk7wta.css
Origin: https://hotair.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:33 GMT
server: nginx
etag: "27cd5d037b3d5bcc152de6c7fe0aa3098a381c24"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 34148

GET
H2 200 l
use.typekit.net/af/6cc429/00000000000000007735957a/30/ 35 KB
35 KB 23ms
8ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/6cc429/00000000000000007735957a/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/zuk7wta.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9c021e60f7e8b7b4ad3672c21529c74f9a1553b36d2131c9b30c73a8aa83ca51

Request headers

Referer: https://use.typekit.net/zuk7wta.css
Origin: https://hotair.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:33 GMT
server: nginx
etag: "e32f2e1468d1ab6c324774fe08a8c96298c1ca86"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 35416

GET
H2 200 / Show response
rumble.com/embedJS/u4.v16pao9/ 16 KB
7 KB 411ms
135ms Script
application/javascript 172.98.57.101
RUMBLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/embedJS/u4.v16pao9/?url=https%3A%2F%2Fhotair.com%2F%2Fjazz-shaw%2F2022%2F08%2F04%2Fthe-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358%3Futm_source%3Dhadaily%26utm_medium%3Demail%26utm_campaign%3Dnl%26bcid%3D9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6&args=%5B%22play%22%2C%7B%22video%22%3A%22v16pao9%22%2C%22div%22%3A%22rumble_v16pao9%22%7D%5D

Requested by

Host: d60r6iww29z6r.cloudfront.net
URL: https://d60r6iww29z6r.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.98.57.101 , Canada, ASN399647 (RUMBLE, CA),

Reverse DNS

Software

nginx /

Resource Hash

7125eb3156aa718ab08b492f4c66b784e235db87b02f0513d32a7b2cd26f7480

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:33 GMT
content-encoding: br
vary: Accept-Encoding
server: nginx
link: <https://rumble.com/v19bglr-gaetz-on-fox-news-why-is-bidens-irs-buying-over-725000-worth-of-ammo.html>; rel="canonical"
strict-transport-security: max-age=31536000;includeSubDomains;preload
content-type: application/javascript;charset=utf-8

GET
H2 200 a1e48c26-96cb-46bb-a2cb-7875ccaf0d91.jpg
media.townhall.com/townhall/reu/ha/2022/171/ 30 KB
30 KB 37ms
24ms Image
image/jpeg 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.townhall.com/townhall/reu/ha/2022/171/a1e48c26-96cb-46bb-a2cb-7875ccaf0d91.jpg
Requested by: Host: hotair.com
URL: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: nginx /
Resource Hash: ec81fe9e874d1c5153350976a9aca25740aca011e40a3bdf0d128acb86594128

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:33 GMT
server: nginx
x-img: thmbor3
etag: "8a470e870da4b5c877505246b8983115ba16d4af"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-length: 30876
accept-ranges: bytes
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
cache-tag: img
x-hw: 1659636333.dop054.fr8.t,1659636333.cds154.fr8.hn,1659636333.cds284.fr8.c

GET
H2 200 cruz1.jpg
twitchy.com/wp-content/uploads/2022/08/ 20 KB
21 KB 52ms
25ms Image
image/webp 2606:4700::6812:8ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twitchy.com/wp-content/uploads/2022/08/cruz1.jpg
Requested by: Host: hotair.com
URL: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:8ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a44035ce00fee6265dedcd2dd4a5ae1cddfb21d63de44db541b57dda35cde83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:33 GMT
cf-cache-status: HIT
age: 1217
cf-polished: qual=85, origFmt=jpeg, origSize=22997
x-img: tmbor-2
content-disposition: inline; filename="cruz1.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20812
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "dfcb1a3985b2f470b300e3c90b1faac827f49dec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=1209600
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 735938cba82b9b92-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
expires: Thu, 18 Aug 2022 18:05:33 GMT

GET
H2 200 a81e8d0a-6d36-4bde-bed0-c59a7ea2fc8e.jpg
media.townhall.com/townhall/reu/ha/2022/55/ 36 KB
36 KB 25ms
24ms Image
image/jpeg 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.townhall.com/townhall/reu/ha/2022/55/a81e8d0a-6d36-4bde-bed0-c59a7ea2fc8e.jpg
Requested by: Host: hotair.com
URL: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: nginx /
Resource Hash: 93f15ee3b218f40b92cdf6b380b341fa98af082cd56d0293aee7814bef55f53d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:33 GMT
server: nginx
x-img: thmbor3
etag: "004af3ac068bb79c1f155d4658218b2dfd49b64a"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-length: 36493
accept-ranges: bytes
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
cache-tag: img
x-hw: 1659636333.dop054.fr8.t,1659636333.cds154.fr8.hn,1659636333.cds158.fr8.c

GET
H2 200 DeSantis-suspends-state-attorney.png
pjmedia.com/wp-content/uploads/2022/08/ 87 KB
88 KB 52ms
19ms Image
image/jpeg 2606:4700::6812:132b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pjmedia.com/wp-content/uploads/2022/08/DeSantis-suspends-state-attorney.png
Requested by: Host: hotair.com
URL: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:132b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c726b589f4fab5fd06d9d8dff114e1cd26ce9dc101a5bcdd51795467940a4d13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:33 GMT
cf-cache-status: HIT
age: 2870
cf-polished: origSize=96904, status=webp_bigger
x-img: tmbor1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 88987
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "30a0a0c1ab38827ef8e47d0a38adef18bd20550d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 735938cbba665b80-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
expires: Thu, 04 Aug 2022 19:05:33 GMT

GET
H2 200 l
use.typekit.net/af/5033af/0000000000000000000151d3/27/ 69 KB
69 KB 8ms
6ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5033af/0000000000000000000151d3/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/zuk7wta.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 663e2c3cbc67436bcfdccb9ca092ca7dd0919b3669f6518e4987b04b82aa0bfd

Request headers

Referer: https://use.typekit.net/zuk7wta.css
Origin: https://hotair.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:33 GMT
server: nginx
etag: "36ef5fe6cf3f1533005eeb18ef6ce81405543c0c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 70212

GET
H2 200 l
use.typekit.net/af/1286c7/0000000000000000000151d6/27/ 57 KB
58 KB 12ms
11ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/1286c7/0000000000000000000151d6/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/zuk7wta.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 83f3ec53457478fe250edf30ef521989ba9411c189fa834c00eae110fbec00ef

Request headers

Referer: https://use.typekit.net/zuk7wta.css
Origin: https://hotair.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:33 GMT
server: nginx
etag: "f488c7750417f1f36e44ede4b6fafd7afbeba6eb"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 58816

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v49/ 10 KB
10 KB 37ms
14ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald:wght@400&display=fallback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hotair.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 23:13:37 GMT
x-content-type-options: nosniff
age: 240716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9840
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:24:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Aug 2023 23:13:37 GMT

GET
H2 200 l
use.typekit.net/af/e4b1a9/000000000000000077359571/30/ 32 KB
33 KB 14ms
13ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/e4b1a9/000000000000000077359571/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/zuk7wta.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2ad1a3ce85195c70b579486b5b5b7721a42a5613b35e4a96e68a2d95bced9a3a

Request headers

Referer: https://use.typekit.net/zuk7wta.css
Origin: https://hotair.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:33 GMT
server: nginx
etag: "b10a19accac4d75934ead3e517526b740bdb5a2c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33156

GET
H2 200 logo-townhall.svg
cdn.townhall.com/web/thm/ 3 KB
3 KB 13ms
12ms Image
image/svg+xml 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.townhall.com/web/thm/logo-townhall.svg
Requested by: Host: hotair.com
URL: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 8da3c0e66327145dcaa5fc49e22bbbf34fba70cfea77241bc1c31d8f75210712

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 04 Aug 2022 18:05:33 GMT
last-modified: Tue, 14 Apr 2020 03:11:56 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: KuVyXvE+AUqcrnVqZe2lpQ==
etag: 0x8D7E02196E21F50
x-hw: 1659636333.dop212.fr8.t,1659636333.cds154.fr8.hn,1659636333.cds289.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 8432fa6c-f01e-006a-074e-614aaa000000
cache-control: max-age=23743904
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 3341

GET
H2 200 logo-redstate.svg
cdn.townhall.com/web/thm/ 3 KB
3 KB 13ms
12ms Image
image/svg+xml 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.townhall.com/web/thm/logo-redstate.svg
Requested by: Host: hotair.com
URL: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 597f392578cf4e3146a885054c43e74c31cfe4387263ef4944aec9e49b477f84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 04 Aug 2022 18:05:33 GMT
last-modified: Tue, 14 Apr 2020 03:11:56 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: ikQrCN1PUDNzFhqB0LTnEg==
etag: 0x8D7E02196E1F834
x-hw: 1659636333.dop212.fr8.t,1659636333.cds154.fr8.hn,1659636333.cds052.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: dc6efe1f-e01e-0004-6e4e-6109b7000000
cache-control: max-age=23743901
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 2736

GET
H2 200 logo-pjmedia.svg
cdn.townhall.com/web/thm/ 1 KB
1 KB 13ms
12ms Image
image/svg+xml 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.townhall.com/web/thm/logo-pjmedia.svg
Requested by: Host: hotair.com
URL: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 2d372e05edbda96f8861de0a8af67c408abfc10e3d198d0e464a2bd3d6f1f78c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 04 Aug 2022 18:05:33 GMT
last-modified: Tue, 14 Apr 2020 03:11:56 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: 4y1mWlbEScDkUAS6XWinGw==
etag: 0x8D7E02196E26D85
x-hw: 1659636333.dop212.fr8.t,1659636333.cds154.fr8.hn,1659636333.cds252.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: fe3abe73-a01e-0006-6f4e-6104da000000
cache-control: max-age=23743901
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 1335

GET
H2 200 logo-twitchy.svg
cdn.townhall.com/web/thm/ 3 KB
4 KB 13ms
12ms Image
image/svg+xml 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.townhall.com/web/thm/logo-twitchy.svg
Requested by: Host: hotair.com
URL: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1ddd43c554ea3a1361dd9ae2fa3554d105644c70f4a9c5ce42a64ecfa7be1e0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 04 Aug 2022 18:05:33 GMT
last-modified: Tue, 14 Apr 2020 03:11:56 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: Abjge53m+oUdzNjj6xxrTw==
etag: 0x8D7E02196E10DA6
x-hw: 1659636333.dop212.fr8.t,1659636333.cds154.fr8.hn,1659636333.cds213.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: c5ce83fe-201e-0005-6c98-8df7ba000000
cache-control: max-age=466185
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 3409

GET
H2 200 logo-bearingarms.svg
cdn.townhall.com/web/thm/ 44 KB
44 KB 23ms
22ms Image
image/svg+xml 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.townhall.com/web/thm/logo-bearingarms.svg
Requested by: Host: hotair.com
URL: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 2c7c167e8b508ff6db909ad574209b8659a5a203fcc1fd8ff6e299e1e141c7a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 04 Aug 2022 18:05:33 GMT
last-modified: Tue, 14 Apr 2020 03:11:56 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: 13J7HnEbtuf4UiINbmI3gg==
etag: 0x8D7E02196E3F478
x-hw: 1659636333.dop212.fr8.t,1659636333.cds154.fr8.hn,1659636333.cds013.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 3d494ad7-f01e-006c-654e-61ac6b000000
cache-control: max-age=23743901
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 45148

GET
H2 200 load Show response
experience.tinypass.com/xbuilder/experience/ 4 KB
2 KB 53ms
25ms Script
application/javascript 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/load?aid=OnyZMk8rii

Requested by

Host: d60r6iww29z6r.cloudfront.net
URL: https://d60r6iww29z6r.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d677cb7745ced99f8b374bd5ac193ed88e8e7970acfec4cd7b176030a99cb1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:33 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 928
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: Mhvq3grhFAW
wn: prod-exp-10-0-132-40
last-modified: Thu, 04 Aug 2022 17:50:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=1800
cf-ray: 735938cc4dea9171-FRA
expires: Thu, 04 Aug 2022 18:35:33 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
29 KB 48ms
16ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: d60r6iww29z6r.cloudfront.net
URL: https://d60r6iww29z6r.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b39e4ea3efb18868330d6b6c67bab86370198a8210e206bba2b294da9f620745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28611
x-xss-protection: 0
server: sffe
etag: "1294 / 987 of 1000 / last-modified: 1659611335"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 04 Aug 2022 18:05:33 GMT

GET
H2 200 prebid-4.17.0.js Show response
townhall.com/resources/js/ 273 KB
86 KB 24ms
24ms Script
application/javascript 2606:4700::6812:d25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://townhall.com/resources/js/prebid-4.17.0.js?t=5
Requested by: Host: d60r6iww29z6r.cloudfront.net
URL: https://d60r6iww29z6r.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bd91ae53704f04f831a3e8cdf770bc5b9a1bfad5217b7bedddee29523e507922

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 May 2022 17:00:09 GMT
server: cloudflare
age: 3025
x-powered-by: ASP.NET
etag: W/"ace1638fc66ed81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
x-soup: no
cf-ray: 735938cc1fd46997-FRA
expires: Thu, 04 Aug 2022 18:35:33 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 290ms
94ms Image
image/gif 52.72.58.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=hotair.com&p=%2Fjazz-shaw%2F2022%2F08%2F04%2Fthe-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358&u=C_bCH8bfzZb-WHen&d=hotair.com&g=14482&g0=The%20Blog&g1=Jazz%20Shaw&n=1&f=00001&c=0&x=0&m=0&y=3838&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1420&_c=nl&_m=email&_x=hadaily&t=rAhjutjTJzBLjiXcnqUxaD5PAVg&V=136&i=The%20IRS%20has%205%20million%20rounds%20of%20ammo%20for%20some%20reason%20%E2%80%93%20HotAir&tz=0&sn=1&sv=2PXWq7EO9NBDkQeBBD5Z_oBLusmB&sd=1&im=067b0cff&_
Requested by: Host: hotair.com
URL: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.58.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-58-170.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 18:05:33 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

OPTIONS
H/1.1 200
OK envelope
tk.amazon-adsystem.com/ Frame 0
0 190ms
30ms Preflight
text/plain 18.200.116.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tk.amazon-adsystem.com/envelope
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.116.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-116-66.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://hotair.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: *
Allow: POST, OPTIONS
Content-Length: 13
Content-Type: text/plain
Date: Thu, 04 Aug 2022 18:05:32 GMT
Server: Apache-Coyote/1.1

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 1 KB
1 KB 8ms
7ms XHR
application/json 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3281&u=https%3A%2F%2Fhotair.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-118.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 120ae5c5baea88cee37fc679c53a6839a09e464168ca7583908facbbacb96d88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 15:30:30 GMT
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
server: Server
age: 9303
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://hotair.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-length: 1174
x-amz-cf-id: GbrN766B_TznH4fUtLW8KPozmGKacMxJ5ucjrfOwC2Ve2WIKak7Hiw==

POST
H/1.1 200
OK envelope Show response
tk.amazon-adsystem.com/ 44 B
256 B 31ms
30ms XHR
application/json 18.200.116.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tk.amazon-adsystem.com/envelope
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.116.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-116-66.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 2a26b23b60bf6d059c32bf52320ad44aa86bbfbd2620cf8f201e5abedb7af27d

Request headers

Referer: https://hotair.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 04 Aug 2022 18:05:32 GMT
Server: Apache-Coyote/1.1
Content-Length: 44
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: application/json

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 64 B
529 B 60ms
60ms XHR
text/javascript 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3281&u=https%3A%2F%2Fhotair.com%2F%2Fjazz-shaw%2F2022%2F08%2F04%2Fthe-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358%3Futm_source%3Dhadaily%26utm_medium%3Demail%26utm_campaign%3Dnl%26bcid%3D9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6&pid=ta1hlF3hnFsEj&cb=0&ws=1600x1200&v=8.1.0&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-728x90_1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F6177%2Fslm.hotair%2Farticles%2F728x90_1%22%7D%2C%7B%22sd%22%3A%22div-gpt-300x250_4%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F6177%2Fslm.hotair%2Farticles%2F300x250_4%22%7D%2C%7B%22sd%22%3A%22div-gpt-300x250_5%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F6177%2Fslm.hotair%2Farticles%2F300x250_5%22%7D%2C%7B%22sd%22%3A%22div-gpt-300x250_6%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F6177%2Fslm.hotair%2Farticles%2F300x250_6%22%7D%2C%7B%22sd%22%3A%22div-gpt-300x250_1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F6177%2Fslm.hotair%2Farticles%2F300x250_1%22%7D%2C%7B%22sd%22%3A%22div-gpt-300x250_2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F6177%2Fslm.hotair%2Farticles%2F300x250_2%22%7D%2C%7B%22sd%22%3A%22div-gpt-300x250_3%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F6177%2Fslm.hotair%2Farticles%2F300x250_3%22%7D%2C%7B%22sd%22%3A%22div-gpt-300x250_sticky%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F6177%2Fslm.hotair%2Farticles%2F300x250_sticky%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.71.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-71-118.fra56.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:33 GMT
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
x-amz-rid: JNSD7QTAQH7D9EVS705D
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://hotair.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 64
x-amz-cf-id: qLsmzjpGdVS8AqtdVxG_fFo_LSRigUYbkbwhtS-DM9WkGlS7AZ5JyQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 23ms
8ms XHR
application/javascript 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 22:19:24 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 71170
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 03 Aug 2022 22:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: JXufo2ctue2uysHllG2MRpKE8F0E4.a0
via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C1
content-type: application/javascript
x-amz-cf-id: Z3yPGVpiG4Eaj3gk8vRI4yt7Hi-gAPmk3aYUMbgoeD93ZWS66XIniw==

GET
H2 200 serve.js.php Show response
trends.revcontent.com/ 4 KB
1 KB 107ms
31ms Script
text/html 63.35.106.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/serve.js.php?w=102424&t=rc_335&c=1659636333529&width=1600&referer=&is_blocked=false

Requested by

Host: d60r6iww29z6r.cloudfront.net
URL: https://d60r6iww29z6r.cloudfront.net/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.35.106.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-35-106-166.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

7d7a3779422efc11707cc1450ebd87a512bd524dc0da4f424c9e2831d97baca6

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:33 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://hotair.com
access-control-allow-credentials: true
strict-transport-security: max-age=931536000; includeSubDomains
content-length: 1263

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 201 KB
72 KB 38ms
22ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VJM6PCZB0L&l=dataLayer&cx=c

Requested by

Host: d60r6iww29z6r.cloudfront.net
URL: https://d60r6iww29z6r.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2dacfb720cbf827b9972351d40843eb584345dcc406e3eb3c21054ba4aecace3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:33 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73704
x-xss-protection: 0
expires: Thu, 04 Aug 2022 18:05:33 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: d60r6iww29z6r.cloudfront.net
URL: https://d60r6iww29z6r.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3576
date: Thu, 04 Aug 2022 17:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 04 Aug 2022 19:05:57 GMT

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 109 KB
37 KB 37ms
7ms Script
application/x-javascript 99.86.4.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: d60r6iww29z6r.cloudfront.net
URL: https://d60r6iww29z6r.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
content-encoding: gzip
etag: W/"148e21f812b555a13b2a9c6b616141f4"
age: 36426
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 58acf9e97c03c481f490be71338f7f57
last-modified: Tue, 17 May 2022 11:35:33 GMT
server: AmazonS3
date: Thu, 04 Aug 2022 07:58:28 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=86400
x-amz-cf-pop: FRA6-C1
content-type: application/x-javascript
x-amz-cf-id: ldKJ2yJXzvib22lcK06H5wQDOCfHvQXmrlr4MsGSLZYgcKs8gWc76w==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 42 KB
12 KB 41ms
16ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: d60r6iww29z6r.cloudfront.net
URL: https://d60r6iww29z6r.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af44d280920264564147250d0841eebf33288a04c932c182c06ec21600a228c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:33 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 1177
x-amz-server-side-encryption: AES256
x-amz-request-id: TVF782FV7TZY6CH4
x-amz-id-2: 7D3RDY2KXlNuubAjVgxfi2TldcadQqrytJ4TPQLHf0w1minTGkXl7WZzmfTaBAnySvGJeXMbYs4=
last-modified: Wed, 27 Jul 2022 15:06:46 GMT
server: cloudflare
etag: W/"a49d5e2684c7e5d488d526ca41c2f3e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 735938ccdeb4926d-FRA

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 304 KB
89 KB 33ms
24ms Script
application/javascript 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js

Requested by

Host: d60r6iww29z6r.cloudfront.net
URL: https://d60r6iww29z6r.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f24efb6fd73babf6bb134d6d93dee2e43cf609e4fa3d55cd51f18095480863f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:33 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 11299
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: Q0B7YBWXEMT2BY5E
x-amz-id-2: rhS7nQZ/XI15ZvbJnrxwXLuxpRVde5nIJKpUXEEmHqPO4sADSjfs9N7kk967vqvavLtrSPg88sI=
last-modified: Wed, 27 Jul 2022 14:28:44 GMT
server: cloudflare
etag: W/"b2abf213adb145cc61c1658cae472509"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 735938ccbed69171-FRA
expires: Thu, 04 Aug 2022 22:05:33 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 259 B
1 KB 189ms
121ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7685&site_id=248900&zone_id=1232020&size_id=2&alt_size_ids=57&eid_pubcid.org=5836fa49-00ee-4076-a67a-9f4f93c7689f%5E1&rf=https%3A%2F%2Fhotair.com%2F%2Fjazz-shaw%2F2022%2F08%2F04%2Fthe-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358%3Futm_source%3Dhadaily%26utm_medium%3Demail%26utm_campaign%3Dnl%26bcid%3D9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6&tk_flint=pbjs_lite_v4.17.0&x_source.tid=a41a1abd-09fa-4298-bcf1-54c76a4283c2&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6322471691915865
Requested by: Host: townhall.com
URL: https://townhall.com/resources/js/prebid-4.17.0.js?t=5
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ce0cd401ae6129311bfe955444e97eb740425802fb63bbf1c56a8e143526cfca

Request headers

Referer: https://hotair.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 04 Aug 2022 18:05:33 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://hotair.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 259
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 104ms
36ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7685&site_id=248900&zone_id=1232020&size_id=15&eid_pubcid.org=5836fa49-00ee-4076-a67a-9f4f93c7689f%5E1&rf=https%3A%2F%2Fhotair.com%2F%2Fjazz-shaw%2F2022%2F08%2F04%2Fthe-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358%3Futm_source%3Dhadaily%26utm_medium%3Demail%26utm_campaign%3Dnl%26bcid%3D9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6&tk_flint=pbjs_lite_v4.17.0&x_source.tid=3afef695-4247-432b-a7f2-3097eab8885d&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6170309501926554
Requested by: Host: townhall.com
URL: https://townhall.com/resources/js/prebid-4.17.0.js?t=5
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 44d961f1ee0f411bb3cc1fcc720ae31db2b0c5562e0d5394cf786b4033ba040d

Request headers

Referer: https://hotair.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 04 Aug 2022 18:05:33 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://hotair.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 191ms
122ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7685&site_id=248900&zone_id=1232020&size_id=15&eid_pubcid.org=5836fa49-00ee-4076-a67a-9f4f93c7689f%5E1&rf=https%3A%2F%2Fhotair.com%2F%2Fjazz-shaw%2F2022%2F08%2F04%2Fthe-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358%3Futm_source%3Dhadaily%26utm_medium%3Demail%26utm_campaign%3Dnl%26bcid%3D9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6&tk_flint=pbjs_lite_v4.17.0&x_source.tid=7d9a6b37-2148-42cb-a537-bbad9827432d&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7732534379988398
Requested by: Host: townhall.com
URL: https://townhall.com/resources/js/prebid-4.17.0.js?t=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 750e1a0ad391bf5f57b5828d9968e97d4b5307b3f6703985097566ee82223428

Request headers

Referer: https://hotair.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 04 Aug 2022 18:05:33 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://hotair.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 107ms
38ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7685&site_id=248900&zone_id=1232020&size_id=15&eid_pubcid.org=5836fa49-00ee-4076-a67a-9f4f93c7689f%5E1&rf=https%3A%2F%2Fhotair.com%2F%2Fjazz-shaw%2F2022%2F08%2F04%2Fthe-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358%3Futm_source%3Dhadaily%26utm_medium%3Demail%26utm_campaign%3Dnl%26bcid%3D9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6&tk_flint=pbjs_lite_v4.17.0&x_source.tid=9ebb4af2-00a6-4215-8dac-d083aa8b6c59&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.18324774081552175
Requested by: Host: townhall.com
URL: https://townhall.com/resources/js/prebid-4.17.0.js?t=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 4f8578ca9067ea23a6b402c2f3db9acdc70d42c344b24414a68a8f80bda60be8

Request headers

Referer: https://hotair.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 04 Aug 2022 18:05:33 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://hotair.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 129ms
58ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7685&site_id=248900&zone_id=1232020&size_id=15&eid_pubcid.org=5836fa49-00ee-4076-a67a-9f4f93c7689f%5E1&rf=https%3A%2F%2Fhotair.com%2F%2Fjazz-shaw%2F2022%2F08%2F04%2Fthe-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358%3Futm_source%3Dhadaily%26utm_medium%3Demail%26utm_campaign%3Dnl%26bcid%3D9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6&tk_flint=pbjs_lite_v4.17.0&x_source.tid=645183cb-8d64-4b15-87e9-4c779bbc0fae&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.2511801325447307
Requested by: Host: townhall.com
URL: https://townhall.com/resources/js/prebid-4.17.0.js?t=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 89fcb0ca03593684ca831149575e7acd375dcac83274d5aeca2883f2f9feead1

Request headers

Referer: https://hotair.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 04 Aug 2022 18:05:33 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://hotair.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 107ms
36ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7685&site_id=248900&zone_id=1232020&size_id=15&eid_pubcid.org=5836fa49-00ee-4076-a67a-9f4f93c7689f%5E1&rf=https%3A%2F%2Fhotair.com%2F%2Fjazz-shaw%2F2022%2F08%2F04%2Fthe-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358%3Futm_source%3Dhadaily%26utm_medium%3Demail%26utm_campaign%3Dnl%26bcid%3D9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6&tk_flint=pbjs_lite_v4.17.0&x_source.tid=8b4fa159-4252-44f1-ba8e-2ea38e8e7b2b&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9799016213490277
Requested by: Host: townhall.com
URL: https://townhall.com/resources/js/prebid-4.17.0.js?t=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 69b48abad818bc8b1fd5306b128028aec77f8ba718bd3c99dacd14a44db9b5b5

Request headers

Referer: https://hotair.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 04 Aug 2022 18:05:33 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://hotair.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 151ms
48ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7685&site_id=248900&zone_id=1232020&size_id=15&eid_pubcid.org=5836fa49-00ee-4076-a67a-9f4f93c7689f%5E1&rf=https%3A%2F%2Fhotair.com%2F%2Fjazz-shaw%2F2022%2F08%2F04%2Fthe-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358%3Futm_source%3Dhadaily%26utm_medium%3Demail%26utm_campaign%3Dnl%26bcid%3D9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6&tk_flint=pbjs_lite_v4.17.0&x_source.tid=b43f219f-b799-444d-a58f-a6c86a25c5f7&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.012416806876675457
Requested by: Host: townhall.com
URL: https://townhall.com/resources/js/prebid-4.17.0.js?t=5
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 086bf13b26a154d573770a63f2a136d917d58d10a066bc26eef71f5ab597cd0b

Request headers

Referer: https://hotair.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 04 Aug 2022 18:05:33 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://hotair.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 156ms
49ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7685&site_id=248900&zone_id=1232020&size_id=15&eid_pubcid.org=5836fa49-00ee-4076-a67a-9f4f93c7689f%5E1&rf=https%3A%2F%2Fhotair.com%2F%2Fjazz-shaw%2F2022%2F08%2F04%2Fthe-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358%3Futm_source%3Dhadaily%26utm_medium%3Demail%26utm_campaign%3Dnl%26bcid%3D9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6&tk_flint=pbjs_lite_v4.17.0&x_source.tid=74185d13-ec15-4446-9730-eb0d7cdfadc9&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5761422414963735
Requested by: Host: townhall.com
URL: https://townhall.com/resources/js/prebid-4.17.0.js?t=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 0fe9a85e105dbef3b820a0218cef3ad256ee7e85e10e948397240aa947c9a066

Request headers

Referer: https://hotair.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 04 Aug 2022 18:05:33 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://hotair.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
112 B 87ms
42ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: townhall.com
URL: https://townhall.com/resources/js/prebid-4.17.0.js?t=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hotair.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hotair.com
date: Thu, 04 Aug 2022 18:05:32 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 93 B
739 B 151ms
73ms XHR
application/json 216.52.2.19
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.17.0
Requested by: Host: townhall.com
URL: https://townhall.com/resources/js/prebid-4.17.0.js?t=5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 6bce42fd456713163cfad40082ef86cc0055981e3fa9c8e4ea0e512d258f52cf

Request headers

Referer: https://hotair.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 04 Aug 2022 18:05:33 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://hotair.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 97

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
212 B 52ms
14ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.17.0&cb=69378267420

Requested by

Host: townhall.com
URL: https://townhall.com/resources/js/prebid-4.17.0.js?t=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://hotair.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 04 Aug 2022 18:05:33 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://hotair.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 95 KB
22 KB 275ms
240ms XHR
application/json 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: townhall.com
URL: https://townhall.com/resources/js/prebid-4.17.0.js?t=5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31c3edd8584a00741847ee769f32d5bc8f48293cfd60b33314ac5297818eacb0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://hotair.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 04 Aug 2022 18:05:33 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: da373ac3-284e-4d32-9915-da12c002cafe
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://hotair.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pubads_impl_2022080101.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
130 KB 43ms
8ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Requested by

Host: d60r6iww29z6r.cloudfront.net
URL: https://d60r6iww29z6r.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

a5910455615630589802ca15818aa163322871e6468f06a3660c53d6ab2936bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 17:24:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2488
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132749
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 16:11:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 04 Aug 2023 17:24:05 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 77 B
706 B 61ms
28ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=hotair.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

b5ba97835894fd8056a32518f7fd51656b7f77c85416a4a2dc2ca5843feb4f1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Aug 2022 18:05:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70
x-xss-protection: 0
expires: Thu, 04 Aug 2022 18:05:33 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 30ms
14ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1740547684&t=pageview&_s=1&dl=https%3A%2F%2Fhotair.com%2F%2Fjazz-shaw%2F2022%2F08%2F04%2Fthe-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358%3Futm_source%3Dhadaily%26utm_medium%3Demail%26utm_campaign%3Dnl%26bcid%3D9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6&ul=en-us&de=UTF-8&dt=The%20IRS%20has%205%20million%20rounds%20of%20ammo%20for%20some%20reason%20%E2%80%93%20HotAir&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1844792979&gjid=1836784334&cid=337887318.1659636334&tid=UA-2595430-1&_gid=1104703566.1659636334&_r=1&gtm=2ou830&cd7=free&z=286498037

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hotair.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 18:05:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hotair.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
596 B 44ms
7ms Fetch
application/json 143.204.215.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: d60r6iww29z6r.cloudfront.net
URL: https://d60r6iww29z6r.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-111.fra53.r.cloudfront.net
Software: /
Resource Hash: e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 02:04:22 GMT
via: 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront), 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
age: 57671
x-amzn-requestid: a7cc3f9e-999b-4456-b5ab-89c73c92f35e
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-62eb2926-01bd4fe8347bae5039b6d5e0;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P3, FRA53-C1
x-amz-apigw-id: WUNeBHODjoEFmhQ=
content-length: 30
x-amz-cf-id: kV_RRvs_8SANM4z1wTT5q9IiylgUgTzG1BemVL5z9aLgRRuK_TSjXA==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

POST
H2 204 collect
region1.google-analytics.com/g/ 0
343 B 60ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VJM6PCZB0L&gtm=2oe830&_p=1740547684&_z=ccd.v9B&cid=337887318.1659636334&ul=en-us&sr=1600x1200&_s=1&sid=1659636333&sct=1&seg=0&dl=https%3A%2F%2Fhotair.com%2F%2Fjazz-shaw%2F2022%2F08%2F04%2Fthe-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358%3Futm_source%3Dhadaily%26utm_medium%3Demail%26utm_campaign%3Dnl%26bcid%3D9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6&dt=The%20IRS%20has%205%20million%20rounds%20of%20ammo%20for%20some%20reason%20%E2%80%93%20HotAir&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJM6PCZB0L&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 18:05:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hotair.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 get.js Show response
buy.tinypass.com/api/v3/anon/captcha/ 153 B
412 B 143ms
133ms Script
application/javascript 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=OnyZMk8rii

Requested by

Host: d60r6iww29z6r.cloudfront.net
URL: https://d60r6iww29z6r.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfafa90ff2e4f6fadb101ba8d02f7450d086776db90f646d30ed278cf3d9d368

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:33 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: M9lr3grLkWL
pragma
wn: prod-dash-10-0-115-187
last-modified: Thu, 04 Aug 2022 17:57:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
server-time: 0.005
cache-control: public, max-age=1200
cf-ray: 735938cd88269171-FRA
expires: Thu, 04 Aug 2022 18:25:33 GMT

GET
H/1.1 200
OK cx.cce.js Show response
cdn.cxense.com/ 23 KB
6 KB 301ms
12ms Script
application/x-javascript 2a02:26f0:6c00:2bf::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.cce.js
Requested by: Host: d60r6iww29z6r.cloudfront.net
URL: https://d60r6iww29z6r.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bf::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: eb578e5229cead21a487f38f0428ce5362cc04b13dfbc686cb380be538c0e79f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 04 Aug 2022 18:05:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 May 2022 19:29:56 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5964
Expires: Thu, 04 Aug 2022 19:05:33 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
324 B 32ms
8ms XHR
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.eu-1-id5-sync.com/lb/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31532337.ip-162-19-138.eu
Software: /
Resource Hash: e9cbd901ff637c1ed78d85763b91a0368df6528a314e7fd178a9520c2d5006a7

Request headers

Referer: https://hotair.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hotair.com
date: Thu, 04 Aug 2022 18:05:33 GMT
transfer-encoding: chunked
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
438 B 53ms
17ms XHR
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-2595430-1&cid=337887318.1659636334&jid=1844792979&gjid=1836784334&_gid=1104703566.1659636334&_u=YEBAAUAAAAAAAC~&z=267661343

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hotair.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 04 Aug 2022 18:05:33 GMT
content-type: text/plain
access-control-allow-origin: https://hotair.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200 915.json Show response
id5-sync.com/g/v2/ 212 B
616 B 33ms
9ms XHR
application/json 141.95.98.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/915.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.70 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216620.ip-141-95-98.eu

Software

Resource Hash

9050bee79013777c1bc573d0bd8f41c7d71bdbbb453b68d65a5eec72298bd669

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://hotair.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hotair.com
date: Thu, 04 Aug 2022 18:05:32 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H2 200 verify Show response
id.tinypass.com/id/api/v1/identity/token/ 195 B
956 B 137ms
127ms Script
application/javascript 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.tinypass.com/id/api/v1/identity/token/verify?callback=jsonp56&client_id=OnyZMk8rii&site=https%3A%2F%2Fhotair.com

Requested by

Host: d60r6iww29z6r.cloudfront.net
URL: https://d60r6iww29z6r.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e363d9f4bdf601b92b67bc0dd1f77f325a977951d67e227d719d5ee4cb98cb84

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL", CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: M9lr3grpoAc
pragma: no-cache
wn: prod-id-10-0-91-109
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-cache="set-cookie"
access-control-allow-credentials: true
server-time: 0.003
cf-ray: 735938cde8ec9171-FRA
access-control-allow-headers: origin, content-type, accept, authorization
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 serve.js.php Show response
trends.revcontent.com/ 105 KB
106 KB 480ms
479ms XHR
text/javascript 63.35.106.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/serve.js.php?w=102424&t=rc_335&c=1659636333529&width=1600&is_blocked=false&site_url=https%3A%2F%2Fhotair.com%2F%2Fjazz-shaw%2F2022%2F08%2F04%2Fthe-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358%3Futm_source%3Dhadaily%26utm_medium%3Demail%26utm_campaign%3Dnl%26bcid%3D9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6&referer=&skip_iab=true

Requested by

Host: trends.revcontent.com
URL: https://trends.revcontent.com/serve.js.php?w=102424&t=rc_335&c=1659636333529&width=1600&referer=&is_blocked=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.35.106.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-35-106-166.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

66a4918c7b403189c9a1a514af2525058f10e2bf7a27bd2e1f4640bafa2341ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://hotair.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://hotair.com
date: Thu, 04 Aug 2022 18:05:34 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/javascript; charset=utf-8

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 54ms
32ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2595430-1&cid=337887318.1659636334&jid=1844792979&_u=YEBAAUAAAAAAAC~&z=971918262

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 18:05:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 68ms
31ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2595430-1&cid=337887318.1659636334&jid=1844792979&_u=YEBAAUAAAAAAAC~&z=971918262

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 18:05:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ui.r2.js Show response
rumble.com/j/p/ 74 KB
27 KB 139ms
139ms Script
application/javascript 172.98.57.101
RUMBLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/j/p/ui.r2.js?_v=321

Requested by

Host: d60r6iww29z6r.cloudfront.net
URL: https://d60r6iww29z6r.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.98.57.101 , Canada, ASN399647 (RUMBLE, CA),

Reverse DNS

Software

nginx /

Resource Hash

2437e08626b53d5e480929b98e0781fc609d077cc5dc710534e128d7016ea7b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:33 GMT
content-encoding: br
last-modified: Thu, 07 Jul 2022 15:37:06 GMT
server: nginx
etag: W/"62c6fda2-12988"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000,immutable,stale-if-error=31536000,stale-while-revalidate=31536000
strict-transport-security: max-age=31536000;includeSubDomains;preload

GET
H2 200 pxxIe.OvCc.1.jpg
sp.rmbl.ws/s8/6/p/x/x/I/ 34 KB
34 KB 48ms
12ms Image
image/jpeg 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/6/p/x/x/I/pxxIe.OvCc.1.jpg
Requested by: Host: hotair.com
URL: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 9afa704e1ea3f4371018a5c1843ae5f33e86f5bd65149a5f618cd2ea98b46bc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:33 GMT
last-modified: Wed, 22 Jun 2022 00:16:15 GMT
server: nginx
etag: "ed772ed15a6b463ddfe3866f6b712642"
x-hw: 1659636333.cds205.fr8.hn,1659636333.cds229.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=29573
accept-ranges: bytes
content-length: 34453

GET
H2 206 pxxIe.caa.mp4
sp.rmbl.ws/s8/2/p/x/x/I/ 422 KB
0 50ms
19ms Media
video/mp4 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.rmbl.ws/s8/2/p/x/x/I/pxxIe.caa.mp4?u=0&b=0
Requested by: Host: hotair.com
URL: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://hotair.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 04 Aug 2022 18:05:33 GMT
last-modified: Wed, 22 Jun 2022 00:16:04 GMT
server: nginx
access-control-allow-origin: *
etag: "351cfc69912070e38fa4a1c72b01c6ca"
x-hw: 1659636333.cds205.fr8.hn,1659636333.cds154.fr8.c
content-type: video/mp4
Content-Range: bytes 0-22836068/22836069
cache-control: max-age=29573
accept-ranges: bytes
Content-Length: 22836069

POST
H2 200 execute Show response
c2.piano.io/xbuilder/experience/ 6 KB
3 KB 149ms
118ms XHR
application/json 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c2.piano.io/xbuilder/experience/execute?aid=OnyZMk8rii

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73b580631e4fdfa713c34ed5467ce6eadcb6bfc2551b0221a51630c949246a2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://hotair.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 04 Aug 2022 18:05:34 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: dsm3pbg9c3
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://hotair.com
access-control-expose-headers: Composer-Request-Control-Policy
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 735938ceeed09153-FRA

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ 83 KB
27 KB 13ms
13ms Script
application/x-javascript 2a02:26f0:6c00:2bf::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: d60r6iww29z6r.cloudfront.net
URL: https://d60r6iww29z6r.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bf::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b6864bdada069d9e3cee16d090651eb942cd22f5bca55d5a37802a092cdbf97c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 04 Aug 2022 18:05:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Aug 2022 12:28:01 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26873
Expires: Thu, 04 Aug 2022 19:05:33 GMT

GET
H/1.1 200
OK sp1.html Show response
cdn.cxense.com/ Frame E776 684 B
749 B 27ms
26ms Document
text/html 2a02:26f0:6c00:2bf::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/sp1.html
Requested by: Host: d60r6iww29z6r.cloudfront.net
URL: https://d60r6iww29z6r.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bf::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580

Request headers

Referer: https://hotair.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 379
Content-Type: text/html
Date: Thu, 04 Aug 2022 18:05:34 GMT
Expires: Sun, 14 Aug 2022 18:05:34 GMT
Last-Modified: Tue, 11 Jan 2022 07:21:04 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 14ms
14ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1740547684&t=pageview&_s=1&dl=https%3A%2F%2Frumble.com%2FembedJS%2Fu4.v16pao9%2F&dr=https%3A%2F%2Fhotair.com%2F%2Fjazz-shaw%2F2022%2F08%2F04%2Fthe-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358%3Futm_source%3Dhadaily%26utm_medium%3Demail%26utm_campaign%3Dnl%26bcid%3D9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6&ul=en-us&de=UTF-8&dt=The%20IRS%20has%205%20million%20rounds%20of%20ammo%20for%20some%20reason%20%E2%80%93%20HotAir&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=91085952&gjid=1793478113&cid=337887318.1659636334&tid=UA-44331619-1&_gid=1104703566.1659636334&_r=1&_slc=1&z=1386716319

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hotair.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 18:05:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hotair.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 view...16pao9.1mjiih8
rumble.com/l/ 35 B
191 B 131ms
130ms Ping
image/gif 172.98.57.101
RUMBLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/l/view...16pao9.1mjiih8?p=2.3&r=102068167&ref=https%3A%2F%2Fhotair.com%2F%2Fjazz-shaw%2F2022%2F08%2F04%2Fthe-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358%3Futm_source%3Dhadaily%26utm_medium%3Demail%26utm_campaign%3Dnl%26bcid%3D9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6&gt=2

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=321

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.98.57.101 , Canada, ASN399647 (RUMBLE, CA),

Reverse DNS

Software

nginx /

Resource Hash

90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 04 Aug 2022 18:05:34 GMT
server: nginx
strict-transport-security: max-age=31536000;includeSubDomains;preload
log-code: 3
content-type: image/gif

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 375 KB
125 KB 68ms
24ms Script
text/javascript 2a00:1450:400e:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: d60r6iww29z6r.cloudfront.net
URL: https://d60r6iww29z6r.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36b3a9329f9cac3bcf2923866e0441b90ea2b65c6b477bee86ecc31c8464674a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127666
x-xss-protection: 0
expires: Thu, 04 Aug 2022 18:05:34 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1740547684&t=event&_s=2&dl=https%3A%2F%2Frumble.com%2FembedJS%2Fu4.v16pao9%2F&dr=https%3A%2F%2Fhotair.com%2F%2Fjazz-shaw%2F2022%2F08%2F04%2Fthe-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358%3Futm_source%3Dhadaily%26utm_medium%3Demail%26utm_campaign%3Dnl%26bcid%3D9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6&ul=en-us&de=UTF-8&dt=The%20IRS%20has%205%20million%20rounds%20of%20ammo%20for%20some%20reason%20%E2%80%93%20HotAir&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Embed&ea=View&el=v16pao9&_u=aEDAAUABAAAAAC~&jid=&gjid=&cid=337887318.1659636334&tid=UA-44331619-1&_gid=1104703566.1659636334&z=436897272

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 05:52:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43987
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ Frame E776 83 KB
27 KB 13ms
13ms Script
application/x-javascript 2a02:26f0:6c00:2bf::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bf::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b6864bdada069d9e3cee16d090651eb942cd22f5bca55d5a37802a092cdbf97c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/sp1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 04 Aug 2022 18:05:34 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Aug 2022 12:28:01 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26873
Expires: Thu, 04 Aug 2022 19:05:34 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 51ms
17ms XHR
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-44331619-1&cid=337887318.1659636334&jid=91085952&gjid=1793478113&_gid=1104703566.1659636334&_u=aEDAAUABAAAAAC~&z=1824135942

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hotair.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 04 Aug 2022 18:05:34 GMT
content-type: text/plain
access-control-allow-origin: https://hotair.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK data Show response
api.cxense.com/public/widget/ 9 KB
5 KB 137ms
95ms Script
text/javascript 147.75.85.120
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cxense.com/public/widget/data?json=%7B%22context%22%3A%7B%22referrer%22%3A%22%22%2C%22neighborRemovalKeys%22%3A%5B%22id%22%5D%2C%22neighbors%22%3A%5B%5D%2C%22categories%22%3A%7B%22testgroup%22%3A%2293%22%7D%2C%22parameters%22%3A%5B%7B%22key%22%3A%22userState%22%2C%22value%22%3A%22anon%22%7D%2C%7B%22key%22%3A%22testgroup%22%2C%22value%22%3A%2293%22%7D%5D%2C%22autoRefresh%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fhotair.com%2F%2Fjazz-shaw%2F2022%2F08%2F04%2Fthe-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358%3Futm_source%3Dhadaily%26utm_medium%3Demail%26utm_campaign%3Dnl%26bcid%3D9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6%22%7D%2C%22widgetId%22%3A%2293f40527264e3a734d9283a56310884fd9e29811%22%2C%22user%22%3A%7B%22ids%22%3A%7B%22usi%22%3A%22l6fcmese5vzcjpdp%22%7D%7D%2C%22prnd%22%3A%22l6fcmese6vcdfbd3%22%7D&media=javascript&sid=1138588360591687579&widgetId=93f40527264e3a734d9283a56310884fd9e29811&experienceId=EXIO3RTI8YOF&trackingId=%7Bkpdx%7DAAAAvgkLm8_zagoKT255Wk1rOHJpaRIQbDZmY21lc2U2dmNkZmJkMxoMRVhJTzNSVEk4WU9GIiUxODA1NzhvMGRjLTAwMDAzMGphMTJ1cGNqb24xOGFtdW9yNzAwKiBzaG93UmVjb21tZW5kYXRpb25zSjRMNTNVSDBGUjJNOVISdi1rAPAvaDZ0YmkyaXg1WiQyYTAyOjZlYTA6YzcxYjowOjEwMTI6YWZiYjpiMDhmOmU1MjdiA2R3Y2jtt7WXBnABeBg&resizeToContentSize=true&useSecureUrls=true&usi=l6fcmese5vzcjpdp&rnd=424195297&prnd=l6fcmese6vcdfbd3&tzo=0&experienceId=EXIO3RTI8YOF&callback=cXJsonpCBl6fcmf44lukomdl8

Requested by

Host: d60r6iww29z6r.cloudfront.net
URL: https://d60r6iww29z6r.cloudfront.net/script.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

737bc3af4ac3bb326d8c453eec91692fc69c3e06efa07ef5afb0f7579dbc9283

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 18:05:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 4338
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 85ms
26ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hotair.com

Requested by

Host: d60r6iww29z6r.cloudfront.net
URL: https://d60r6iww29z6r.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Aug 2022 18:05:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 66ms
18ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hotair.com

Requested by

Host: d60r6iww29z6r.cloudfront.net
URL: https://d60r6iww29z6r.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Aug 2022 18:05:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 43 KB
11 KB 435ms
419ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=820430065125164&correlator=1852144792872441&eid=31068457%2C31068630%2C31068742%2C42531606&output=ldjh&gdfp_req=1&vrg=2022080101&ptt=17&impl=fif&iu_parts=6177%2Cslm.hotair%2Carticles%2C728x90_1&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x250%7C970x90%7C1x1&ifi=1&adks=1791733259&didk=2033464262&sfv=1-0-38&fsapi=false&prev_scp=pos%3D728x90_1%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=postType%3Dfree&sc=1&cookie_enabled=1&abxe=1&dt=1659636334133&lmt=1659636333&dlt=1659636333215&idt=497&adxs=436&adys=89&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fhotair.com%2F%2Fjazz-shaw%2F2022%2F08%2F04%2Fthe-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358%3Futm_source%3Dhadaily%26utm_medium%3Demail%26utm_campaign%3Dnl%26bcid%3D9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6&frm=20&vis=1&psz=1600x90&msz=1600x90&fws=4&ohw=1600&ga_vid=337887318.1659636334&ga_sid=1659636334&ga_hid=1740547684&ga_fc=true&ga_cid=1104703566.1659636334&cbidsp=Cn4IARIOCgdydWJpY29uEMcBIAISDgoIcHVibWF0aWMQeCACEgwKBXNvdnJuEJ4BIAISDAoGY3JpdGVvEGogAhIPCghhcHBuZXh1cxCCBCACGAIiJGE0MWExYWJkLTA5ZmEtNDI5OC1iY2YxLTU0Yzc2YTQyODNjMioCCANAuBc.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ce63f1fb9a39c14d643725d204327d26b83f375c109a14bd702f9b2232bbe82b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10811
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hotair.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
11 KB 1699ms
1682ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=820430065125164&correlator=1852144792872441&eid=31068457%2C31068630%2C31068742%2C42531606&output=ldjh&gdfp_req=1&vrg=2022080101&ptt=17&impl=fif&iu_parts=6177%2Cslm.hotair%2Carticles%2C300x250_4&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=2&adks=3118629930&didk=2082246077&sfv=1-0-38&fsapi=false&prev_scp=pos%3D300x250_4%26amznbid%3D2%26amznp%3D2%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D474054488ba04a7%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.00%26hb_adid%3D474054488ba04a7%26hb_bidder%3Dappnexus&eri=1&cust_params=postType%3Dfree&sc=1&cookie_enabled=1&abxe=1&dt=1659636334138&lmt=1659636333&dlt=1659636333215&idt=497&adxs=172&adys=1186&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fhotair.com%2F%2Fjazz-shaw%2F2022%2F08%2F04%2Fthe-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358%3Futm_source%3Dhadaily%26utm_medium%3Demail%26utm_campaign%3Dnl%26bcid%3D9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6&frm=20&vis=1&psz=816x250&msz=816x250&fws=4&ohw=1600&ga_vid=337887318.1659636334&ga_sid=1659636334&ga_hid=1740547684&ga_fc=true&ga_cid=1104703566.1659636334&cbidsp=CtACCAESDgoHcnViaWNvbhDHASACEg4KCHB1Ym1hdGljEHggAhIMCgVzb3ZybhCeASACEgwKBmNyaXRlbxBqIAIS4AEKCGFwcG5leHVzEIAEGs4BCg80NzQwNTQ0ODhiYTA0YTcQpeIBGgNVU0QiCWhiX2JpZGRlciIHaGJfYWRpZCIFaGJfcGIiB2hiX3NpemUiCWhiX3NvdXJjZSIJaGJfZm9ybWF0IhJoYl9iaWRkZXJfYXBwbmV4dXMiEGhiX2FkaWRfYXBwbmV4dXMiDmhiX3BiX2FwcG5leHVzIhBoYl9zaXplX2FwcG5leHVzIhJoYl9zb3VyY2VfYXBwbmV4dXMiEmhiX2Zvcm1hdF9hcHBuZXh1cygBOgYIrAIQ-gEgARgCIiQzYWZlZjY5NS00MjQ3LTQzMmItYTdmMi0zMDk3ZWFiODg4NWQqAggDQLgX

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

c0a8da59d5e2b5b4f285a514114b3ead82b671f27bbec17bad7cb129cd731f0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11500
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hotair.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
11 KB 1979ms
1962ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=820430065125164&correlator=1852144792872441&eid=31068457%2C31068630%2C31068742%2C42531606&output=ldjh&gdfp_req=1&vrg=2022080101&ptt=17&impl=fif&iu_parts=6177%2Cslm.hotair%2Carticles%2C300x250_5&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=3&adks=4084721817&didk=2082246074&sfv=1-0-38&fsapi=false&prev_scp=pos%3D300x250_5%26amznbid%3D2%26amznp%3D2%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.05%26hb_adid_appnexus%3D485cdc5908e40bb%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.05%26hb_adid%3D485cdc5908e40bb%26hb_bidder%3Dappnexus&eri=1&cust_params=postType%3Dfree&sc=1&cookie_enabled=1&abxe=1&dt=1659636334141&lmt=1659636333&dlt=1659636333215&idt=497&adxs=172&adys=2057&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fhotair.com%2F%2Fjazz-shaw%2F2022%2F08%2F04%2Fthe-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358%3Futm_source%3Dhadaily%26utm_medium%3Demail%26utm_campaign%3Dnl%26bcid%3D9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6&frm=20&vis=1&psz=816x250&msz=816x250&fws=4&ohw=1600&ga_vid=337887318.1659636334&ga_sid=1659636334&ga_hid=1740547684&ga_fc=true&ga_cid=1104703566.1659636334&cbidsp=CtACCAESDgoHcnViaWNvbhDHASACEg4KCHB1Ym1hdGljEHggAhIMCgVzb3ZybhCeASACEgwKBmNyaXRlbxBqIAIS4AEKCGFwcG5leHVzEIEEGs4BCg80ODVjZGM1OTA4ZTQwYmIQ1L4DGgNVU0QiCWhiX2JpZGRlciIHaGJfYWRpZCIFaGJfcGIiB2hiX3NpemUiCWhiX3NvdXJjZSIJaGJfZm9ybWF0IhJoYl9iaWRkZXJfYXBwbmV4dXMiEGhiX2FkaWRfYXBwbmV4dXMiDmhiX3BiX2FwcG5leHVzIhBoYl9zaXplX2FwcG5leHVzIhJoYl9zb3VyY2VfYXBwbmV4dXMiEmhiX2Zvcm1hdF9hcHBuZXh1cygBOgYIrAIQ-gEgARgCIiQ3ZDlhNmIzNy0yMTQ4LTQyY2ItYTUzNy1iYmFkOTgyNzQzMmQqAggDQLgX

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

7a828ffbfd0f178e572076fd92dc0081b059c35ff6a93248fbe14444d3e6e6e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11298
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hotair.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 43 KB
11 KB 2674ms
2658ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

b82cd968ee92ae9a20be452c2ab92c67c81c4a2447013d0e7d6a430af427af07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10896
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hotair.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 43 KB
11 KB 710ms
694ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=820430065125164&correlator=1852144792872441&eid=31068457%2C31068630%2C31068742%2C42531606&output=ldjh&gdfp_req=1&vrg=2022080101&ptt=17&impl=fif&iu_parts=6177%2Cslm.hotair%2Carticles%2C300x250_1&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=5&adks=3952526529&didk=2082246078&sfv=1-0-38&fsapi=false&prev_scp=pos%3D300x250_1%26amznbid%3D2%26amznp%3D2%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D491bd2000eb43fb%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.00%26hb_adid%3D491bd2000eb43fb%26hb_bidder%3Dappnexus&eri=1&cust_params=postType%3Dfree&sc=1&cookie_enabled=1&abxe=1&dt=1659636334145&lmt=1659636333&dlt=1659636333215&idt=497&adxs=1032&adys=228&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fhotair.com%2F%2Fjazz-shaw%2F2022%2F08%2F04%2Fthe-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358%3Futm_source%3Dhadaily%26utm_medium%3Demail%26utm_campaign%3Dnl%26bcid%3D9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6&frm=20&vis=1&psz=416x250&msz=416x250&fws=4&ohw=1600&ga_vid=337887318.1659636334&ga_sid=1659636334&ga_hid=1740547684&ga_fc=true&ga_cid=1104703566.1659636334&cbidsp=CtACCAESDgoHcnViaWNvbhDHASACEg4KCHB1Ym1hdGljEHggAhIMCgVzb3ZybhCeASACEgwKBmNyaXRlbxBqIAIS4AEKCGFwcG5leHVzEIEEGs4BCg80OTFiZDIwMDBlYjQzZmIQkqoCGgNVU0QiCWhiX2JpZGRlciIHaGJfYWRpZCIFaGJfcGIiB2hiX3NpemUiCWhiX3NvdXJjZSIJaGJfZm9ybWF0IhJoYl9iaWRkZXJfYXBwbmV4dXMiEGhiX2FkaWRfYXBwbmV4dXMiDmhiX3BiX2FwcG5leHVzIhBoYl9zaXplX2FwcG5leHVzIhJoYl9zb3VyY2VfYXBwbmV4dXMiEmhiX2Zvcm1hdF9hcHBuZXh1cygBOgYIrAIQ-gEgARgCIiQ2NDUxODNjYi04ZDY0LTRiMTUtODdlOS00Yzc3OWJiYzBmYWUqAggDQLgX

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

5300009064cd69d17d98d0b9a8316af40ef2448e19bd09315198b3b87b5e6552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10859
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hotair.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
10 KB 2310ms
2294ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=820430065125164&correlator=1852144792872441&eid=31068457%2C31068630%2C31068742%2C42531606&output=ldjh&gdfp_req=1&vrg=2022080101&ptt=17&impl=fif&iu_parts=6177%2Cslm.hotair%2Carticles%2C300x250_2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=6&adks=2948352899&didk=2082246079&sfv=1-0-38&fsapi=false&prev_scp=pos%3D300x250_2%26amznbid%3D2%26amznp%3D2%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D50f5b1c1657f77c%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.00%26hb_adid%3D50f5b1c1657f77c%26hb_bidder%3Dappnexus&eri=1&cust_params=postType%3Dfree&sc=1&cookie_enabled=1&abxe=1&dt=1659636334148&lmt=1659636333&dlt=1659636333215&idt=497&adxs=1032&adys=1537&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fhotair.com%2F%2Fjazz-shaw%2F2022%2F08%2F04%2Fthe-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358%3Futm_source%3Dhadaily%26utm_medium%3Demail%26utm_campaign%3Dnl%26bcid%3D9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6&frm=20&vis=1&psz=416x250&msz=416x250&fws=4&ohw=1600&ga_vid=337887318.1659636334&ga_sid=1659636334&ga_hid=1740547684&ga_fc=true&ga_cid=1104703566.1659636334&cbidsp=CtACCAESDgoHcnViaWNvbhDHASACEg4KCHB1Ym1hdGljEHggAhIMCgVzb3ZybhCeASACEgwKBmNyaXRlbxBqIAIS4AEKCGFwcG5leHVzEIIEGs4BCg81MGY1YjFjMTY1N2Y3N2MQte0BGgNVU0QiCWhiX2JpZGRlciIHaGJfYWRpZCIFaGJfcGIiB2hiX3NpemUiCWhiX3NvdXJjZSIJaGJfZm9ybWF0IhJoYl9iaWRkZXJfYXBwbmV4dXMiEGhiX2FkaWRfYXBwbmV4dXMiDmhiX3BiX2FwcG5leHVzIhBoYl9zaXplX2FwcG5leHVzIhJoYl9zb3VyY2VfYXBwbmV4dXMiEmhiX2Zvcm1hdF9hcHBuZXh1cygBOgYIrAIQ-gEgARgCIiQ4YjRmYTE1OS00MjUyLTQ0ZjEtYmE4ZS0yZWEzOGU4ZTdiMmIqAggDQLgX

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8592d5b5f07e537e10bf7f1823585bf8153d5348df3328ab69753c2ea056eaeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10671
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hotair.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 84 KB
27 KB 994ms
979ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=820430065125164&correlator=1852144792872441&eid=31068457%2C31068630%2C31068742%2C42531606&output=ldjh&gdfp_req=1&vrg=2022080101&ptt=17&impl=fif&iu_parts=6177%2Cslm.hotair%2Carticles%2C300x250_3&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=7&adks=1336607658&didk=2082246076&sfv=1-0-38&fsapi=false&prev_scp=pos%3D300x250_3%26amznbid%3D2%26amznp%3D2%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D513a1c33a8ff0b9%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.00%26hb_adid%3D513a1c33a8ff0b9%26hb_bidder%3Dappnexus&eri=1&cust_params=postType%3Dfree&sc=1&cookie_enabled=1&abxe=1&dt=1659636334151&lmt=1659636333&dlt=1659636333215&idt=497&adxs=1032&adys=2167&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fhotair.com%2F%2Fjazz-shaw%2F2022%2F08%2F04%2Fthe-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358%3Futm_source%3Dhadaily%26utm_medium%3Demail%26utm_campaign%3Dnl%26bcid%3D9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6&frm=20&vis=1&psz=416x250&msz=416x250&fws=4&ohw=1600&ga_vid=337887318.1659636334&ga_sid=1659636334&ga_hid=1740547684&ga_fc=true&ga_cid=1104703566.1659636334&cbidsp=CtACCAESDgoHcnViaWNvbhDHASACEg4KCHB1Ym1hdGljEHggAhIMCgVzb3ZybhCeASACEgwKBmNyaXRlbxBqIAIS4AEKCGFwcG5leHVzEIIEGs4BCg81MTNhMWMzM2E4ZmYwYjkQvp0CGgNVU0QiCWhiX2JpZGRlciIHaGJfYWRpZCIFaGJfcGIiB2hiX3NpemUiCWhiX3NvdXJjZSIJaGJfZm9ybWF0IhJoYl9iaWRkZXJfYXBwbmV4dXMiEGhiX2FkaWRfYXBwbmV4dXMiDmhiX3BiX2FwcG5leHVzIhBoYl9zaXplX2FwcG5leHVzIhJoYl9zb3VyY2VfYXBwbmV4dXMiEmhiX2Zvcm1hdF9hcHBuZXh1cygBOgYIrAIQ-gEgARgCIiRiNDNmMjE5Zi1iNzk5LTQ0NGQtYTU4Zi1hNmM4NmEyNWM1ZjcqAggDQLgX

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

a9cff4d5d07941e2677fc1c9992b18d3d9878e0388d5b78f8da99e7025166909

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL_Dx5HjrfkCFQ-6dwodcIMIlg&gqi=&layout=/sadbundle/%24csp%253Der3%24/10755105540443996160/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CL_Dx5HjrfkCFQ-6dwodcIMIlg&gqi=&layout=/sadbundle/%24csp%253Der3%24/10755105540443996160/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27815
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Thu, 04 Aug 2022 18:05:35 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hotair.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 84 KB
27 KB 1314ms
1299ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=820430065125164&correlator=1852144792872441&eid=31068457%2C31068630%2C31068742%2C42531606&output=ldjh&gdfp_req=1&vrg=2022080101&ptt=17&impl=fif&iu_parts=6177%2Cslm.hotair%2Carticles%2C300x250_sticky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=8&adks=1009543764&didk=3190318044&sfv=1-0-38&fsapi=false&prev_scp=pos%3D300x250_sticky%26amznbid%3D2%26amznp%3D2%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D52d0c9283ec97a5%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.00%26hb_adid%3D52d0c9283ec97a5%26hb_bidder%3Dappnexus&eri=1&cust_params=postType%3Dfree&sc=1&cookie_enabled=1&abxe=1&dt=1659636334155&lmt=1659636333&dlt=1659636333215&idt=497&adxs=1032&adys=2837&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fhotair.com%2F%2Fjazz-shaw%2F2022%2F08%2F04%2Fthe-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358%3Futm_source%3Dhadaily%26utm_medium%3Demail%26utm_campaign%3Dnl%26bcid%3D9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6&frm=20&vis=1&psz=416x250&msz=416x250&fws=516&ohw=1600&ga_vid=337887318.1659636334&ga_sid=1659636334&ga_hid=1740547684&ga_fc=true&ga_cid=1104703566.1659636334&cbidsp=CtACCAESDgoHcnViaWNvbhDHASACEg4KCHB1Ym1hdGljEHggAhIMCgVzb3ZybhCeASACEgwKBmNyaXRlbxBqIAIS4AEKCGFwcG5leHVzEIIEGs4BCg81MmQwYzkyODNlYzk3YTUQtaICGgNVU0QiCWhiX2JpZGRlciIHaGJfYWRpZCIFaGJfcGIiB2hiX3NpemUiCWhiX3NvdXJjZSIJaGJfZm9ybWF0IhJoYl9iaWRkZXJfYXBwbmV4dXMiEGhiX2FkaWRfYXBwbmV4dXMiDmhiX3BiX2FwcG5leHVzIhBoYl9zaXplX2FwcG5leHVzIhJoYl9zb3VyY2VfYXBwbmV4dXMiEmhiX2Zvcm1hdF9hcHBuZXh1cygBOgYIrAIQ-gEgARgCIiQ3NDE4NWQxMy1lYzE1LTQ0NDYtOTczMC1lYjBkN2NkZmFkYzkqAggDQLgX

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

5f8f8ad8c014a4c9d7a300fa08f98cdd0174215916cd8f0e751193dd59d72ead

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CICg2ZHjrfkCFdKFdwodrQkJxg&gqi=&layout=/sadbundle/%24csp%253Der3%24/10755105540443996160/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10755105540443996160/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CICg2ZHjrfkCFdKFdwodrQkJxg&gqi=&layout=/sadbundle/%24csp%253Der3%24/10755105540443996160/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27828
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Thu, 04 Aug 2022 18:05:35 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hotair.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
63a97030d4209d9e379e7236e88f577e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DD22 6 KB
4 KB 64ms
15ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://63a97030d4209d9e379e7236e88f577e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: d60r6iww29z6r.cloudfront.net
URL: https://d60r6iww29z6r.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hotair.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 18:05:34 GMT
expires: Fri, 04 Aug 2023 18:05:34 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 50ms
33ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-44331619-1&cid=337887318.1659636334&jid=91085952&_u=aEDAAUABAAAAAC~&z=1723078337

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 18:05:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 71ms
32ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-44331619-1&cid=337887318.1659636334&jid=91085952&_u=aEDAAUABAAAAAC~&z=1723078337

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 18:05:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK p1.js Show response
p1cluster.cxense.com/ Frame E776 46 B
634 B 56ms
13ms Script
text/javascript 147.75.83.64
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://p1cluster.cxense.com/p1.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: Jetty(9.4.28.v20200408) /
Resource Hash: a4b803dad122ce8d1927c884c376e4462c693a189588f108cf9d0997a5e84158

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:34 GMT
last-modified: Fri, 04 Feb 2022 18:05:34 GMT
server: Jetty(9.4.28.v20200408)
etag: 39k9fx1cetleaaf8v5hbse9j8
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: private, proxy-revalidate
content-type: text/javascript;charset=utf-8
content-length: 46
expires: Fri, 04 Aug 2023 18:05:34 GMT

GET
H3 200 bridge3.523.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 2B16 635 KB
205 KB 42ms
13ms Document
text/html 2a00:1450:400e:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.523.0_en.html

Requested by

Host: d60r6iww29z6r.cloudfront.net
URL: https://d60r6iww29z6r.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48b91239ab4f86f3916f4819e5711962a6e3a0e70d1542988763cdd261a86a02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hotair.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 181782
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 210018
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 02 Aug 2022 15:35:52 GMT
expires: Wed, 02 Aug 2023 15:35:52 GMT
last-modified: Tue, 02 Aug 2022 15:32:39 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 68ms
26ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: d60r6iww29z6r.cloudfront.net
URL: https://d60r6iww29z6r.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 04 Aug 2022 18:05:34 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 7ms
7ms Stylesheet
text/css 2a02:26f0:3500:16::215:148b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=zuk7wta&ht=tk&f=139.140.173.174.175.176.25136.25137.6812.6813.6814.6815.6816.6817.6818.6819&a=2710389&app=typekit&e=css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:34 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H3 200 Brooke-Jenkins-2-1110x740.jpg
hotair.com/wp-content/uploads/2022/08/ 115 KB
115 KB 16ms
15ms Image
image/jpeg 2606:4700::6812:1d31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hotair.com/wp-content/uploads/2022/08/Brooke-Jenkins-2-1110x740.jpg
Requested by: Host: hotair.com
URL: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1d31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bbddd7f681c1f81a9f69afa4426fabc48b8b2dccc2e9ce753d5dd1cfe3674f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:34 GMT
cf-cache-status: HIT
age: 415
cf-polished: origSize=118087, status=webp_bigger
x-img: tmbor2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 117521
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "360c4c3b8e0b4996651e0b2370139240c8b820a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=691200
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 735938d10e53bb7a-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
expires: Fri, 12 Aug 2022 18:05:34 GMT

GET
H3 200 sanders-ira-1110x740.jpg
hotair.com/wp-content/uploads/2022/08/ 62 KB
63 KB 24ms
23ms Image
image/jpeg 2606:4700::6812:1d31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hotair.com/wp-content/uploads/2022/08/sanders-ira-1110x740.jpg
Requested by: Host: hotair.com
URL: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1d31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7add317573d8a34c8595dad256eb9066cf9bad14d3e59a69001420498bb93b37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:34 GMT
cf-cache-status: HIT
age: 37
cf-polished: origSize=65056, status=webp_bigger
x-img: tmbor2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63915
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "6a7a377e8da46528cdaaf06f03781b3f62995892"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=691200
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 735938d10e55bb7a-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
expires: Fri, 12 Aug 2022 18:05:34 GMT

GET
H2 200 f499381d-2ce9-4aa2-8397-bee4a7c7440d-1110x740.jpg
media.townhall.com/townhall/reu/o/2018/215/ 95 KB
95 KB 9ms
9ms Image
image/jpeg 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.townhall.com/townhall/reu/o/2018/215/f499381d-2ce9-4aa2-8397-bee4a7c7440d-1110x740.jpg
Requested by: Host: hotair.com
URL: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: nginx /
Resource Hash: 316efcf03e4c5da3912fd9e29f20a00e15209e8d05a9b73f54019a19c907b16f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:34 GMT
server: nginx
x-img: thmbor3
etag: "98e6d88a6e3c8fe32a327d047a657bf68aa977dc"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
content-length: 97049
accept-ranges: bytes
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
cache-tag: img
x-hw: 1659636334.dop054.fr8.t,1659636334.cds154.fr8.hn,1659636334.cds010.fr8.c

GET
H/1.1 200
OK rep.gif
comcluster.cxense.com/Repo/ Frame E776 43 B
467 B 48ms
18ms Image
image/gif 147.75.83.64
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://comcluster.cxense.com/Repo/rep.gif?ver=2.6.0&typ=pgv&rnd=l6fcmese6vcdfbd3&sid=1138588360591687579&loc=https%3A%2F%2Fhotair.com%2F%2Fjazz-shaw%2F2022%2F08%2F04%2Fthe-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358%3Futm_source%3Dhadaily%26utm_medium%3Demail%26utm_campaign%3Dnl%26bcid%3D9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6&new=1&arf=0&ltm=1659636333998&ref=&tzo=0&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=l6fcmf2olf2f0fj6&ckp=l6fcmese5vzcjpdp&glb=&cp_userState=anon&cst=39k9fx1cetleaaf8v5hbse9j8
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:34 GMT
server: Jetty(9.4.28.v20200408)
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK id Show response
id.cxense.com/public/user/ 117 B
688 B 52ms
15ms Script
text/javascript 147.75.83.64
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22l6fcmese5vzcjpdp%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%2239k9fx1cetleaaf8v5hbse9j8%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%2239k9fx1cetleaaf8v5hbse9j8%22%7D%5D%2C%22siteId%22%3A%221138588360591687579%22%2C%22location%22%3A%22https%3A%2F%2Fhotair.com%2F%2Fjazz-shaw%2F2022%2F08%2F04%2Fthe-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358%3Futm_source%3Dhadaily%26utm_medium%3Demail%26utm_campaign%3Dnl%26bcid%3D9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6%22%7D&callback=cXJsonpCBl6fcmf8zq49qjpbp

Requested by

Host: d60r6iww29z6r.cloudfront.net
URL: https://d60r6iww29z6r.cloudfront.net/script.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

30b2df4b84281b9ddaa9c787fb6786dc27cd00e713f604386b41ff93df0e1a32

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 18:05:34 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 117
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK data Show response
api.cxense.com/public/widget/ 9 KB
5 KB 23ms
23ms Script
text/javascript 147.75.85.120
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cxense.com/public/widget/data?json=%7B%22context%22%3A%7B%22referrer%22%3A%22%22%2C%22categories%22%3A%7B%22testgroup%22%3A%2293%22%7D%2C%22parameters%22%3A%5B%7B%22key%22%3A%22userState%22%2C%22value%22%3A%22anon%22%7D%2C%7B%22key%22%3A%22testgroup%22%2C%22value%22%3A%2293%22%7D%5D%2C%22autoRefresh%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fhotair.com%2F%2Fjazz-shaw%2F2022%2F08%2F04%2Fthe-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358%3Futm_source%3Dhadaily%26utm_medium%3Demail%26utm_campaign%3Dnl%26bcid%3D9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6%22%7D%2C%22widgetId%22%3A%2293f40527264e3a734d9283a56310884fd9e29811%22%2C%22user%22%3A%7B%22ids%22%3A%7B%22usi%22%3A%22l6fcmese5vzcjpdp%22%7D%7D%2C%22prnd%22%3A%22l6fcmese6vcdfbd3%22%7D&media=javascript&sid=1138588360591687579&widgetId=93f40527264e3a734d9283a56310884fd9e29811&resizeToContentSize=true&useSecureUrls=true&usi=l6fcmese5vzcjpdp&rnd=644161926&prnd=l6fcmese6vcdfbd3&tzo=0&callback=cXJsonpCBl6fcmf93t5s8pxvx

Requested by

Host: d60r6iww29z6r.cloudfront.net
URL: https://d60r6iww29z6r.cloudfront.net/script.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

f1ca4c2bf7af7dcbf530ac07c955973065f58a20e6f7980ec0a860a9075dd561

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 18:05:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 4344
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 rev2.min.css
cdn.revcontent.com/build/css/ 83 KB
23 KB 51ms
13ms Stylesheet
text/css 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revcontent.com/build/css/rev2.min.css?v=8a3a2a6978afdbc7f3ab19beaf8d5c256995dd86
Requested by: Host: d60r6iww29z6r.cloudfront.net
URL: https://d60r6iww29z6r.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: cfd9bd8cba6101b2aea532c6e97999727d60f644e4ac81acbbc5a97c2646eec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:34 GMT
content-encoding: gzip
last-modified: Tue, 02 Aug 2022 16:01:51 GMT
etag: "1659456111"
x-hw: 1659636334.cds132.fr8.hn,1659636334.cds286.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=9
accept-ranges: bytes
content-length: 23124

GET
H2 200 rev2.min.js Show response
cdn.revcontent.com/build/js/ 280 KB
84 KB 53ms
16ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revcontent.com/build/js/rev2.min.js?v=8a3a2a6978afdbc7f3ab19beaf8d5c256995dd86&del=https://trends.revcontent.com/&lg=https://cdn.revcontent.com/assets/img/rc-logo.png&ci=https://cdn.revcontent.com/assets/img/icon-close.png&ab=https://trends.revcontent.com/rc-about.php&ldr=https://cdn.revcontent.com/assets/img/rc-spinner-md.gif&ht=https://trends.revcontent.com/rc-interests.php&env=p0&ca=0
Requested by: Host: d60r6iww29z6r.cloudfront.net
URL: https://d60r6iww29z6r.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: eded12927f58b27c9311a59faf78cff563208a205e1e179ac664b6d5ed32a10a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:34 GMT
content-encoding: gzip
last-modified: Tue, 02 Aug 2022 16:01:51 GMT
etag: "1659456111"
x-hw: 1659636334.cds132.fr8.hn,1659636334.cds267.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=75819
accept-ranges: bytes
content-length: 85555

GET
H2 200 /
img.revcontent.com/ 1 KB
1 KB 36ms
9ms Image
image/png 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Requested by: Host: hotair.com
URL: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:34 GMT
last-modified: Thu, 02 Jun 2022 15:22:42 GMT
etag: "1654183362"
x-hw: 1659636334.cds122.fr8.hn,1659636334.cds260.fr8.c
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1351

GET
H2 200 786efd98e782caeef7e0267153a41307.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/ 20 KB
21 KB 42ms
11ms Image
image/webp 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/786efd98e782caeef7e0267153a41307.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

c6d69c7a48ae8edf4aee8b1764b67d75fedc77768e5b8826e8f4a3b014fc83f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:34 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="786efd98e782caeef7e0267153a41307.webp"
server-timing: fastly;dur=1;cpu=0;start=2021-01-06T08:12:07.499Z;desc=hit,rtt;dur=0
content-length: 20624
last-modified: Wed, 30 Dec 2020 17:31:26 GMT
server: Cloudinary
etag: "5e40a84dc65715114a63abf89fe49d0e"
vary: Accept
x-hw: 1659636334.cds280.fr8.hn,1659636334.cds004.fr8.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 6179e9cb646af8-66310518.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/ 16 KB
16 KB 44ms
14ms Image
image/webp 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/6179e9cb646af8-66310518.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

2ed4574beb4161dc3e0d7fe8d8b516e07adef92f62c594b676c0b7436fd1246c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:34 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="6179e9cb646af8-66310518.webp"
server-timing: fastly;dur=728;cpu=0;start=2021-12-02T06:04:34.490Z;desc=miss,rtt;dur=0,cloudinary;dur=245;start=2021-12-02T06:04:34.827Z,cld-id;desc=f60f5b302a3d4a82b8df92517def2140
content-length: 16218
x-request-id: f60f5b302a3d4a82b8df92517def2140
last-modified: Thu, 02 Dec 2021 06:03:34 GMT
server: Cloudinary
etag: "09e5075d7df4889318bb6ae114b6584a"
vary: Accept
x-hw: 1659636334.cds280.fr8.hn,1659636334.cds131.fr8.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 6165112b01c716-44110292.png
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/ 15 KB
15 KB 48ms
18ms Image
image/webp 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/6165112b01c716-44110292.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

57f5f4f10b37d44d032c674a5a0a6dd93c318570c5dc32b5180aec05cf7764e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:34 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="6165112b01c716-44110292.webp"
server-timing: fastly;dur=2;cpu=1;start=2022-07-31T16:33:06.422Z;desc=hit,rtt;dur=0
content-length: 14938
last-modified: Tue, 30 Nov 2021 09:07:57 GMT
server: Cloudinary
etag: "22bfd72b21cc7b9a97ce5953ef22edd3"
vary: Accept
x-hw: 1659636334.cds280.fr8.hn,1659636334.cds216.fr8.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 616d5ff918c7a0-85814742.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/ 10 KB
11 KB 48ms
18ms Image
image/webp 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/616d5ff918c7a0-85814742.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

4d608e2092f76a036b777648912e154018e26f2672616ceb6250f25e8e469395

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:34 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="616d5ff918c7a0-85814742.webp"
server-timing: fastly;dur=1;cpu=0;start=2021-12-01T07:03:22.012Z;desc=hit,rtt;dur=0
content-length: 10742
x-request-id: e4f03fe8a884e97ef8699fb4bc5657fe
last-modified: Wed, 01 Dec 2021 06:33:36 GMT
server: Cloudinary
etag: "b1c681e5c46e39fb9ee2ca110c6aa4b6"
vary: Accept
x-hw: 1659636334.cds280.fr8.hn,1659636334.cds052.fr8.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 625ec64f4a4489-11659043.png
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/ 5 KB
5 KB 50ms
21ms Image
image/webp 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/625ec64f4a4489-11659043.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

69bd206cc2548b24a784eb6de6d332515be12247e003860bfb79a694716da0e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:34 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="625ec64f4a4489-11659043.webp"
server-timing: fastly;dur=1;cpu=0;start=2022-07-15T01:50:57.325Z;desc=hit,rtt;dur=0
content-length: 5316
last-modified: Tue, 19 Apr 2022 17:58:48 GMT
server: Cloudinary
etag: "3b9d7c7f218c28eedc72323939255804"
vary: Accept
x-hw: 1659636334.cds280.fr8.hn,1659636334.cds209.fr8.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 620a94ce54e5a4-89007525.png
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/ 12 KB
12 KB 51ms
22ms Image
image/webp 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/620a94ce54e5a4-89007525.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

11301d8af67782a3430019b5c1d11f37513bdd8561fa6515c2f9f64a1ac2e47b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:34 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="620a94ce54e5a4-89007525.webp"
server-timing: fastly;dur=1;cpu=0;start=2022-07-19T14:23:42.414Z;desc=hit,rtt;dur=0
content-length: 12302
last-modified: Wed, 16 Feb 2022 02:37:56 GMT
server: Cloudinary
etag: "51b0f93c105514e6e4a8c141f9060402"
vary: Accept
x-hw: 1659636334.cds280.fr8.hn,1659636334.cds013.fr8.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 l
use.typekit.net/af/acb0f1/0000000000000000000151d7/27/ 58 KB
58 KB 7ms
7ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/acb0f1/0000000000000000000151d7/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/zuk7wta.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 740aa8a2629c6410fcd0db8bd2716fb8f368a3af86d6a3cb4581c4a97de740e4

Request headers

Referer: https://use.typekit.net/zuk7wta.css
Origin: https://hotair.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:34 GMT
server: nginx
etag: "99f2aada661f7fde272af5ac5834ab55c8683148"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 58992

GET
H2 200 logAutoMicroConversion Show response
api-v3.tinypass.com/api/v3/conversion/ 47 B
476 B 179ms
170ms Script
application/javascript 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-v3.tinypass.com/api/v3/conversion/logAutoMicroConversion?tracking_id=%7Bkpdx%7DAAAAvgkLm8_zagoKT255Wk1rOHJpaRIQbDZmY21lc2U2dmNkZmJkMxoMRVhJTzNSVEk4WU9GIiUxODA1NzhvMGRjLTAwMDAzMGphMTJ1cGNqb24xOGFtdW9yNzAwKiBzaG93UmVjb21tZW5kYXRpb25zSjRMNTNVSDBGUjJNOVISdi1rAPAvaDZ0YmkyaXg1WiQyYTAyOjZlYTA6YzcxYjowOjEwMTI6YWZiYjpiMDhmOmU1MjdiA2R3Y2jtt7WXBnABeBg&event_type=EXTERNAL_EVENT&event_group_id=init&custom_params=%7B%22source%22%3A%22CX%22%7D&callback=jsonp57

Requested by

Host: d60r6iww29z6r.cloudfront.net
URL: https://d60r6iww29z6r.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99e7e19a70c8beff3f77f918c195d8590b8ca09d079289bb1ada5107f16afc2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 18:05:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 735938d1f9369171-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47
x-request-id: a2b20d2c9a91191bbd9e676e3bbf5961
expires: 0

POST
H2 200 imp.php Show response
trends.revcontent.com/ 0
192 B 106ms
48ms XHR
text/html 63.35.106.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/imp.php

Requested by

Host: cdn.revcontent.com
URL: https://cdn.revcontent.com/build/js/rev2.min.js?v=8a3a2a6978afdbc7f3ab19beaf8d5c256995dd86&del=https://trends.revcontent.com/&lg=https://cdn.revcontent.com/assets/img/rc-logo.png&ci=https://cdn.revcontent.com/assets/img/icon-close.png&ab=https://trends.revcontent.com/rc-about.php&ldr=https://cdn.revcontent.com/assets/img/rc-spinner-md.gif&ht=https://trends.revcontent.com/rc-interests.php&env=p0&ca=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.35.106.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-35-106-166.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept: */*
Referer: https://hotair.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://hotair.com
date: Thu, 04 Aug 2022 18:05:34 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
content-length: 0
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 22ms
21ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022080101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

dee22b1be00603b29523430dc6eeec750ad03a0b90d59484fe07cfaca5c9dad2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Aug 2022 18:05:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10427
x-xss-protection: 0

POST
H3 200 rum Show response
hotair.com/cdn-cgi/ 0
162 B 18ms
10ms XHR
text/plain 2606:4700::6812:1d31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hotair.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1d31 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type: application/json

Response headers

date: Thu, 04 Aug 2022 18:05:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://hotair.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 735938d32acfbb7a-FRA
vary: Origin

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 270ms
29ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: d60r6iww29z6r.cloudfront.net
URL: https://d60r6iww29z6r.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:05:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 04 Aug 2022 18:05:34 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012207221643000/ 220 KB
61 KB 222ms
8ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs

Requested by

Host: d60r6iww29z6r.cloudfront.net
URL: https://d60r6iww29z6r.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e78609c13e44bafd8f619e97e02631aea063465da09c9f1022a24a30f2ecd192

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 265649
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61462
x-xss-protection: 0
server: sffe
date: Mon, 01 Aug 2022 16:18:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "006401e583f0e23c"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 01 Aug 2023 16:18:05 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ 14 KB
5 KB 232ms
18ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: d60r6iww29z6r.cloudfront.net
URL: https://d60r6iww29z6r.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09bdd678609812f4311a2a3ae3b63b08b35029f886975555f704a3f79fbbe2d5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 265649
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5196
x-xss-protection: 0
server: sffe
date: Mon, 01 Aug 2022 16:18:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bc8caad49b08d8fb"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 01 Aug 2023 16:18:05 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ 94 KB
28 KB 233ms
19ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-analytics-0.1.mjs

Requested by

Host: d60r6iww29z6r.cloudfront.net
URL: https://d60r6iww29z6r.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

866c3e7e9c3ac0d8e0df50f622518445b0465dc4a34bbb6082b6c27391d77dbc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 265649
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28864
x-xss-protection: 0
server: sffe
date: Mon, 01 Aug 2022 16:18:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "14e9be8f3cf5efda"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 01 Aug 2023 16:18:05 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ 5 KB
2 KB 236ms
23ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-fit-text-0.1.mjs

Requested by

Host: d60r6iww29z6r.cloudfront.net
URL: https://d60r6iww29z6r.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b396ad1f1cac053ea579e5989462b206af7fb863907bf319fe02d2a5ce29aebc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 265649
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
date: Mon, 01 Aug 2022 16:18:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fcd376918b45715d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 01 Aug 2023 16:18:05 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ 40 KB
13 KB 236ms
23ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-form-0.1.mjs

Requested by

Host: d60r6iww29z6r.cloudfront.net
URL: https://d60r6iww29z6r.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c9464895887e89bf485eb9a07e7ebe22ff70133a8bcb1e19a0774ecf67703a8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 265649
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12959
x-xss-protection: 0
server: sffe
date: Mon, 01 Aug 2022 16:18:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fd6c62727a90c1dd"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 01 Aug 2023 16:18:05 GMT

GET
DATA 200
OK truncated
/ 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ffa0b04f6ad040e2ceb51d89d555cb6251b0664a6a2cdb6370a8dde49ddee21

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 7152784960378331391
tpc.googlesyndication.com/daca_images/simgad/ 92 KB
92 KB 220ms
9ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/7152784960378331391

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c1780d0c8b3ea67c51c3374327be72019ca0f736e3600d81e0f4e41c31b6e29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 09:17:39 GMT
x-content-type-options: nosniff
age: 31675
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93715
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 09:07:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 04 Aug 2023 09:17:39 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ 2 KB
3 KB 218ms
7ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 09:48:35 GMT
x-content-type-options: nosniff
server: cafe
age: 29819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 05 Aug 2022 09:48:35 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ 295 B
399 B 219ms
8ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 09:55:02 GMT
x-content-type-options: nosniff
server: cafe
age: 29432
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 05 Aug 2022 09:55:02 GMT

GET
H3 204 l
www.google.com/ads/measurement/ 0
0 16ms
15ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSuV-TrZiknXVQGbmmNIrJ5-h4hQAHdYppymWqIf77mSdab_WyQPplJne4_Mzl69ebyoo9mlVIydxYUv57nHdWJXcvGsA
Requested by: Host: hotair.com
URL: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ 0
0 52ms
52ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CVfsabgrsYpm-DY3O3gPmhYzwDZa0if1qodWLg9AQ2tkeEAEg0e2gF2CVgoCAwAegAYbvq5UCyAEC4AIAqAMByAMIqgTXAk_QAC-W5w14JcgUnVbEQYeoSU0g2-CCD65t1THC24-SoPyUChoeyrxp-bV_mDj4qR8eyXW1b29ebOApcTBBDwoWp6wTfAT9OXDDVNxHAxGpWsTwLIH4ARdnJb0084mPbpPc4NNo_qeFxNrM-p1SXZhAnyuWjLjgf17bSK5SeN10ccYmZq2-cR8MOGGsMtPkweD7ldEgcMW3ZYQLZERwPh0MylBPRVM-oawUPp7nJshatezVx7T6tZvp8XDK9doZ4_UgfDmZSU2M10jw9iJElTK5jaYv_1EzTJ-d1Ku1Rq8W0dZQBzhe7gskOXHF09onMRQPrtUm_RU8nzpDlGaw5bOeamUKw0Ptl9sYDHX5_OvpTqG2wysxmUcvTVcA-8qpSx2B4oZ6IHWQIXztYuZ9dTgK6IJfYHXjDd3S59yqhl_9SXHxrCrwFfRjAv9WleQMoryz94Y_tWXABJ-G2dzaA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAfikNTqAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEENXUCtIIEgiI4YAQEAEYHTIDqoIBOgKAQIAKA8gLAdgTDNAVAZgWAYAXAbIXHgocCAASFHB1Yi0zNTIyMzc3MTQ0MzY1NDgyGK3SFQ&sigh=U9e40LHnjGk&uach_m=[UACH]
Requested by: Host: hotair.com
URL: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

56ms
33ms

Image
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: hotair.com
URL: https://hotair.com//jazz-shaw/2022/08/04/the-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358?utm_source=hadaily&utm_medium=email&utm_campaign=nl&bcid=9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6
Protocol: H2
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Redirect headers

date: Thu, 04 Aug 2022 18:05:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 64ms
17ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhotair.com%2F&domain=hotair.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://hotair.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://hotair.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 04 Aug 2022 18:05:34 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1192
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhotair.com%2F&domain=hotair.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=fyD5w3w1Y3cvMWZGQ3UwM0FOV2k2a3VGR2FraEVLYWpyOW1HWGd4RHExLzFCSkJyTG9hOVdJUkMyL2tEc1B2T1R2RS9ZbXNVRi9waksxdndKQUJtMDVOeEZCaGRVaFR0bzFxMkFKODVvbHJGbDlTV3I1ejFxMFZlR3Jad2...

347 B
615 B

42ms
15ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=fyD5w3w1Y3cvMWZGQ3UwM0FOV2k2a3VGR2FraEVLYWpyOW1HWGd4RHExLzFCSkJyTG9hOVdJUkMyL2tEc1B2T1R2RS9ZbXNVRi9waksxdndKQUJtMDVOeEZCaGRVaFR0bzFxMkFKODVvbHJGbDlTV3I1ejFxMFZlR3Jad2tOaG1hU2VsVE5zZVI3OHN3K2RkRkRSRUZYRjF2dXZPUWNyWkJIeWxTQXBLVzVWL2p2amFyZTNHT1dJQ3E5N2gvTzVrZDREQ01jdWJwMWlCOWQ5eEswb2pIbWVlTGJRejJzb2pPbVBPTngwaHFsaW9EOWdrPXw&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

688bdd21cba3009175bec69bb28ae5780c04e1da1060cb480640475367516032

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 18:05:35 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2886
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 04 Aug 2022 18:05:35 GMT
location: https://mug.criteo.com/sid?cpp=fyD5w3w1Y3cvMWZGQ3UwM0FOV2k2a3VGR2FraEVLYWpyOW1HWGd4RHExLzFCSkJyTG9hOVdJUkMyL2tEc1B2T1R2RS9ZbXNVRi9waksxdndKQUJtMDVOeEZCaGRVaFR0bzFxMkFKODVvbHJGbDlTV3I1ejFxMFZlR3Jad2tOaG1hU2VsVE5zZVI3OHN3K2RkRkRSRUZYRjF2dXZPUWNyWkJIeWxTQXBLVzVWL2p2amFyZTNHT1dJQ3E5N2gvTzVrZDREQ01jdWJwMWlCOWQ5eEswb2pIbWVlTGJRejJzb2pPbVBPTngwaHFsaW9EOWdrPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://hotair.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1688
content-length: 482
expires: 0

POST
H/1.1 200 949.json Show response
id5-sync.com/g/v2/ 213 B
617 B 10ms
9ms XHR
application/json 141.95.98.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/949.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156799/2939/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.70 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216620.ip-141-95-98.eu

Software

Resource Hash

bafdd5469ddb66debc4d9fab2e432113d5d47962d7401198f2cd0ce2d4edc6ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://hotair.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hotair.com
date: Thu, 04 Aug 2022 18:05:34 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H2 200 id Show response
id.crwdcntrl.net/ 63 B
332 B 135ms
61ms XHR
application/json 54.220.48.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156799/2939/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.48.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-48-180.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: b642e4729ecadb18d7c24fe4c65fcf312d8fa448d4b70fe8e19f15ff038bbca7

Request headers

Referer: https://hotair.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 18:05:35 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://hotair.com
cache-control: no-cache
x-server: 10.45.10.0
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
386 B 102ms
30ms XHR
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156799/2939/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e0b76b010131b308b91644e4bc008adc04f32081bacf0e3b6297869948f6f465

Request headers

Referer: https://hotair.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 04 Aug 2022 18:05:35 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hotair.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sat, 03 Sep 2022 18:05:35 GMT

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 0
249 B 83ms
33ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=13248
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156799/2939/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 55.133.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hotair.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 04 Aug 2022 18:05:35 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://hotair.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET ats.js
ats.rlcdn.com/ 0
0

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 48ms
14ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 04 Aug 2022 18:05:35 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1191
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ 42 B
64 B 44ms
44ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsscZxBRY-mldqHPHxRC4WqAupQsydL2LiLAZEvZs_zsgAh49SAZRixaMQzDk5uuFEgFV7v5hcewtX5j_VKzWYzhBbEcL_Npavq023xTcX-RKudpgm5a9NvKYLWzODjTkKB9LgHcw4cUTGylgQ&sai=AMfl-YQxQhtZ5o5w333GU3eb2vTCoNIaw2COvhr_sVdesPua6hCWzGsvOoOZlXjivYdGl92FiFzmNGgXZ-muW9MTN_88H2czc0POjENXRTNy0C5KThUgs99PPCXq_gfegbR3&sig=Cg0ArKJSzC3vZC2LQumGEAE&id=ampim&o=0,0&d=1600,1200&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=2878&tls=3878&g=100&h=100&tt=3878&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=1791733259

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 18:05:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
auth.hotair.com/ 0
270 B 80ms
27ms XHR
text/plain 2606:4700::6811:b6b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.hotair.com/?maxAge=2628000

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://hotair.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 04 Aug 2022 18:05:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-origin: https://hotair.com
access-control-allow-credentials: true
strict-transport-security: max-age=86400; includeSubDomains
cf-ray: 735938dfad979164-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET publishertag.prebid.js
static.criteo.net/js/ld/ 0
0

GET sdk.js
api-esp.piano.io/public/sdk/v04/ 0
0

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 35ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VJM6PCZB0L&gtm=2oe830&_p=1740547684&_z=ccd.v9B&cid=337887318.1659636334&ul=en-us&sr=1600x1200&_eu=AC&_s=2&sid=1659636333&sct=1&seg=0&dl=https%3A%2F%2Fhotair.com%2F%2Fjazz-shaw%2F2022%2F08%2F04%2Fthe-irs-has-5-million-rounds-of-ammo-for-some-reason-n487358%3Futm_source%3Dhadaily%26utm_medium%3Demail%26utm_campaign%3Dnl%26bcid%3D9262b43ed2dfe90f7fb3e8e91a0b30206efdaa91619c2b0316511cf17faf75a6&dt=The%20IRS%20has%205%20million%20rounds%20of%20ammo%20for%20some%20reason%20%E2%80%93%20HotAir&en=View&ep.event_category=Embed&ep.event_label=v16pao9&_et=416
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJM6PCZB0L&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hotair.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 18:05:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hotair.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js

Domain: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Domain: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Verdicts & Comments Add Verdict or Comment

164 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

45 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
click1.hotairemail.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: F5551E83624FE456722707C2C0C409E1
.hotair.com/	1970-01-20 05:00:38	Name: __cf_bm Value: rA.lbI6DdMFxRto_T6.0ZQtXy5yFtdFAt680sigm2rk-1659636333-0-AV2+tMq+5TWwVJ1Oiv1Ql7FccMazlXwuXDEl3oLzLTUOg7nvd6sLqR5/jb5IWFAVsGKoGRmLnFqX1j/d0EwbZZ0=
.townhall.com/	1970-01-20 05:00:38	Name: __cf_bm Value: V.2iIaucPBT.CcylJDmYtjHFareMYba9Mk65a9o22js-1659636333-0-AXQ6mkolZK1dIFlE4Zorwd6b6gxlLUwnhTqbFVHVvneoATuJFchQTNC/Cu9uq+5KBGJH6snUYM/hR7Y1SP82eFg=
.twitchy.com/	1970-01-20 05:00:38	Name: __cf_bm Value: HqHXsqEhHCJPnGw4hpwiqDuMBRqDgLOIJE25K8jKghE-1659636333-0-AQBsIDFicqPeJsDlO5mLijS3zgFKJY61cAO5qGwZs+NDSCb3HEHlMcBmIaa1+Ee2JOtSxWbV3iHx3qC8Zv+ySdY=
.pjmedia.com/	1970-01-20 05:00:38	Name: __cf_bm Value: RfVQI93__GPWSFNkXayWHvWF.UzXZOI5ft_WZLtWAeU-1659636333-0-Aatle9NUawX6oojsfHsAb95dHKA9gNEaD2Q5U96EgUluNA11NOHiyT4yEIsV6GA7L5DM63amcHyCR1O3z8++TU8=
.hotair.com/	1970-01-20 14:29:24	Name: _cb Value: C_bCH8bfzZb-WHen
.hotair.com/	1970-01-20 14:29:24	Name: _chartbeat2 Value: .1659636333465.1659636333465.1.2PXWq7EO9NBDkQeBBD5Z_oBLusmB.1
.hotair.com/	1970-01-20 05:00:38	Name: _cb_svref Value: null
hotair.com/	1970-01-20 05:43:48	Name: _pbjs_userid_consent_data Value: 3524755945110770
.hotair.com/	1970-01-20 09:19:48	Name: _pubcid Value: 5836fa49-00ee-4076-a67a-9f4f93c7689f
.hotair.com/	1970-01-20 05:02:02	Name: _gid Value: GA1.2.1104703566.1659636334
.hotair.com/	1970-01-20 05:00:36	Name: _gat_gtag_UA_2595430_1 Value: 1
hotair.com/	1970-01-20 05:00:36	Name: __adblocker Value: false
hotair.com/	1970-01-20 05:02:02	Name: _lr_geo_location Value: DE
hotair.com/	1970-01-20 05:10:41	Name: AMZN-NoCookieConsent Value: 1
.rubiconproject.com/	1970-01-20 13:46:12	Name: khaos Value: L6FCMERX-17-ETIX
.rubiconproject.com/	1970-01-20 13:46:12	Name: audit Value: 1\|hLZGFuTafB1d+gL9q1+k8Xjc0/aJelRdbjRFtGIHH0vqan9zV6B01Cl7Tn9LRum1ddeVs2qr/irggJ3pD4CYmxhM6ULGpaWo3OlDu/ORdD8=
.adnxs.com/	1970-01-20 07:10:12	Name: icu Value: ChgI8egyEAoYASABKAEw7ZSwlwY4AUABSAEQ7ZSwlwYYAA..
.adnxs.com/	1970-01-20 07:10:12	Name: uuid2 Value: 4553039875949498880
.tinypass.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: A3B70CA6399B62D7CA9028DE74596DA1
id.tinypass.com/	1970-01-20 05:00:36	Name: AWSELBCORS Value: D54D83371CA73269B30D9CD8F7A2329AB776287862274343263B441C07542FF48E5D6C7E0653D7B28791512166FEA59617900A2E8D40AB6DC620626464194842120C6E4AB1
hotair.com/	1970-01-20 07:10:12	Name: __pnahc Value: 0
.piano.io/	1970-01-20 05:00:38	Name: __cf_bm Value: 99X5_7gesEIYrwzEuvrRbAEkJF09IfvW4qxWt1YdtkA-1659636334-0-ATlhL6RXNwOaQemwL43Law33O1afc4uxhuXB93Q49HmnGtea0ALTmEcVyLPWCR7xKgCJdya/m+VIK+BN0hSdg/U=
.hotair.com/	1970-01-20 14:36:36	Name: __tbc Value: %7Bkpex%7DWPvN8Bkz3xvNT8nCojXjOcosn7x9-8YFeYn52DUH0OwPYneVVreOI78qh3dnNuy8
.hotair.com/	1970-01-20 05:43:48	Name: __pat Value: -14400000
.hotair.com/	1970-01-20 05:02:02	Name: __pvi Value: %7B%22id%22%3A%22v-l6fcmesh6tbi2ix5%22%2C%22domain%22%3A%22.hotair.com%22%2C%22time%22%3A1659636334029%7D
.hotair.com/	1970-01-20 14:36:36	Name: _pctx Value: %7Bu%7DN4IgDghg5gpgagSxgdwJIBMQC4QBsBsAZgMYC2MAzjPgG7HqEBG6AzCADQiMBOA9slW4ZseImUowArDQBexAFZh0YDiACugitgB2a3Lk4aY3AMoAXCGY0iI23ttUUEZmMJwBGdywAck795Z8AAZJAE53fG8Adkko0JAAXyA
.hotair.com/	1970-01-20 14:36:36	Name: xbc Value: %7Bkpex%7DgTRoruY7JWNyT5dmMN89bYK-Ub87doPEyqfhzXZylMFg6Prc1kOHTLY-4tX-gHQqshDAyXMvSz-npHFrFXDkyToL4q6A3Nvl5b-IUb4s8f5S6q8An8ojREDAEZwq66X-WoqwoaBKK69CpqyQUr_Id7BiUHwW09aETayvoa0Q8fUD1djzjwb7-P7bI3tF4A0CWJabI3xAJ_DBEobwaBlsOg
.hotair.com/	1969-12-31 23:59:59	Name: cX_S Value: l6fcmf2olf2f0fj6
.hotair.com/	1970-01-20 14:36:36	Name: _ga Value: GA1.2.337887318.1659636334
.hotair.com/	1970-01-20 05:00:36	Name: _gat_rumble Value: 1
.hotair.com/	1970-01-20 14:36:36	Name: _ga_VJM6PCZB0L Value: GS1.1.1659636333.1.0.1659636334.0
.hotair.com/	1970-01-20 13:46:12	Name: cX_P Value: l6fcmese5vzcjpdp
.cxense.com/	1970-01-20 13:46:12	Name: gckp Value: gpfu4tysqtxy3rv7kzq8h2mc2
.hotair.com/	1970-01-20 13:46:12	Name: cX_G Value: cx%3Ajbpiwkhgl9wj2dhqlz5wnqhpw%3A3pwmybustor2g
.doubleclick.net/	1970-01-20 14:22:12	Name: IDE Value: AHWqTUkTqwSN_Uz3zcj6OxtQirUIuAVYdZVoLt8p8hxucAgbUq4SFyaQxT1OcLmFDgQ
.doubleclick.net/	1970-01-20 05:00:39	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 05:00:37	Name: test_cookie Value: CheckForPermission
hotair.com/	1970-01-20 05:00:39	Name: _lr_retry_request Value: true
hotair.com/	1970-01-20 05:43:48	Name: _lr_env_src_ats Value: false
hotair.com/	1970-01-20 06:27:00	Name: pbjs-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-08-04T18%3A05%3A35%22%7D
.hotair.com/	1969-12-31 23:59:59	Name: panoramaId_expiry Value: 1659722735633
.hotair.com/	1970-01-20 14:22:12	Name: cto_bundle Value: 95JexV9JZWt6JTJGZVZhenlNSkpDUDdvSVZuanZIQXVGQUtCOExKeEdNRTM5RzNHVjJxaSUyQkhRQmo2UTgyJTJCUFZzSEZRdWkxdTdrJTJGc3hLUWVreUQ3b0NEMktEaUJJdXplYUo3aXVwRzFjVTlXczNoRUxHVTY1Wkx3NEF4MWxObDEyNURWJTJGcTc
.hotair.com/	1970-01-20 14:22:12	Name: cto_bidid Value: opKNC19zcEtSaVFBUHpxSFYxMlpxcUNsSmlRbENMQjhBUVVQQkI4M25qejFkQUdQVnRIc0NOWEN6VGtpSlU0ZmU2dFpDQXBhWFVCcyUyQkNtZ0xLVFdmU242dUN3JTNEJTNE
.hotair.com/	1970-01-20 14:22:12	Name: __gads Value: ID=49a958fea1f298b2-22ad8ff3e6cd005c:T=1659636334:S=ALNI_MZkf4GfVxqlQ8INtu5Rkp7QUbdo4A

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012207221643000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
security	error	URL: https://d60r6iww29z6r.cloudfront.net/ Message: Refused to frame 'https://tpc.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d60r6iww29z6r.cloudfront.net/ Message: Refused to frame 'https://www.google.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://tpc.googlesyndication.com/sodar/sodar2.js(Line 34) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://tpc.googlesyndication.com') does not match the recipient window's origin ('null').
security	error	URL: https://d60r6iww29z6r.cloudfront.net/script.js Message: Refused to load the script 'https://ats.rlcdn.com/ats.js' because it violates the following Content Security Policy directive: "script-src 'nonce-bTZuN3Y4M3gy' https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=13248 Message: Failed to load resource: the server responded with a status of 451 ()
security	error	URL: https://d60r6iww29z6r.cloudfront.net/script.js Message: Refused to load the script 'https://static.criteo.net/js/ld/publishertag.prebid.js' because it violates the following Content Security Policy directive: "script-src 'nonce-bTZuN3Y4M3gy' https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://d60r6iww29z6r.cloudfront.net/script.js Message: Refused to load the script 'https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx' because it violates the following Content Security Policy directive: "script-src 'nonce-bTZuN3Y4M3gy' https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://d60r6iww29z6r.cloudfront.net/ Message: Refused to frame 'https://acdn.adnxs.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d60r6iww29z6r.cloudfront.net/ Message: Refused to frame 'https://eus.rubiconproject.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d60r6iww29z6r.cloudfront.net/ Message: Refused to frame 'https://ap.lijit.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://d60r6iww29z6r.cloudfront.net/ Message: Refused to frame 'https://ads.pubmatic.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

63a97030d4209d9e379e7236e88f577e.safeframe.googlesyndication.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
ap.lijit.com
api-esp.piano.io
api-v3.tinypass.com
api.cxense.com
api.rlcdn.com
ats.rlcdn.com
auth.hotair.com
bidder.criteo.com
buy.tinypass.com
c.amazon-adsystem.com
c2.piano.io
cdn.ampproject.org
cdn.cxense.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.revcontent.com
cdn.tinypass.com
cdn.townhall.com
click1.hotairemail.com
comcluster.cxense.com
d60r6iww29z6r.cloudfront.net
experience.tinypass.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
hotair.com
i.clean.gg
ib.adnxs.com
id.crwdcntrl.net
id.cxense.com
id.tinypass.com
id5-sync.com
images.revcontent.com
imasdk.googleapis.com
img.revcontent.com
lb.eu-1-id5-sync.com
match.adsrvr.org
media.townhall.com
mug.criteo.com
p.typekit.net
p1cluster.cxense.com
pagead2.googlesyndication.com
ping.chartbeat.net
pjmedia.com
region1.google-analytics.com
rumble.com
s0.2mdn.net
securepubads.g.doubleclick.net
sp.rmbl.ws
static.chartbeat.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
tk.amazon-adsystem.com
townhall.com
tpc.googlesyndication.com
trends.revcontent.com
twitchy.com
use.typekit.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.npttech.com
api-esp.piano.io
ats.rlcdn.com
static.criteo.net
141.95.98.70
142.250.181.226
143.204.215.111
147.75.83.64
147.75.85.120
151.139.128.11
162.19.138.82
172.98.57.101
178.250.2.131
178.250.2.146
18.200.116.66
185.64.189.112
185.89.210.141
2001:4860:4802:34::36
205.185.216.10
205.185.216.42
216.52.2.19
23.35.236.201
2600:9000:2057:6200:18:1fcd:351:7bc1
2600:9000:2057:fa00:4:b8d7:18c0:21
2602:803:c004:200::143
2606:4700:10::6816:3456
2606:4700:3030::6815:5476
2606:4700:440e::ac40:9c1a
2606:4700::6810:f015
2606:4700::6811:b6b1
2606:4700::6811:b9b1
2606:4700::6812:132b
2606:4700::6812:1d31
2606:4700::6812:8ef
2606:4700::6812:d25
2a00:1450:4001:803::2004
2a00:1450:4001:806::2001
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:827::2001
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:831::2006
2a00:1450:400c:c0b::9a
2a00:1450:400e:80d::200a
2a02:2638::1c
2a02:26f0:3500:16::215:148b
2a02:26f0:3500:16::215:14a0
2a02:26f0:6c00:2bf::268b
2a04:4e42::485
34.120.133.55
34.95.69.49
52.223.40.198
52.72.58.170
54.220.48.180
63.35.106.166
65.9.71.118
74.214.203.11
99.86.4.6
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
086bf13b26a154d573770a63f2a136d917d58d10a066bc26eef71f5ab597cd0b
09bdd678609812f4311a2a3ae3b63b08b35029f886975555f704a3f79fbbe2d5
0c1780d0c8b3ea67c51c3374327be72019ca0f736e3600d81e0f4e41c31b6e29
0fe9a85e105dbef3b820a0218cef3ad256ee7e85e10e948397240aa947c9a066
11301d8af67782a3430019b5c1d11f37513bdd8561fa6515c2f9f64a1ac2e47b
120ae5c5baea88cee37fc679c53a6839a09e464168ca7583908facbbacb96d88
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c9464895887e89bf485eb9a07e7ebe22ff70133a8bcb1e19a0774ecf67703a8
1ddd43c554ea3a1361dd9ae2fa3554d105644c70f4a9c5ce42a64ecfa7be1e0c
2437e08626b53d5e480929b98e0781fc609d077cc5dc710534e128d7016ea7b9
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
29a4270e5283199ada52b5958457405e3fd1ee70b4ff5a844abfe16fe889c998
2a26b23b60bf6d059c32bf52320ad44aa86bbfbd2620cf8f201e5abedb7af27d
2ad1a3ce85195c70b579486b5b5b7721a42a5613b35e4a96e68a2d95bced9a3a
2c7c167e8b508ff6db909ad574209b8659a5a203fcc1fd8ff6e299e1e141c7a4
2d372e05edbda96f8861de0a8af67c408abfc10e3d198d0e464a2bd3d6f1f78c
2d677cb7745ced99f8b374bd5ac193ed88e8e7970acfec4cd7b176030a99cb1d
2dacfb720cbf827b9972351d40843eb584345dcc406e3eb3c21054ba4aecace3
2ed4574beb4161dc3e0d7fe8d8b516e07adef92f62c594b676c0b7436fd1246c
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816
30b2df4b84281b9ddaa9c787fb6786dc27cd00e713f604386b41ff93df0e1a32
316efcf03e4c5da3912fd9e29f20a00e15209e8d05a9b73f54019a19c907b16f
31c3edd8584a00741847ee769f32d5bc8f48293cfd60b33314ac5297818eacb0
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36b3a9329f9cac3bcf2923866e0441b90ea2b65c6b477bee86ecc31c8464674a
44d961f1ee0f411bb3cc1fcc720ae31db2b0c5562e0d5394cf786b4033ba040d
4578a7e1f8c031503fc06d3d9e234f0925d5c47fc11f364468eff2e543858295
464de9edffd979e97057c493e5686a4a48999fb29d88ca23b2b393b8d8612b71
48b91239ab4f86f3916f4819e5711962a6e3a0e70d1542988763cdd261a86a02
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4d608e2092f76a036b777648912e154018e26f2672616ceb6250f25e8e469395
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f8578ca9067ea23a6b402c2f3db9acdc70d42c344b24414a68a8f80bda60be8
4ffa0b04f6ad040e2ceb51d89d555cb6251b0664a6a2cdb6370a8dde49ddee21
5300009064cd69d17d98d0b9a8316af40ef2448e19bd09315198b3b87b5e6552
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580
57f5f4f10b37d44d032c674a5a0a6dd93c318570c5dc32b5180aec05cf7764e1
597f392578cf4e3146a885054c43e74c31cfe4387263ef4944aec9e49b477f84
5a44035ce00fee6265dedcd2dd4a5ae1cddfb21d63de44db541b57dda35cde83
5f8f8ad8c014a4c9d7a300fa08f98cdd0174215916cd8f0e751193dd59d72ead
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
663e2c3cbc67436bcfdccb9ca092ca7dd0919b3669f6518e4987b04b82aa0bfd
66a4918c7b403189c9a1a514af2525058f10e2bf7a27bd2e1f4640bafa2341ed
688bdd21cba3009175bec69bb28ae5780c04e1da1060cb480640475367516032
69b48abad818bc8b1fd5306b128028aec77f8ba718bd3c99dacd14a44db9b5b5
69bd206cc2548b24a784eb6de6d332515be12247e003860bfb79a694716da0e4
6bce42fd456713163cfad40082ef86cc0055981e3fa9c8e4ea0e512d258f52cf
7125eb3156aa718ab08b492f4c66b784e235db87b02f0513d32a7b2cd26f7480
737bc3af4ac3bb326d8c453eec91692fc69c3e06efa07ef5afb0f7579dbc9283
73b580631e4fdfa713c34ed5467ce6eadcb6bfc2551b0221a51630c949246a2c
740aa8a2629c6410fcd0db8bd2716fb8f368a3af86d6a3cb4581c4a97de740e4
750e1a0ad391bf5f57b5828d9968e97d4b5307b3f6703985097566ee82223428
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
7a828ffbfd0f178e572076fd92dc0081b059c35ff6a93248fbe14444d3e6e6e5
7add317573d8a34c8595dad256eb9066cf9bad14d3e59a69001420498bb93b37
7c09a6a020c5272b7b5990676ab9c02020f080fa1e31f0afea2c3dcb04f21053
7d7a3779422efc11707cc1450ebd87a512bd524dc0da4f424c9e2831d97baca6
7f40594e3260594cefa39548ef568403e7b207f74729e09509045ddea9c04d34
7fb6d42e0895120606ac20bdca1b11273c1dca07402ba16d332ca7b29612429d
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f3ec53457478fe250edf30ef521989ba9411c189fa834c00eae110fbec00ef
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8592d5b5f07e537e10bf7f1823585bf8153d5348df3328ab69753c2ea056eaeb
866c3e7e9c3ac0d8e0df50f622518445b0465dc4a34bbb6082b6c27391d77dbc
89fcb0ca03593684ca831149575e7acd375dcac83274d5aeca2883f2f9feead1
8da3c0e66327145dcaa5fc49e22bbbf34fba70cfea77241bc1c31d8f75210712
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
9050bee79013777c1bc573d0bd8f41c7d71bdbbb453b68d65a5eec72298bd669
93b992c14fdbd8938b07d2dae1398848fb9996a6e7fa2d7ec1535879cfc7b946
93f15ee3b218f40b92cdf6b380b341fa98af082cd56d0293aee7814bef55f53d
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5
953c39b93c46656e2d25a28dd13379498f98e991a78f682c4a42c951bc87a0f2
99e7e19a70c8beff3f77f918c195d8590b8ca09d079289bb1ada5107f16afc2f
9afa704e1ea3f4371018a5c1843ae5f33e86f5bd65149a5f618cd2ea98b46bc4
9bbddd7f681c1f81a9f69afa4426fabc48b8b2dccc2e9ce753d5dd1cfe3674f8
9c021e60f7e8b7b4ad3672c21529c74f9a1553b36d2131c9b30c73a8aa83ca51
9f24efb6fd73babf6bb134d6d93dee2e43cf609e4fa3d55cd51f18095480863f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b803dad122ce8d1927c884c376e4462c693a189588f108cf9d0997a5e84158
a5910455615630589802ca15818aa163322871e6468f06a3660c53d6ab2936bb
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9cff4d5d07941e2677fc1c9992b18d3d9878e0388d5b78f8da99e7025166909
ad687eb07a376431adff16996abbf36a0cbe26cc2564d4a5eb4cec208bdf1dc8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af3b3037b84be1ef0f0dfafc75bd30480c05ac2ccda8bee8c9188308a8b81221
af44d280920264564147250d0841eebf33288a04c932c182c06ec21600a228c2
b25448959f4d05c6a3b63b34d3c75a93f626eedb4f53d466649cacfb6b424038
b396ad1f1cac053ea579e5989462b206af7fb863907bf319fe02d2a5ce29aebc
b39e4ea3efb18868330d6b6c67bab86370198a8210e206bba2b294da9f620745
b5ba97835894fd8056a32518f7fd51656b7f77c85416a4a2dc2ca5843feb4f1a
b642e4729ecadb18d7c24fe4c65fcf312d8fa448d4b70fe8e19f15ff038bbca7
b6864bdada069d9e3cee16d090651eb942cd22f5bca55d5a37802a092cdbf97c
b82cd968ee92ae9a20be452c2ab92c67c81c4a2447013d0e7d6a430af427af07
b930db2ff050765bc70fe1d0a52338c5b9c234051e72e431a877fc91083f77d3
b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73
bafdd5469ddb66debc4d9fab2e432113d5d47962d7401198f2cd0ce2d4edc6ff
bd91ae53704f04f831a3e8cdf770bc5b9a1bfad5217b7bedddee29523e507922
bfafa90ff2e4f6fadb101ba8d02f7450d086776db90f646d30ed278cf3d9d368
c0a8da59d5e2b5b4f285a514114b3ead82b671f27bbec17bad7cb129cd731f0c
c5fdee2e53bed07246b2963e16560429dd28f6b7ac67505787c91eefd412a1f4
c6d69c7a48ae8edf4aee8b1764b67d75fedc77768e5b8826e8f4a3b014fc83f3
c726b589f4fab5fd06d9d8dff114e1cd26ce9dc101a5bcdd51795467940a4d13
ccaac2a8b85879c92bbd73e67512e8e8ab0e719ad0163193081ea6abb20031cc
ce0cd401ae6129311bfe955444e97eb740425802fb63bbf1c56a8e143526cfca
ce63f1fb9a39c14d643725d204327d26b83f375c109a14bd702f9b2232bbe82b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfd9bd8cba6101b2aea532c6e97999727d60f644e4ac81acbbc5a97c2646eec4
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d494aec2cea97e4c22e6527ebc10c9eca4ad5e67f85f18ab73175400642b3033
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dee22b1be00603b29523430dc6eeec750ad03a0b90d59484fe07cfaca5c9dad2
e0b76b010131b308b91644e4bc008adc04f32081bacf0e3b6297869948f6f465
e2007293804996e37afbebe6577f82709450854b005b18277b94f9e465c178a6
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e3114433d2710effc6f288db0495bc1bf37914bb593f8e8edef54e5b94135184
e363d9f4bdf601b92b67bc0dd1f77f325a977951d67e227d719d5ee4cb98cb84
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f95a20ad0d4ab6f51386613106c956d1f7d3179417086853c9957025d117b7
e78609c13e44bafd8f619e97e02631aea063465da09c9f1022a24a30f2ecd192
e9cbd901ff637c1ed78d85763b91a0368df6528a314e7fd178a9520c2d5006a7
eb578e5229cead21a487f38f0428ce5362cc04b13dfbc686cb380be538c0e79f
ec81fe9e874d1c5153350976a9aca25740aca011e40a3bdf0d128acb86594128
eded12927f58b27c9311a59faf78cff563208a205e1e179ac664b6d5ed32a10a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ca4c2bf7af7dcbf530ac07c955973065f58a20e6f7980ec0a860a9075dd561
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

hotair.com Open in urlscan Pro 2606:4700::6812:1d31 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

157 Requests

97 %HTTPS

57 %IPv6

43 Domains

73 Subdomains

60 IPs

8 Countries

2904 kBTransfer

6920 kBSize

45 Cookies

2 Outgoing links

Page URL History

Redirected requests

157 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hotair.com Open in urlscan Pro
2606:4700::6812:1d31 Public Scan

Screenshot
Live screenshot

Full Image

157
Requests

97 %
HTTPS

57 %
IPv6

43
Domains

73
Subdomains

60
IPs

8
Countries

2904 kB
Transfer

6920 kB
Size

45
Cookies

157 HTTP transactions
2 data transactions