www.barelytherebiden.com Open in urlscan Pro
2606:4700:3031::681c:e1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bit.ly/37U7Io4
Effective URL:
https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-...
Submission: On September 14 via manual (September 14th 2020, 8:06:14 am UTC) from US

Summary HTTP 61 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 18 IPs in 6 countries across 16 domains to perform 61 HTTP transactions. The main IP is 2606:4700:3031::681c:e1, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.barelytherebiden.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 29th 2020. Valid for: a year.

This is the only time www.barelytherebiden.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
12	2606:4700:303... 2606:4700:3031::681c:e1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81b::2008	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
23	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:9344	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE)
1 2	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
2	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1)
1	143.204.206.235 143.204.206.235	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	63.34.37.82 63.34.37.82	16509 (AMAZON-02) (AMAZON-02)
61	18

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3031::681c:e1 (United States)

ASN13335 (CLOUDFLARENET, US)

www.barelytherebiden.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:9344 (United States)

ASN13335 (CLOUDFLARENET, US)

www.donaldjtrump.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net

9448820.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:f03d:1fa::4000 (United Kingdom)

ASN10310 (YAHOO-1, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.206.235 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-206-235.fra53.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Switzerland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.37.82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-37-82.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	youtube.com img.youtube.com	305 KB
12	barelytherebiden.com www.barelytherebiden.com	327 KB
4	facebook.com www.facebook.com	604 B
4	gstatic.com fonts.gstatic.com	52 KB
3	doubleclick.net 1 redirects 9448820.fls.doubleclick.net stats.g.doubleclick.net	978 B
3	facebook.net connect.facebook.net	298 KB
2	adsrvr.org js.adsrvr.org insight.adsrvr.org	2 KB
2	yimg.com s.yimg.com	7 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	30 KB
1	yahoo.com sp.analytics.yahoo.com	857 B
1	google.de www.google.de	106 B
1	google.com www.google.com	106 B
1	donaldjtrump.com www.donaldjtrump.com	1 KB
1	googletagmanager.com www.googletagmanager.com	41 KB
1	bit.ly 1 redirects bit.ly	585 B
61	16

	Domain	Requested by
23	img.youtube.com	www.barelytherebiden.com
12	www.barelytherebiden.com	www.barelytherebiden.com
4	www.facebook.com	www.barelytherebiden.com
4	fonts.gstatic.com	fonts.googleapis.com
3	connect.facebook.net	www.barelytherebiden.com connect.facebook.net
2	s.yimg.com	www.barelytherebiden.com s.yimg.com
2	9448820.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	insight.adsrvr.org	js.adsrvr.org
1	sp.analytics.yahoo.com	s.yimg.com
1	www.google.de	www.barelytherebiden.com
1	www.google.com	www.barelytherebiden.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	js.adsrvr.org	www.googletagmanager.com
1	www.donaldjtrump.com	www.barelytherebiden.com
1	www.googletagmanager.com	www.barelytherebiden.com
1	ajax.googleapis.com	www.barelytherebiden.com
1	fonts.googleapis.com	www.barelytherebiden.com
1	bit.ly	1 redirects
61	19

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.youtube.com
t.co
www.donaldjtrump.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-29` - `2021-07-29`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-07-21` - `2020-10-12`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-08-06` - `2020-09-20`	a month	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-08-01` - `2021-01-28`	6 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
Frame ID: 5DFC95A1D7303DEFCEC6627373725872
Requests: 59 HTTP requests in this frame

Frame: https://9448820.fls.doubleclick.net/activityi;dc_pre=CNHvg4GY6OsCFerAuwgdD84LVg;src=9448820;type=pagev0;cat=djt-p0;ord=8777863216042;gtm=2wg920;auiddc=51594268.1600070741;~oref=https%3A%2F%2Fwww.barelytherebiden.com%2F%3Futm_medium%3Dsms%26utm_source%3Dopns_djt_audience14401_political%26utm_campaign%3D20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na%26utm_content%3Dna%26amount%3Dna
Frame ID: 01C1B395BC7D642BCD304C9F5627396C
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=mozu5ac&ref=https%3A%2F%2Fwww.barelytherebiden.com%2F%3Futm_medium%3Dsms%26utm_source%3Dopns_djt_audience14401_political%26utm_campaign%3D20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na%26utm_content%3Dna%26amount%3Dna&upid=u1mkbm0&upv=1.1.0
Frame ID: 78B6CD84C9A86288270E4D26A4BD6BC1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://bit.ly/37U7Io4 HTTP 301
https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=202... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

61
Requests

100 %
HTTPS

74 %
IPv6

16
Domains

19
Subdomains

18
IPs

6
Countries

1083 kB
Transfer

2265 kB
Size

7
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/TrumpWarRoom
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/embed/aFDWl14JpOM
Title: .st0{fill:#FFFFFF;} Decline: Why Joe Biden hasn’t taken a cognitive test

Search URL Search Domain Scan URL

URL: https://www.youtube.com/embed/QJEUlIzDvfE
Title: .st0{fill:#FFFFFF;} Biden struggles to read talking points from his notes

Search URL Search Domain Scan URL

URL: https://www.youtube.com/embed/qccOVJLoevY
Title: .st0{fill:#FFFFFF;} Joe Biden can't remember who briefs him

Search URL Search Domain Scan URL

URL: https://www.youtube.com/embed/BcwQHHv0zEk
Title: .st0{fill:#FFFFFF;} Joe Biden calls Andrew Yang "Andrew Young"

Search URL Search Domain Scan URL

URL: https://www.youtube.com/embed/LAIRRB_YA80
Title: .st0{fill:#FFFFFF;} Joe Biden just said he campaigned for Democrats "in 1918"

Search URL Search Domain Scan URL

URL: https://www.youtube.com/embed/yy6uo_r4lsA
Title: .st0{fill:#FFFFFF;} Joe Biden forgets the name of one of his medical advisors

Search URL Search Domain Scan URL

URL: https://www.youtube.com/embed/DcVWS2V3_ME
Title: .st0{fill:#FFFFFF;} Joe Biden confuses current PA Governor with DE Governor from the 1990s

Search URL Search Domain Scan URL

URL: https://www.youtube.com/embed/SNDwBjFzvZU
Title: .st0{fill:#FFFFFF;} Joe Biden forgot the name of his own plan

Search URL Search Domain Scan URL

URL: https://www.youtube.com/embed/CqlMioNOop8
Title: .st0{fill:#FFFFFF;} Obama to Biden aides: “Don’t let him embarrass himself.”

Search URL Search Domain Scan URL

URL: https://www.youtube.com/embed/neoyGQ6MMeE
Title: .st0{fill:#FFFFFF;} AOC doubts Joe Biden's "capacity" to be President

Search URL Search Domain Scan URL

URL: https://www.youtube.com/embed/94bQNDQMBf0
Title: .st0{fill:#FFFFFF;} The media shares their worries about Biden’s mental stamina and fitness

Search URL Search Domain Scan URL

URL: https://www.youtube.com/embed/Cnt7QbkeqV8
Title: .st0{fill:#FFFFFF;} Joe Rogan: “Trump is going to eat Biden alive."

Search URL Search Domain Scan URL

URL: https://www.youtube.com/embed/MTG9wWvHEDI
Title: .st0{fill:#FFFFFF;} Jake Tapper reads statement from "Senior Obama Administration Official" questioning Biden's stamina

Search URL Search Domain Scan URL

URL: https://www.youtube.com/embed/en4BBy3-Bzc
Title: .st0{fill:#FFFFFF;} Julian Castro calls out Biden for forgetting what he said two minutes earlier

Search URL Search Domain Scan URL

URL: https://www.youtube.com/embed/KzcfjLwXwD8
Title: .st0{fill:#FFFFFF;} Tim Ryan says Joe Biden is "declining" and does not have the "energy" to beat Trump

Search URL Search Domain Scan URL

URL: https://twitter.com/home?status=https://www.barelytherebiden.com
Title: Share on Twitter

Search URL Search Domain Scan URL

URL: https://twitter.com/TrumpWarRoom/
Title: Twitter Feed

Search URL Search Domain Scan URL

URL: https://t.co/8Yw9VhTFmc
Title: twitter.com/i/web/status/1…

Search URL Search Domain Scan URL

URL: https://twitter.com/TrumpWarRoom/statuses/1305274813498503169
Title: View on Twitter

Search URL Search Domain Scan URL

URL: https://t.co/7rWq1RHY8b
Title: twitter.com/i/web/status/1…

Search URL Search Domain Scan URL

URL: https://twitter.com/TrumpWarRoom/statuses/1305262773195202562
Title: View on Twitter

Search URL Search Domain Scan URL

URL: https://twitter.com/search?q=%23GrandparentsDay
Title: #GrandparentsDay

Search URL Search Domain Scan URL

URL: https://t.co/hY2eGKrGyi
Title: freebeacon.com/satire/biden-g…

Search URL Search Domain Scan URL

URL: https://twitter.com/TrumpWarRoom/statuses/1305260111808483329
Title: View on Twitter

Search URL Search Domain Scan URL

URL: https://t.co/RhuGY344ik
Title: nbc12.com/2020/09/13/tho…

Search URL Search Domain Scan URL

URL: https://twitter.com/TrumpWarRoom/statuses/1305242778235006976
Title: View on Twitter

Search URL Search Domain Scan URL

URL: https://www.donaldjtrump.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.donaldjtrump.com/terms-of-service/
Title: Terms & Conditions

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bit.ly/37U7Io4 HTTP 301
https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://9448820.fls.doubleclick.net/activityi;src=9448820;type=pagev0;cat=djt-p0;ord=8777863216042;gtm=2wg920;auiddc=51594268.1600070741;~oref=https%3A%2F%2Fwww.barelytherebiden.com%2F%3Futm_medium%3Dsms%26utm_source%3Dopns_djt_audience14401_political%26utm_campaign%3D20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na%26utm_content%3Dna%26amount%3Dna HTTP 302
https://9448820.fls.doubleclick.net/activityi;dc_pre=CNHvg4GY6OsCFerAuwgdD84LVg;src=9448820;type=pagev0;cat=djt-p0;ord=8777863216042;gtm=2wg920;auiddc=51594268.1600070741;~oref=https%3A%2F%2Fwww.barelytherebiden.com%2F%3Futm_medium%3Dsms%26utm_source%3Dopns_djt_audience14401_political%26utm_campaign%3D20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na%26utm_content%3Dna%26amount%3Dna

61 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.barelytherebiden.com/
Redirect Chain

http://bit.ly/37U7Io4
https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_...

42 KB
8 KB

692ms
644ms

Document
text/html

2606:4700:3031::681c:e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681c:e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e870f755bf319e2fd4ac80d641177fc01e6566a210f5cf3cbcd6adbadd1b0f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.barelytherebiden.com
:scheme: https
:path: /?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 14 Sep 2020 08:05:39 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d7afebce23b27dea319688207547defdb1600070739; expires=Wed, 14-Oct-20 08:05:39 GMT; path=/; domain=.barelytherebiden.com; HttpOnly; SameSite=Lax; Secure
x-frame-options: SAMEORIGIN SAMEORIGIN
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Mon, 14 Sep 2020 08:05:39 GMT
pragma: no-cache
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: MISS
cf-request-id: 052d3efd9900002b2939236200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5d289aa8f9182b29-FRA
content-encoding: br

Redirect headers

Server: nginx
Date: Mon, 14 Sep 2020 08:05:39 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 374
Cache-Control: private, max-age=90
Location: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
Set-Cookie: _bit=k8e85D-caf759be67e1da7651-00t; Domain=bit.ly; Expires=Sat, 13 Mar 2021 08:05:39 GMT
Via: 1.1 google

GET
H2 200 css
fonts.googleapis.com/ 8 KB
792 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:500,600,700,900&display=swap

Requested by

Host: www.barelytherebiden.com
URL: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

054ffda29ceb267a3f28d9eee3b706e808c22619ac1833e27ea077eec428e2ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Sep 2020 08:05:40 GMT
server: ESF
date: Mon, 14 Sep 2020 08:05:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Sep 2020 08:05:40 GMT

GET
H2 200 featherlight.min.css
www.barelytherebiden.com/images/site/ 2 KB
766 B 314ms
311ms Stylesheet
text/css 2606:4700:3031::681c:e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.barelytherebiden.com/images/site/featherlight.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681c:e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5073f4bda3ea4b5498e86e724999dda152b3409601495176a6ab3898fac311c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
cf-request-id: 052d3f002a00002b2939272200000001
last-modified: Fri, 11 Sep 2020 16:24:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5f5ba4c3-74c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 5d289aad1abc2b29-FRA

GET
H2 200 screen.css
www.barelytherebiden.com/images/site/ 31 KB
6 KB 487ms
485ms Stylesheet
text/css 2606:4700:3031::681c:e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.barelytherebiden.com/images/site/screen.css?v=200914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681c:e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41fb06b5825395bf32c062d2fc0c77eb13fadde6781c2a76116a7736fc14d57f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
cf-request-id: 052d3f002a00002b2939273200000001
last-modified: Fri, 11 Sep 2020 16:24:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5f5ba4c2-7c7e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 5d289aad1abe2b29-FRA

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 85 KB
30 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 09:06:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 601153
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30244
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Sep 2021 09:06:27 GMT

GET
H2 200 featherlight.min.js Show response
www.barelytherebiden.com/images/site/ 9 KB
4 KB 313ms
311ms Script
application/javascript 2606:4700:3031::681c:e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.barelytherebiden.com/images/site/featherlight.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681c:e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ffc6a618811ab08cd3ffd3ed154f98e67a785daa12824a44a99854f968f1993

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
cf-request-id: 052d3f002a00002b2939274200000001
last-modified: Fri, 11 Sep 2020 16:24:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5f5ba4c2-24fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 5d289aad1ac02b29-FRA

GET
H2 200 jquery.html5-placeholder-shim.js Show response
www.barelytherebiden.com/images/site/ 4 KB
1 KB 333ms
331ms Script
application/javascript 2606:4700:3031::681c:e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.barelytherebiden.com/images/site/jquery.html5-placeholder-shim.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681c:e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfb37975e894f9bf82714e70401302f0f79b0f3d194764a2f449994f16794a83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
cf-request-id: 052d3f002a00002b2939275200000001
last-modified: Fri, 11 Sep 2020 16:24:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5f5ba4c3-ea1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 5d289aad1ac22b29-FRA

GET
H2 200 bodyScrollLock.min.js Show response
www.barelytherebiden.com/images/site/ 3 KB
1 KB 330ms
328ms Script
application/javascript 2606:4700:3031::681c:e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.barelytherebiden.com/images/site/bodyScrollLock.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681c:e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2619bdf0e0a9d79b74fed1389ca2d3da61f0818813b76c31a626459f83d5d48c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
cf-request-id: 052d3f002b00002b2939276200000001
last-modified: Fri, 11 Sep 2020 16:24:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5f5ba4c2-b16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 5d289aad1ac52b29-FRA

GET
H2 200 list.js Show response
www.barelytherebiden.com/images/site/ 48 KB
11 KB 639ms
637ms Script
application/javascript 2606:4700:3031::681c:e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.barelytherebiden.com/images/site/list.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681c:e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

042084590dd78100194ee85e99ca70a31a1ec390238e1ae68aa14bb6a8918f71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
cf-request-id: 052d3f002b00002b2939277200000001
last-modified: Fri, 11 Sep 2020 16:24:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5f5ba4c3-bfc3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 5d289aad1ac62b29-FRA

GET
H2 200 site.js Show response
www.barelytherebiden.com/images/site/ 6 KB
2 KB 332ms
330ms Script
application/javascript 2606:4700:3031::681c:e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.barelytherebiden.com/images/site/site.js?v=200914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681c:e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a94aec2ba486782ece8a3e09f48b46228bd1740b4fa726c49776bac47650c8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
cf-request-id: 052d3f002b00002b2939278200000001
last-modified: Fri, 11 Sep 2020 16:24:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5f5ba4c3-18b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 5d289aad1ac72b29-FRA

GET
H2 200 bannerlogo2.png
www.barelytherebiden.com/images/site/ 23 KB
23 KB 483ms
482ms Image
image/png 2606:4700:3031::681c:e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.barelytherebiden.com/images/site/bannerlogo2.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681c:e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6825a189da97c417ee5148c3360ec34623d2fb340e8b399760dedfba67acbab5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:40 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
content-length: 23793
cf-request-id: 052d3f021000002b29392b8200000001
last-modified: Fri, 11 Sep 2020 16:24:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5f5ba4c2-5cf1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5d289ab0196b2b29-FRA

GET
H2 200 quote.png
www.barelytherebiden.com/images/site/ 2 KB
3 KB 311ms
311ms Image
image/png 2606:4700:3031::681c:e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.barelytherebiden.com/images/site/quote.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681c:e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

487071bbffa8e472b461255ca3262f5923b11e2953e91fd9097fe74657c8c3f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:40 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
content-length: 2552
cf-request-id: 052d3f02ab00002b29392c0200000001
last-modified: Fri, 11 Sep 2020 16:24:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5f5ba4c3-9f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5d289ab11bd02b29-FRA

GET
H2 200 footerlogo.png
www.barelytherebiden.com/images/site/ 11 KB
11 KB 342ms
341ms Image
image/png 2606:4700:3031::681c:e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.barelytherebiden.com/images/site/footerlogo.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681c:e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffb8fd1c1c617ea1934b6ab1fdbaec5dd1a800edf54d73b0a1a7a7cc42f96071

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:40 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
content-length: 10932
cf-request-id: 052d3f02ae00002b29392c1200000001
last-modified: Fri, 11 Sep 2020 16:24:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5f5ba4c3-2ab4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5d289ab11be82b29-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 132 KB
41 KB 72ms
71ms Script
application/javascript 2a00:1450:4001:81b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M27JCG

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

981510290e65b8670be97aee94889755dcfb0062445acb7a63f5568155fead7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:40 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41466
x-xss-protection: 0
last-modified: Mon, 14 Sep 2020 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 14 Sep 2020 08:05:40 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 135 KB
34 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 34302
x-xss-protection: 0
pragma: public
x-fb-debug: 41xoJ0xveaoKCGXlWVvIJepaw3eVrlOHhQn6Qz9jSCSMN4fKiCCZx5E72V7mJFwxkjO1mmeItrOlhtnm6sH3Ww==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Mon, 14 Sep 2020 08:05:40 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 desktopbg.jpg
www.barelytherebiden.com/images/site/ 257 KB
258 KB 622ms
621ms Image
image/jpeg 2606:4700:3031::681c:e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.barelytherebiden.com/images/site/desktopbg.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681c:e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77bb4a928dc3e7f305a2e33456d5f337b49608122f531b47a8f9b6ec932230ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:41 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
content-length: 263331
cf-request-id: 052d3f02b500002b29392c3200000001
last-modified: Fri, 11 Sep 2020 16:24:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5f5ba4c2-404a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5d289ab12c0f2b29-FRA

GET
H2 200 0.jpg
img.youtube.com/vi/aFDWl14JpOM/ 11 KB
11 KB 46ms
20ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/aFDWl14JpOM/0.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae0bfd789a94f96a5990a156f0b6a970ad5a81293b1aa59beed5c0302577f2ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:40 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10953
x-xss-protection: 0
expires: Mon, 14 Sep 2020 10:05:40 GMT

GET
H2 200 0.jpg
img.youtube.com/vi/QJEUlIzDvfE/ 10 KB
10 KB 51ms
26ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/QJEUlIzDvfE/0.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dd8cf8a9a06890dc1863bc5114686d945515c8d704f6dc90bfc5b4e2f1005fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:40 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10658
x-xss-protection: 0
expires: Mon, 14 Sep 2020 10:05:40 GMT

GET
H2 200 0.jpg
img.youtube.com/vi/qccOVJLoevY/ 16 KB
16 KB 46ms
21ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/qccOVJLoevY/0.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28afef32e7da8d64015bc3d5bcefca3891e141eac1ba1978e414bf358ee8fd4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:40 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16164
x-xss-protection: 0
expires: Mon, 14 Sep 2020 10:05:40 GMT

GET
H2 200 0.jpg
img.youtube.com/vi/BcwQHHv0zEk/ 9 KB
10 KB 53ms
29ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/BcwQHHv0zEk/0.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a504fe62d5927b96eea55db1f802dcc47fdd9b31d02ba81f0ae1d6f6c8d239c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:40 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9698
x-xss-protection: 0
expires: Mon, 14 Sep 2020 10:05:40 GMT

GET
H2 200 0.jpg
img.youtube.com/vi/LAIRRB_YA80/ 12 KB
12 KB 55ms
31ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/LAIRRB_YA80/0.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8df2f2bb43426c550550dca84aaa575cc58c2aa7580d3b3f4c6dfba9149f790b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:40 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11976
x-xss-protection: 0
expires: Mon, 14 Sep 2020 10:05:40 GMT

GET
H2 200 0.jpg
img.youtube.com/vi/yy6uo_r4lsA/ 14 KB
14 KB 51ms
28ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/yy6uo_r4lsA/0.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

603f13a83c3732ad93f057e2eee82f45aef8c7e22046a48c51b0ff3ef6cdeb99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:40 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13903
x-xss-protection: 0
expires: Mon, 14 Sep 2020 10:05:40 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/DcVWS2V3_ME/ 11 KB
11 KB 45ms
30ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/DcVWS2V3_ME/0.jpg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d99eb80d31c27da7ff5db56b5edcf9349a9dcf063f9a07ea662bb9d94076cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:40 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10792
x-xss-protection: 0
expires: Mon, 14 Sep 2020 10:05:40 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/SNDwBjFzvZU/ 13 KB
14 KB 44ms
29ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/SNDwBjFzvZU/0.jpg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c3bd0ffd9254922aa6adc58f13487b8221da8b663bf7b5bc4775fc36de1ead8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:40 GMT
x-content-type-options: nosniff
server: sffe
etag: "1586349191"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13722
x-xss-protection: 0
expires: Mon, 14 Sep 2020 10:05:40 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/N4ezxcYqhJk/ 9 KB
10 KB 57ms
42ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/N4ezxcYqhJk/0.jpg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0f7a72533a01299bca6c5fc34cf5b47ba99bd90e83e58f6a83b469bef48705e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:40 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9715
x-xss-protection: 0
expires: Mon, 14 Sep 2020 10:05:40 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/Gr32ONtSKaM/ 14 KB
14 KB 56ms
41ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/Gr32ONtSKaM/0.jpg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84515b37363b1e5de63466123faa14a31bbb09260c28f2eca8530a015b353910

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:40 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14205
x-xss-protection: 0
expires: Mon, 14 Sep 2020 10:05:40 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/KjyY_UBfKtw/ 14 KB
14 KB 58ms
42ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/KjyY_UBfKtw/0.jpg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48f2c16c05d068b038c67e36f84d57c76808f60780636085448662278cfdebe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:40 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14189
x-xss-protection: 0
expires: Mon, 14 Sep 2020 10:05:40 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/umbTUOzgz8M/ 12 KB
12 KB 50ms
35ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/umbTUOzgz8M/0.jpg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

812ba5a0b143d88b48c09b33fa8239f6be609fac9ee56fd79239bb14bf8aae60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:40 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12156
x-xss-protection: 0
expires: Mon, 14 Sep 2020 10:05:40 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/aiRlCU5vSrE/ 15 KB
15 KB 58ms
44ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/aiRlCU5vSrE/0.jpg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79fd572747f06b5e830e53d2e138dbd438c8cdbc8a60bff78e542795edc03a0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:40 GMT
x-content-type-options: nosniff
server: sffe
etag: "1585595957"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15813
x-xss-protection: 0
expires: Mon, 14 Sep 2020 10:05:40 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/prYZdsAJDBc/ 7 KB
7 KB 55ms
40ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/prYZdsAJDBc/0.jpg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa24817f1da3b885449e2af1e04639a9e073a51e1696b1da0a91e94d512a4049

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:40 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7484
x-xss-protection: 0
expires: Mon, 14 Sep 2020 10:05:40 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/muC0V2SyBpY/ 15 KB
15 KB 56ms
41ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/muC0V2SyBpY/0.jpg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28335860b934f0ae521c2f1347dc26ebf2a2a5f16d34f32f45121ed74defdcce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:40 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15103
x-xss-protection: 0
expires: Mon, 14 Sep 2020 10:05:40 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/-Lc2XUS_tSI/ 21 KB
21 KB 46ms
30ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/-Lc2XUS_tSI/0.jpg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbf24cd80102db062dffc8dc3f0e75680347b6979b6105f2dc662ce01dbdcaad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:40 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21287
x-xss-protection: 0
expires: Mon, 14 Sep 2020 10:05:40 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/CqlMioNOop8/ 19 KB
19 KB 76ms
60ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/CqlMioNOop8/0.jpg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

109b0352d6a7715c1d1bc36d288c4afbc0ca8428bafafb643267896c71175c3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:40 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18987
x-xss-protection: 0
expires: Mon, 14 Sep 2020 10:05:40 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/neoyGQ6MMeE/ 9 KB
9 KB 77ms
62ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/neoyGQ6MMeE/0.jpg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ed5ab181b3e09620388a6a3cdbbbcf2ea8d523666b0d07ee177eebba985a92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:40 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9468
x-xss-protection: 0
expires: Mon, 14 Sep 2020 10:05:40 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/94bQNDQMBf0/ 9 KB
9 KB 61ms
46ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/94bQNDQMBf0/0.jpg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3242b5e366e2f33e013553b50b6d2800b19c8ddd8f63bdb88beaf2e5a7c0844

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:40 GMT
x-content-type-options: nosniff
server: sffe
etag: "1590786168"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9484
x-xss-protection: 0
expires: Mon, 14 Sep 2020 10:05:40 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/Cnt7QbkeqV8/ 14 KB
14 KB 68ms
52ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/Cnt7QbkeqV8/0.jpg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c880745336cc490aa487a2c2e78e833c7e6569a01e0717b095d7411cc5b7ee07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:40 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13938
x-xss-protection: 0
expires: Mon, 14 Sep 2020 10:05:40 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/MTG9wWvHEDI/ 21 KB
21 KB 70ms
54ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/MTG9wWvHEDI/0.jpg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6988b07467ad7befdaade0a198a4ec961dc610484849fc1f7887846baeb01bbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:40 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21339
x-xss-protection: 0
expires: Mon, 14 Sep 2020 10:05:40 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/en4BBy3-Bzc/ 11 KB
11 KB 77ms
61ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/en4BBy3-Bzc/0.jpg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6aca0ed083e0858aca7d5d273d59844b681fd666bd9461d456c252f8d1afccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:40 GMT
x-content-type-options: nosniff
server: sffe
etag: "1591046059"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11635
x-xss-protection: 0
expires: Mon, 14 Sep 2020 10:05:40 GMT

GET
H3-Q050 200 0.jpg
img.youtube.com/vi/KzcfjLwXwD8/ 18 KB
18 KB 69ms
53ms Image
image/jpeg 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/KzcfjLwXwD8/0.jpg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd4fa537891d8946bebe450fd45e9f2f3929184c951d328c35d2e62b700313c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:40 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18070
x-xss-protection: 0
expires: Mon, 14 Sep 2020 10:05:40 GMT

GET
H2 200 twitter.svg
www.donaldjtrump.com/assets/images/site/icons/ 788 B
1 KB 45ms
23ms Image
image/svg+xml 2606:4700::6812:9344
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.donaldjtrump.com/assets/images/site/icons/twitter.svg

Requested by

Host: www.barelytherebiden.com
URL: https://www.barelytherebiden.com/images/site/screen.css?v=200914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9344 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be656800ef221942ea2e4eafd14425aa5985f1476f33b0aaa0255b097e37081a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.barelytherebiden.com/images/site/screen.css?v=200914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 414
status: 200
cf-request-id: 052d3f02d10000d6b5ea12c200000001
last-modified: Fri, 11 Sep 2020 21:59:29 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5f5bf341-314"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: public, max-age=2678400
cf-ray: 5d289ab14b63d6b5-FRA
expires: Thu, 15 Oct 2020 08:05:40 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:500,600,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.barelytherebiden.com
Referer: https://fonts.googleapis.com/css?family=Montserrat:500,600,700,900&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 11:04:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:50 GMT
server: sffe
age: 594097
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13464
x-xss-protection: 0
expires: Tue, 07 Sep 2021 11:04:03 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:500,600,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.barelytherebiden.com
Referer: https://fonts.googleapis.com/css?family=Montserrat:500,600,700,900&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 11:04:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:06 GMT
server: sffe
age: 594073
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13612
x-xss-protection: 0
expires: Tue, 07 Sep 2021 11:04:27 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:500,600,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.barelytherebiden.com
Referer: https://fonts.googleapis.com/css?family=Montserrat:500,600,700,900&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 11:04:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:41 GMT
server: sffe
age: 594097
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13640
x-xss-protection: 0
expires: Tue, 07 Sep 2021 11:04:03 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_epG3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 12 KB
12 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_epG3gnD_vx3rCs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:500,600,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24d5585f2965f7d5080769a4286d580a98d722b18964b999ef6b87ba13c11f2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.barelytherebiden.com
Referer: https://fonts.googleapis.com/css?family=Montserrat:500,600,700,900&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 11:04:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:58 GMT
server: sffe
age: 594087
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12504
x-xss-protection: 0
expires: Tue, 07 Sep 2021 11:04:13 GMT

GET
H2 200 2558854747672869 Show response
connect.facebook.net/signals/config/ 524 KB
132 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2558854747672869?v=2.9.24&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

acd9812bf01bd1b89fed311ab3361587567d3fd9d62463a896985c4380aab93a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 134876
x-xss-protection: 0
pragma: public
x-fb-debug: Y0VcZKAdCKhUYiZBZ2TPUzlwbHglLtf02VA/MoTJGuEqRvLl/42WXoDECr1jOXUrwNd6WNWDe3jRyMsogXYxtQ==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Mon, 14 Sep 2020 08:05:40 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M27JCG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Aug 2020 20:46:40 GMT
server: Golfe2
age: 3000
date: Mon, 14 Sep 2020 07:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18323
expires: Mon, 14 Sep 2020 09:15:40 GMT

GET
H3-Q050

200

activityi;dc_pre=CNHvg4GY6OsCFerAuwgdD84LVg;src=9448820;type=pagev0;cat=djt-p0;ord=8777863216042;gtm=2wg920;auiddc=51594268.1600070741;~oref=https%3A%2F%2Fwww.barelytherebiden.com%2F%3Futm_medium%3...
9448820.fls.doubleclick.net/ Frame 01C1
Redirect Chain

https://9448820.fls.doubleclick.net/activityi;src=9448820;type=pagev0;cat=djt-p0;ord=8777863216042;gtm=2wg920;auiddc=51594268.1600070741;~oref=https%3A%2F%2Fwww.barelytherebiden.com%2F%3Futm_medium...
https://9448820.fls.doubleclick.net/activityi;dc_pre=CNHvg4GY6OsCFerAuwgdD84LVg;src=9448820;type=pagev0;cat=djt-p0;ord=8777863216042;gtm=2wg920;auiddc=51594268.1600070741;~oref=https%3A%2F%2Fwww.ba...

0
0

68ms
40ms

Document
text/html

172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9448820.fls.doubleclick.net/activityi;dc_pre=CNHvg4GY6OsCFerAuwgdD84LVg;src=9448820;type=pagev0;cat=djt-p0;ord=8777863216042;gtm=2wg920;auiddc=51594268.1600070741;~oref=https%3A%2F%2Fwww.barelytherebiden.com%2F%3Futm_medium%3Dsms%26utm_source%3Dopns_djt_audience14401_political%26utm_campaign%3D20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na%26utm_content%3Dna%26amount%3Dna?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M27JCG

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9448820.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CNHvg4GY6OsCFerAuwgdD84LVg;src=9448820;type=pagev0;cat=djt-p0;ord=8777863216042;gtm=2wg920;auiddc=51594268.1600070741;~oref=https%3A%2F%2Fwww.barelytherebiden.com%2F%3Futm_medium%3Dsms%26utm_source%3Dopns_djt_audience14401_political%26utm_campaign%3D20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na%26utm_content%3Dna%26amount%3Dna?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Mon, 14 Sep 2020 08:05:41 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 522
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 14-Sep-2020 08:20:41 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Mon, 14 Sep 2020 08:05:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9448820.fls.doubleclick.net/activityi;dc_pre=CNHvg4GY6OsCFerAuwgdD84LVg;src=9448820;type=pagev0;cat=djt-p0;ord=8777863216042;gtm=2wg920;auiddc=51594268.1600070741;~oref=https%3A%2F%2Fwww.barelytherebiden.com%2F%3Futm_medium%3Dsms%26utm_source%3Dopns_djt_audience14401_political%26utm_campaign%3D20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na%26utm_content%3Dna%26amount%3Dna?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 56ms
18ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

88cf2c9a4c4bcef2aa64fb6ea0f337f78e9a7dc61d87993441369fa5cb429d32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:03:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138
x-amz-server-side-encryption: AES256
status: 200
vary: Origin, Accept-Encoding
x-amz-request-id: 6HBW7W0V1KDW3T5R
x-amz-id-2: kRqK0FRXOz8xGYHLlCiAyVxeT31VjCa8trcjPT8RSaBve+aByiknk5LhuqFPcc6K/EpVjUXDTyQ=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 16 Sep 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 11 Aug 2020 09:21:22 GMT
server: ATS
etag: "4af30fdfb3f25202fae672877237b12e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: v0T4VwTcSKojm0k.rRPUA2jezlg4p0ZC
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 5573
content-type: application/javascript

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 70ms
22ms Script
application/x-javascript 143.204.206.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M27JCG
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.206.235 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-206-235.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 13 Sep 2020 16:48:26 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Aug 2020 16:44:58 GMT
Server: AmazonS3
Age: 55035
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: dGT5wIn48S64IeKogYIvDw0C2qC71QGl5oD-OiudL7S6mO1y73vGlg==

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
72 B 13ms
13ms XHR
text/plain 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j85&a=1157180803&t=pageview&_s=1&dl=https%3A%2F%2Fwww.barelytherebiden.com%2F%3Futm_medium%3Dsms%26utm_source%3Dopns_djt_audience14401_political%26utm_campaign%3D20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na%26utm_content%3Dna%26amount%3Dna&ul=en-us&de=UTF-8&dt=Barely%20There%20Biden&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=118043786&gjid=355310766&cid=238073591.1600070741&tid=UA-60901920-1&_gid=188049863.1600070741&_r=1&gtm=2wg920M27JCG&z=1925615803

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 08:05:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.barelytherebiden.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 181084665799192 Show response
connect.facebook.net/signals/config/ 524 KB
132 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/181084665799192?v=2.9.24&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dd16bea801dc62775e156b856330ec491e97abbf6ca32893e067ce99be9fc52b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 134890
x-xss-protection: 0
pragma: public
x-fb-debug: LPGxlQf8Fh4VJVWBZ+S03uIas74YSmgLqE34dGuvtPzY9ggS5HdT7fEV8qfZATEZ0kKZcnGviyfvO6OQvTXsKw==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Mon, 14 Sep 2020 08:05:40 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2558854747672869&ev=PageView&dl=https%3A%2F%2Fwww.barelytherebiden.com%2F%3Futm_medium%3Dsms%26utm_source%3Dopns_djt_audience14401_political%26utm_campaign%3D20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na%26utm_content%3Dna%26amount%3Dna&rl=&if=false&ts=1600070740913&sw=1600&sh=1200&v=2.9.24&r=stable&ec=0&o=30&fbp=fb.1.1600070740911.311685109&it=1600070740841&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:40 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 14 Sep 2020 08:05:40 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
94 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j85&tid=UA-60901920-1&cid=238073591.1600070741&jid=118043786&gjid=355310766&_gid=188049863.1600070741&_u=YEBAAEAAAAAAAC~&z=11891749

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 14 Sep 2020 08:05:40 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.barelytherebiden.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10096637.json Show response
s.yimg.com/wi/config/ 2 B
494 B 148ms
117ms XHR
application/json 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10096637.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3
status: 200
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: B5EC0964A3B547EB
x-amz-id-2: ogHQSWzEVg1oyeB+Q6sjH/6vQThQvvphyaQH6OkYnG6kIU7R98N/ax1eq3AeFJmpKWjtpNsO9V4=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 22

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
106 B 19ms
18ms Image
image/gif 2a00:1450:4001:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j85&tid=UA-60901920-1&cid=238073591.1600070741&jid=118043786&_u=YEBAAEAAAAAAAC~&z=1228205241

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 08:05:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
106 B 18ms
17ms Image
image/gif 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j85&tid=UA-60901920-1&cid=238073591.1600070741&jid=118043786&_u=YEBAAEAAAAAAAC~&z=1228205241

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Sep 2020 08:05:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=181084665799192&ev=PageView&dl=https%3A%2F%2Fwww.barelytherebiden.com%2F%3Futm_medium%3Dsms%26utm_source%3Dopns_djt_audience14401_political%26utm_campaign%3D20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na%26utm_content%3Dna%26amount%3Dna&rl=&if=false&ts=1600070740946&sw=1600&sh=1200&v=2.9.24&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1600070740911.311685109&it=1600070740841&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:40 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 14 Sep 2020 08:05:40 GMT

GET
H/1.1 200
OK sp.pl Show response
sp.analytics.yahoo.com/ 0
857 B 324ms
42ms Script
application/x-javascript 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2014%20Sep%202020%2008%3A05%3A41%20GMT&n=-2d&b=Barely%20There%20Biden&.yp=10096637&f=https%3A%2F%2Fwww.barelytherebiden.com%2F%3Futm_medium%3Dsms%26utm_source%3Dopns_djt_audience14401_political%26utm_campaign%3D20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na%26utm_content%3Dna%26amount%3Dna&enc=UTF-8&tagmgr=gtm

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 14 Sep 2020 08:05:41 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Mon, 14 Sep 2020 08:05:41 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2558854747672869&ev=Microdata&dl=https%3A%2F%2Fwww.barelytherebiden.com%2F%3Futm_medium%3Dsms%26utm_source%3Dopns_djt_audience14401_political%26utm_campaign%3D20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na%26utm_content%3Dna%26amount%3Dna&rl=&if=false&ts=1600070741416&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Barely%20There%20Biden%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Barely%20There%20Biden%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fcdn.donaldjtrump.com%2Fmicrosites-assets%2Farmyfortrump%2Fgeneral%2FBarelyThereBidenShareImage_copy.jpg%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.24&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1600070740911.311685109&it=1600070740841&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 14 Sep 2020 08:05:41 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=181084665799192&ev=Microdata&dl=https%3A%2F%2Fwww.barelytherebiden.com%2F%3Futm_medium%3Dsms%26utm_source%3Dopns_djt_audience14401_political%26utm_campaign%3D20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na%26utm_content%3Dna%26amount%3Dna&rl=&if=false&ts=1600070741448&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Barely%20There%20Biden%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Barely%20There%20Biden%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fcdn.donaldjtrump.com%2Fmicrosites-assets%2Farmyfortrump%2Fgeneral%2FBarelyThereBidenShareImage_copy.jpg%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.24&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1600070740911.311685109&it=1600070740841&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 08:05:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 14 Sep 2020 08:05:41 GMT

GET
H2 200 up
insight.adsrvr.org/track/ Frame 78B6 0
0 107ms
35ms Document
text/html 63.34.37.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=mozu5ac&ref=https%3A%2F%2Fwww.barelytherebiden.com%2F%3Futm_medium%3Dsms%26utm_source%3Dopns_djt_audience14401_political%26utm_campaign%3D20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na%26utm_content%3Dna%26amount%3Dna&upid=u1mkbm0&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.37.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-37-82.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=mozu5ac&ref=https%3A%2F%2Fwww.barelytherebiden.com%2F%3Futm_medium%3Dsms%26utm_source%3Dopns_djt_audience14401_political%26utm_campaign%3D20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na%26utm_content%3Dna%26amount%3Dna&upid=u1mkbm0&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.barelytherebiden.com/?utm_medium=sms&utm_source=opns_djt_audience14401_political&utm_campaign=20200621_na_sleepy-joe-2-economy-az5_djtfp_djt_na_na_audience14401_creative101123_na_na_na_na_political_na_na_na_opns_persuasion_na_na_na_na&utm_content=na&amount=na

Response headers

status: 200
date: Mon, 14 Sep 2020 08:05:41 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.barelytherebiden.com/	1970-01-19 14:37:26	Name: _fbp Value: fb.1.1600070740911.311685109
.barelytherebiden.com/	1970-01-19 12:27:50	Name: _gat_UA-60901920-1 Value: 1
.doubleclick.net/	1970-01-19 12:27:51	Name: test_cookie Value: CheckForPermission
.barelytherebiden.com/	1970-01-19 12:29:17	Name: _gid Value: GA1.2.188049863.1600070741
.barelytherebiden.com/	1970-01-20 05:59:02	Name: _ga Value: GA1.2.238073591.1600070741
.barelytherebiden.com/	1970-01-19 14:37:26	Name: _gcl_au Value: 1.1.51594268.1600070741
.barelytherebiden.com/	1970-01-19 13:11:02	Name: __cfduid Value: d7afebce23b27dea319688207547defdb1600070739

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: [Facebook Pixel] - Duplicate Pixel ID: 2558854747672869.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9448820.fls.doubleclick.net
ajax.googleapis.com
bit.ly
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
img.youtube.com
insight.adsrvr.org
js.adsrvr.org
s.yimg.com
sp.analytics.yahoo.com
stats.g.doubleclick.net
www.barelytherebiden.com
www.donaldjtrump.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
143.204.206.235
172.217.16.134
212.82.100.181
2606:4700:3031::681c:e1
2606:4700::6812:9344
2a00:1288:f03d:1fa::4000
2a00:1450:4001:801::200a
2a00:1450:4001:814::200a
2a00:1450:4001:81a::200e
2a00:1450:4001:81b::2003
2a00:1450:4001:81b::2008
2a00:1450:4001:81d::2003
2a00:1450:4001:81d::200e
2a00:1450:4001:81f::2004
2a00:1450:400c:c00::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
63.34.37.82
67.199.248.10
042084590dd78100194ee85e99ca70a31a1ec390238e1ae68aa14bb6a8918f71
054ffda29ceb267a3f28d9eee3b706e808c22619ac1833e27ea077eec428e2ef
097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b
0c3bd0ffd9254922aa6adc58f13487b8221da8b663bf7b5bc4775fc36de1ead8
0dd8cf8a9a06890dc1863bc5114686d945515c8d704f6dc90bfc5b4e2f1005fe
109b0352d6a7715c1d1bc36d288c4afbc0ca8428bafafb643267896c71175c3e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1ed5ab181b3e09620388a6a3cdbbbcf2ea8d523666b0d07ee177eebba985a92c
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
24d5585f2965f7d5080769a4286d580a98d722b18964b999ef6b87ba13c11f2b
2619bdf0e0a9d79b74fed1389ca2d3da61f0818813b76c31a626459f83d5d48c
28335860b934f0ae521c2f1347dc26ebf2a2a5f16d34f32f45121ed74defdcce
28afef32e7da8d64015bc3d5bcefca3891e141eac1ba1978e414bf358ee8fd4f
41fb06b5825395bf32c062d2fc0c77eb13fadde6781c2a76116a7736fc14d57f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
487071bbffa8e472b461255ca3262f5923b11e2953e91fd9097fe74657c8c3f6
48f2c16c05d068b038c67e36f84d57c76808f60780636085448662278cfdebe5
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
5073f4bda3ea4b5498e86e724999dda152b3409601495176a6ab3898fac311c1
603f13a83c3732ad93f057e2eee82f45aef8c7e22046a48c51b0ff3ef6cdeb99
6825a189da97c417ee5148c3360ec34623d2fb340e8b399760dedfba67acbab5
6988b07467ad7befdaade0a198a4ec961dc610484849fc1f7887846baeb01bbd
6a504fe62d5927b96eea55db1f802dcc47fdd9b31d02ba81f0ae1d6f6c8d239c
6a94aec2ba486782ece8a3e09f48b46228bd1740b4fa726c49776bac47650c8a
6e870f755bf319e2fd4ac80d641177fc01e6566a210f5cf3cbcd6adbadd1b0f5
77bb4a928dc3e7f305a2e33456d5f337b49608122f531b47a8f9b6ec932230ab
79fd572747f06b5e830e53d2e138dbd438c8cdbc8a60bff78e542795edc03a0c
812ba5a0b143d88b48c09b33fa8239f6be609fac9ee56fd79239bb14bf8aae60
84515b37363b1e5de63466123faa14a31bbb09260c28f2eca8530a015b353910
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
88cf2c9a4c4bcef2aa64fb6ea0f337f78e9a7dc61d87993441369fa5cb429d32
8df2f2bb43426c550550dca84aaa575cc58c2aa7580d3b3f4c6dfba9149f790b
981510290e65b8670be97aee94889755dcfb0062445acb7a63f5568155fead7f
9ffc6a618811ab08cd3ffd3ed154f98e67a785daa12824a44a99854f968f1993
a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082
aa24817f1da3b885449e2af1e04639a9e073a51e1696b1da0a91e94d512a4049
acd9812bf01bd1b89fed311ab3361587567d3fd9d62463a896985c4380aab93a
ae0bfd789a94f96a5990a156f0b6a970ad5a81293b1aa59beed5c0302577f2ff
b6aca0ed083e0858aca7d5d273d59844b681fd666bd9461d456c252f8d1afccc
be656800ef221942ea2e4eafd14425aa5985f1476f33b0aaa0255b097e37081a
c880745336cc490aa487a2c2e78e833c7e6569a01e0717b095d7411cc5b7ee07
cbf24cd80102db062dffc8dc3f0e75680347b6979b6105f2dc662ce01dbdcaad
cd4fa537891d8946bebe450fd45e9f2f3929184c951d328c35d2e62b700313c4
cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0
d0f7a72533a01299bca6c5fc34cf5b47ba99bd90e83e58f6a83b469bef48705e
d3242b5e366e2f33e013553b50b6d2800b19c8ddd8f63bdb88beaf2e5a7c0844
dd16bea801dc62775e156b856330ec491e97abbf6ca32893e067ce99be9fc52b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfb37975e894f9bf82714e70401302f0f79b0f3d194764a2f449994f16794a83
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6d99eb80d31c27da7ff5db56b5edcf9349a9dcf063f9a07ea662bb9d94076cb
ffb8fd1c1c617ea1934b6ab1fdbaec5dd1a800edf54d73b0a1a7a7cc42f96071

www.barelytherebiden.com Open in urlscan Pro 2606:4700:3031::681c:e1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

61 Requests

100 %HTTPS

74 %IPv6

16 Domains

19 Subdomains

18 IPs

6 Countries

1083 kBTransfer

2265 kBSize

7 Cookies

29 Outgoing links

Page URL History

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.barelytherebiden.com Open in urlscan Pro
2606:4700:3031::681c:e1 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

100 %
HTTPS

74 %
IPv6

16
Domains

19
Subdomains

18
IPs

6
Countries

1083 kB
Transfer

2265 kB
Size

7
Cookies

61 HTTP transactions
0 data transactions