urlscan.io logo urlscan.io
SecurityTrails logo

www.mediaite.com Open in urlscan Pro
2606:4700:10::6816:3a6e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Effective URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Submission: On July 13 via api from LU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 58 IPs in 7 countries across 42 domains to perform 141 HTTP transactions. The main IP is 2606:4700:10::6816:3a6e, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.mediaite.com. The Cisco Umbrella rank of the primary domain is 132373.
TLS certificate: Issued by WE1 on June 14th 2024. Valid for: 3 months.
This is the only time www.mediaite.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 52.218.221.27 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 104.16.160.145 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
4 104.18.24.111 13335 (CLOUDFLAR...)
7 13.224.189.98 16509 (AMAZON-02)
1 4 18.244.18.38 16509 (AMAZON-02)
5 151.101.193.44 54113 (FASTLY)
1 2620:116:800d... 16509 (AMAZON-02)
3 2a03:2880:f17... 32934 (FACEBOOK)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
5 146.75.120.157 54113 (FASTLY)
1 2600:9000:223... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
1 87.230.98.78 61157 (PLUSSERVE...)
3 2a02:6ea0:c70... 60068 (CDN77 _)
1 93.184.221.165 15133 (EDGECAST)
1 104.244.42.3 13414 (TWITTER)
2 87.230.98.76 61157 (PLUSSERVE...)
1 142.250.186.174 15169 (GOOGLE)
1 172.217.18.14 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:3::c 44788 (ASN-CRITE...)
1 151.101.1.44 54113 (FASTLY)
1 2600:9000:264... 16509 (AMAZON-02)
1 13.224.189.78 16509 (AMAZON-02)
1 3.161.82.122 16509 (AMAZON-02)
2 172.217.18.2 15169 (GOOGLE)
1 3.225.63.64 14618 (AMAZON-AES)
2 199.232.192.134 54113 (FASTLY)
2 13.224.186.120 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
2 104.18.20.97 13335 (CLOUDFLAR...)
1 3.160.150.105 16509 (AMAZON-02)
1 18.245.31.65 16509 (AMAZON-02)
6 18.66.143.149 16509 (AMAZON-02)
1 13.32.27.78 16509 (AMAZON-02)
2 13.32.99.59 16509 (AMAZON-02)
2 157.240.0.6 32934 (FACEBOOK)
1 34.120.253.250 396982 (GOOGLE-CL...)
1 2.16.185.46 16625 (AKAMAI-AS)
2 3.221.23.185 14618 (AMAZON-AES)
1 104.244.42.8 13414 (TWITTER)
5 34.98.72.95 396982 (GOOGLE-CL...)
1 34.111.8.32 396982 (GOOGLE-CL...)
1 54.234.151.247 ()
1 23.53.112.234 16625 (AKAMAI-AS)
2 216.58.206.72 15169 (GOOGLE)
1 142.250.185.206 15169 (GOOGLE)
141 58
17    2606:4700:10::6816:3a6e (United States)

ASN13335 (CLOUDFLARENET, US)
www.mediaite.com
am14.mediaite.com
am11.mediaite.com
am12.mediaite.com
am13.mediaite.com
3    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:10::ac43:1906 (United States)

ASN13335 (CLOUDFLARENET, US)
am11.mediaite.com
1    52.218.221.27 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-w.amazonaws.com
simple-cdn.s3.amazonaws.com
2    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
img.youtube.com
3    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
3    104.16.160.145 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    104.18.24.111 (None, )

ASN13335 (CLOUDFLARENET, US)
profusesupport.com
soggysponge.com
7    13.224.189.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-98.fra2.r.cloudfront.net
ads.adthrive.com
4    18.244.18.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-38.fra56.r.cloudfront.net
sb.scorecardresearch.com
5    151.101.193.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
pm-widget.taboola.com
1    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
3    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.at
5    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
www.youtube.com
5    146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
platform.twitter.com
1    2600:9000:223c:6600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2a00:1450:400c:c0a::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2600:9000:223f:fc00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    87.230.98.78 (Germany)

ASN61157 (PLUSSERVER-ASN1, DE)
PTR: ds87-230-98-78.dedicated.psmanaged.com
b.delivery.consentmanager.net
3    2a02:6ea0:c700::22 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
cdn.consentmanager.net
1    93.184.221.165 (London, United Kingdom)

ASN15133 (EDGECAST, US)
t.co
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    87.230.98.76 (Germany)

ASN61157 (PLUSSERVER-ASN1, DE)
PTR: ma5050018.psmanaged.com
c.delivery.consentmanager.net
1    142.250.186.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net
apis.google.com
1    172.217.18.14 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f14.1e100.net
www.youtube.com
5    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
1    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
pm-widget.taboola.com
1    2600:9000:2646:6200:18:1fcd:354:4b41 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    13.224.189.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-78.fra2.r.cloudfront.net
ads.adthrive.com
1    3.161.82.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-122.fra56.r.cloudfront.net
c.aps.amazon-adsystem.com
2    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net
securepubads.g.doubleclick.net
1    3.225.63.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-63-64.compute-1.amazonaws.com
ping.chartbeat.net
2    199.232.192.134 (United States)

ASN54113 (FASTLY, US)
mediaite.disqus.com
2    13.224.186.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-120.fra2.r.cloudfront.net
c.amazon-adsystem.com
1    2600:9000:225e:b800:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
2    104.18.20.97 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
1    3.160.150.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-105.fra60.r.cloudfront.net
launchpad-wrapper.privacymanager.io
1    18.245.31.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-65.fra56.r.cloudfront.net
config.aps.amazon-adsystem.com
6    18.66.143.149 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-143-149.fra60.r.cloudfront.net
aax.amazon-adsystem.com
1    13.32.27.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-78.fra56.r.cloudfront.net
launchpad.privacymanager.io
2    13.32.99.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-59.fra60.r.cloudfront.net
geo.privacymanager.io
2    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
1    34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com
tag.bounceexchange.com
1    2.16.185.46 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-185-46.deploy.static.akamaitechnologies.com
s.ntv.io
2    3.221.23.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-23-185.compute-1.amazonaws.com
powerad.ai
1    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
5    34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com
assets.bounceexchange.com
1    34.111.8.32 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 32.8.111.34.bc.googleusercontent.com
events.bouncex.net
1    54.234.151.247 (None, )

ASN- ()
reporting.powerad.ai
1    23.53.112.234 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-53-112-234.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    216.58.206.72 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f8.1e100.net
www.googletagmanager.com
1    142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
18 mediaite.com
www.mediaite.com — Cisco Umbrella Rank: 132373
am14.mediaite.com — Cisco Umbrella Rank: 141565
am11.mediaite.com — Cisco Umbrella Rank: 144059
am12.mediaite.com — Cisco Umbrella Rank: 141039
am13.mediaite.com — Cisco Umbrella Rank: 147705
804 KB
10 amazon-adsystem.com
c.aps.amazon-adsystem.com — Cisco Umbrella Rank: 5536
c.amazon-adsystem.com — Cisco Umbrella Rank: 360
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 714
aax.amazon-adsystem.com — Cisco Umbrella Rank: 488
79 KB
8 adthrive.com
ads.adthrive.com — Cisco Umbrella Rank: 7147
539 KB
6 bounceexchange.com
tag.bounceexchange.com — Cisco Umbrella Rank: 4682
assets.bounceexchange.com — Cisco Umbrella Rank: 2452
187 KB
6 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 876
platform.twitter.com — Cisco Umbrella Rank: 1315
syndication.twitter.com — Cisco Umbrella Rank: 1611
31 KB
6 consentmanager.net
b.delivery.consentmanager.net — Cisco Umbrella Rank: 23894
cdn.consentmanager.net — Cisco Umbrella Rank: 14468
c.delivery.consentmanager.net — Cisco Umbrella Rank: 32690
122 KB
6 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 794
pm-widget.taboola.com — Cisco Umbrella Rank: 3236
trc.taboola.com Failed
265 KB
6 google.com
apis.google.com — Cisco Umbrella Rank: 225
region1.analytics.google.com — Cisco Umbrella Rank: 3541
accounts.google.com — Cisco Umbrella Rank: 44
121 KB
5 gstatic.com
ssl.gstatic.com
1 KB
5 youtube.com
img.youtube.com — Cisco Umbrella Rank: 1864
www.youtube.com — Cisco Umbrella Rank: 98
142 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 72
395 KB
4 privacymanager.io
launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 2369
launchpad.privacymanager.io — Cisco Umbrella Rank: 2043
geo.privacymanager.io — Cisco Umbrella Rank: 1983
74 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 67
21 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 164
8 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 191
160 KB
3 powerad.ai
powerad.ai — Cisco Umbrella Rank: 33379
reporting.powerad.ai
52 KB
3 soggysponge.com
soggysponge.com — Cisco Umbrella Rank: 165771
8 KB
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 133
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 234
177 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
3 KB
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 4795
onesignal.com — Cisco Umbrella Rank: 1596
74 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1815
171 KB
2 disqus.com
mediaite.disqus.com — Cisco Umbrella Rank: 163900
3 KB
1 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 596
76 KB
1 bouncex.net
events.bouncex.net — Cisco Umbrella Rank: 2343
330 B
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 4048
179 KB
1 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 3243
12 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1324
201 B
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1637
15 KB
1 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 460
11 KB
1 t.co
t.co — Cisco Umbrella Rank: 767
375 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 763
481 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1515
632 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 839
15 KB
1 google.at
www.google.at — Cisco Umbrella Rank: 26944
408 B
1 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1539
10 KB
1 profusesupport.com
profusesupport.com — Cisco Umbrella Rank: 186626
25 KB
1 amazonaws.com
simple-cdn.s3.amazonaws.com — Cisco Umbrella Rank: 175072
367 B
0 cpx.to Failed
p.cpx.to Failed
0 ad.gt Failed
a.ad.gt Failed
0 zprk.io Failed
pixel.zprk.io Failed
0 brainlyads.com Failed
hb.brainlyads.com Failed
0 postrelease.com Failed
postrelease.com Failed
jadserve.postrelease.com Failed
141 42
Domain Requested by
8 ads.adthrive.com www.mediaite.com
ads.adthrive.com
6 aax.amazon-adsystem.com c.aps.amazon-adsystem.com
5 assets.bounceexchange.com tag.bounceexchange.com
assets.bounceexchange.com
5 ssl.gstatic.com www.mediaite.com
5 am12.mediaite.com www.mediaite.com
5 www.googletagmanager.com www.mediaite.com
www.googletagmanager.com
powerad.ai
5 am14.mediaite.com www.mediaite.com
4 platform.twitter.com www.mediaite.com
platform.twitter.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 cdn.taboola.com www.mediaite.com
cdn.taboola.com
4 sb.scorecardresearch.com 1 redirects www.mediaite.com
4 connect.facebook.net www.mediaite.com
connect.facebook.net
4 apis.google.com www.mediaite.com
apis.google.com
4 am11.mediaite.com www.mediaite.com
3 soggysponge.com profusesupport.com
3 cdn.consentmanager.net ads.adthrive.com
b.delivery.consentmanager.net
www.mediaite.com
3 www.youtube.com am11.mediaite.com
apis.google.com
3 www.facebook.com www.mediaite.com
connect.facebook.net
2 powerad.ai am11.mediaite.com
powerad.ai
2 geo.privacymanager.io launchpad.privacymanager.io
2 cdn.confiant-integrations.net ads.adthrive.com
cdn.confiant-integrations.net
2 c.amazon-adsystem.com c.aps.amazon-adsystem.com
2 mediaite.disqus.com am11.mediaite.com
mediaite.disqus.com
2 securepubads.g.doubleclick.net ads.adthrive.com
securepubads.g.doubleclick.net
2 pm-widget.taboola.com cdn.taboola.com
pm-widget.taboola.com
2 c.delivery.consentmanager.net www.mediaite.com
2 cdn.onesignal.com www.mediaite.com
cdn.onesignal.com
2 img.youtube.com www.mediaite.com
2 am13.mediaite.com www.mediaite.com
2 www.mediaite.com
1 ads.pubmatic.com www.mediaite.com
1 reporting.powerad.ai powerad.ai
1 events.bouncex.net
1 syndication.twitter.com
1 s.ntv.io am11.mediaite.com
1 tag.bounceexchange.com am11.mediaite.com
1 launchpad.privacymanager.io launchpad-wrapper.privacymanager.io
1 config.aps.amazon-adsystem.com c.aps.amazon-adsystem.com
1 launchpad-wrapper.privacymanager.io ads.adthrive.com
1 cdn.jwplayer.com ads.adthrive.com
1 ping.chartbeat.net
1 c.aps.amazon-adsystem.com ads.adthrive.com
1 static.chartbeat.com www.mediaite.com
1 gum.criteo.com cdn.taboola.com
1 analytics.twitter.com www.mediaite.com
1 t.co www.mediaite.com
1 b.delivery.consentmanager.net ads.adthrive.com
1 static.adsafeprotected.com www.mediaite.com
1 accounts.google.com apis.google.com
1 onesignal.com cdn.onesignal.com
1 rules.quantcount.com secure.quantserve.com
1 static.ads-twitter.com www.mediaite.com
1 www.google.at www.mediaite.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 secure.quantserve.com www.mediaite.com
1 profusesupport.com www.mediaite.com
1 simple-cdn.s3.amazonaws.com www.mediaite.com
0 trc.taboola.com Failed cdn.taboola.com
0 p.cpx.to Failed powerad.ai
0 a.ad.gt Failed powerad.ai
0 pixel.zprk.io Failed powerad.ai
0 hb.brainlyads.com Failed powerad.ai
www.mediaite.com
0 jadserve.postrelease.com Failed s.ntv.io
0 postrelease.com Failed s.ntv.io
141 65

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
twitter.com
www.facebook.com
www.instagram.com
www.reddit.com
youtu.be
Subject Issuer Validity Valid
mediaite.com
WE1		 2024-06-14 -
2024-09-12		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2024-04-22 -
2025-04-07		 a year crt.sh
*.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.apis.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
onesignal.com
GTS CA 1P5		 2024-05-31 -
2024-08-29		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-21 -
2024-07-20		 3 months crt.sh
profusesupport.com
E1		 2024-05-21 -
2024-08-19		 3 months crt.sh
*.adthrive.com
Amazon RSA 2048 M03		 2024-04-05 -
2025-05-04		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
quantserve.com
R10		 2024-06-24 -
2024-09-22		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.google.at
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-25 -
2025-06-24		 a year crt.sh
accounts.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2024-04-25 -
2025-05-24		 a year crt.sh
b.delivery.consentmanager.net
R10		 2024-07-12 -
2024-10-10		 3 months crt.sh
1376624012.rsc.cdn77.org
E6		 2024-06-27 -
2024-09-25		 3 months crt.sh
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-08 -
2025-05-07		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-31 -
2024-10-29		 a year crt.sh
soggysponge.com
E1		 2024-06-03 -
2024-09-01		 3 months crt.sh
c.delivery.consentmanager.net
R10		 2024-06-12 -
2024-09-10		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-18 -
2024-09-17		 3 months crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2024-05-15 -
2025-06-06		 a year crt.sh
c.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-05-30 -
2025-06-29		 a year crt.sh
*.chartbeat.net
Thawte TLS RSA CA G1		 2023-11-20 -
2024-12-20		 a year crt.sh
*.disqus.com
Sectigo RSA Domain Validation Secure Server CA		 2024-04-16 -
2025-04-16		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
jwplayer.com
Amazon RSA 2048 M02		 2023-10-27 -
2024-11-23		 a year crt.sh
confiant-integrations.net
WE1		 2024-07-12 -
2024-10-10		 3 months crt.sh
*.privacymanager.io
Amazon RSA 2048 M03		 2024-06-26 -
2025-07-24		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03		 2024-03-29 -
2025-04-28		 a year crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-08-20		 a year crt.sh
tag.bounceexchange.com
R3		 2024-05-18 -
2024-08-16		 3 months crt.sh
*.ntv.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-28 -
2024-08-28		 a year crt.sh
powerad.ai
Amazon RSA 2048 M03		 2024-04-28 -
2025-05-28		 a year crt.sh
syndication.twitter.com
R11		 2024-07-05 -
2024-10-03		 3 months crt.sh
assets.bounceexchange.com
WR3		 2024-05-18 -
2024-08-16		 3 months crt.sh
*.wunderkind.co
R3		 2024-06-03 -
2024-09-01		 3 months crt.sh
*.powerad.ai
Go Daddy Secure Certificate Authority - G2		 2023-08-13 -
2024-09-13		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh

This page contains 13 frames:

Primary Page: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Frame ID: EA5C0A81BB14CC7B97A672F82511C68E
Requests: 128 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Na18_7atOn0?autoplay=0&mute=1&rel=0
Frame ID: 3F749F174A4C27168E12E2B0BA5C6D9C
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCGJNv0jLqnkp9VbEXTbRd5w&layout=default&count=default&origin=https%3A%2F%2Fwww.mediaite.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.yt0ljKjs5rs.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo_yzulJpTEe99NXWvLUgho342xMuA%2Fm%3D__features__
Frame ID: D68DE958CA796621DE673EAD24BD6CFB
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.mediaite.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.yt0ljKjs5rs.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo_yzulJpTEe99NXWvLUgho342xMuA%2Fm%3D__features__
Frame ID: 5744FAE4D2EE3EE962FBDDAD4F00FFEC
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCGJNv0jLqnkp9VbEXTbRd5w&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.yt0ljKjs5rs.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo_yzulJpTEe99NXWvLUgho342xMuA%2Fm%3D__features__
Frame ID: FEE466B6E64C7A0CD74A45780ADDD634
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Frame ID: A312B38B964649B61E6FCC55D0CE14A7
Requests: 1 HTTP requests in this frame

Frame: https://ads.adthrive.com/builds/core/406e32c/html/i.html
Frame ID: 8837601F24966EC6635516D37169F8E8
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.mediaite.com
Frame ID: 3D510E3D0EE60A175A3611094B8AD6DD
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f7e086120075fa7%26domain%3Dwww.mediaite.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.mediaite.com%252Ff48a1cfb685f32abf%26relation%3Dparent.parent&container_width=67&href=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&layout=button&locale=en_US&sdk=joey
Frame ID: 099AD05708C3A90B738F4D4C25A6AC84
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Frame ID: C3CE25E6D5D9B165FF21EFE210D3989F
Requests: 1 HTTP requests in this frame

Frame: https://postrelease.com/iframes/topics.html
Frame ID: 8AF67040B14EDB1FBAE1CE73732B2531
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Frame ID: B094BB7D064CDCEE68BD65059A232E52
Requests: 2 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v2.0.js
Frame ID: 826C76C467F8B1490EA83B1B8A707702
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Human Events and Post Millennial Websites Hacked

Page URL History Show full URLs

  1. http://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-privat... HTTP 307
    https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-privat... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

141
Requests

91 %
HTTPS

35 %
IPv6

42
Domains

65
Subdomains

58
IPs

7
Countries

3783 kB
Transfer

12151 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/ HTTP 307
    https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 90
  • https://sb.scorecardresearch.com/cs/6035453/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/6035453/beacon-ios.js

141 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Redirect Chain
  • http://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
  • https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
94 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce0dad2005f9d23bc02116b687ab3235ce3b397e3860eaad5ca3999a22756c20
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

cf-cache-status
DYNAMIC
cf-ray
8a26bcb3acc2a5f6-FRA
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Sat, 13 Jul 2024 05:05:17 GMT
link
<https://www.mediaite.com/wp-json/>; rel="https://api.w.org/", <https://www.mediaite.com/wp-json/wp/v2/posts/5541044>; rel="alternate"; type="application/json", <http://mediaite.com/a/eispz>; rel=shortlink
server
cloudflare
vary
Accept-Encoding Accept-Encoding,Cookie

Redirect headers

Location
https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Non-Authoritative-Reason
HttpsUpgrades
related-posts.css
am14.mediaite.com/med/cnt/plugins/seotech-tagipedia/css/ 		42 B
184 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://am14.mediaite.com/med/cnt/plugins/seotech-tagipedia/css/related-posts.css?ver=6.5.5
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc7bb80e6d7bfffbc85ae2314c11c8ef6e92e2d9ba67f144ffb3bec24c5ab859

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma
public
date
Sat, 13 Jul 2024 05:05:17 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 07 Feb 2020 07:27:51 GMT
server
cloudflare
age
244065
etag
W/"5e3d1177-2a"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cf-ray
8a26bcb6a833a5f6-FRA
expires
Wed, 17 Jul 2024 09:17:32 GMT
min.js
am11.mediaite.com/med/cnt/themes/m2019/js/min/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://am11.mediaite.com/med/cnt/themes/m2019/js/min/min.js?2401311500
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13b2d5629179d12b272d8e9b8369ba940e3bf8b81f1d222e80d74f4aaa6e1f5e

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma
public
date
Sat, 13 Jul 2024 05:05:17 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 31 Jan 2024 15:00:12 GMT
server
cloudflare
age
375068
etag
W/"65ba607c-5ede"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800
cf-ray
8a26bcb6a837a5f6-FRA
expires
Mon, 15 Jul 2024 20:54:08 GMT
flying-focus.js
am14.mediaite.com/med/cnt/themes/m2019/js/min/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://am14.mediaite.com/med/cnt/themes/m2019/js/min/flying-focus.js?2106161638
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ceedb3a311e1610e2e62c405b618d40560bd0f068cdf86cfb5bab4cf68e385ac

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma
public
date
Sat, 13 Jul 2024 05:05:17 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 16 Jun 2021 16:38:46 GMT
server
cloudflare
age
358723
etag
W/"60ca2916-ecb"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800
cf-ray
8a26bcb6e871a5f6-FRA
expires
Tue, 16 Jul 2024 01:26:34 GMT
js
www.googletagmanager.com/gtag/ 		196 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-9069088-1
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b54be48da33c00a2cfc226e0ab102a5e851cf2ccc5b1f2f9954296972f6482b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 05:05:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72684
x-xss-protection
0
last-modified
Sat, 13 Jul 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 13 Jul 2024 05:05:17 GMT
js
www.googletagmanager.com/gtag/ 		309 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ECWL4EPTZN
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b8bcf4c4415959ae01774a5c743ddcde1e9776df4b219b969be9c59ed311168c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 05:05:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104750
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 13 Jul 2024 05:05:17 GMT
am-franklin-700.woff2
am11.mediaite.com/med/cnt/themes/m2019/fonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://am11.mediaite.com/med/cnt/themes/m2019/fonts/am-franklin-700.woff2?2106041514
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1906 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69b1faac5f52c20c991dcf5e73fa241d9fb3f8f7cbe3c4d94750ae1b05d7b0fe

Request headers

Referer
https://www.mediaite.com/
Origin
https://www.mediaite.com
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma
public
date
Sat, 13 Jul 2024 05:05:17 GMT
cf-cache-status
HIT
last-modified
Fri, 04 Jun 2021 15:14:37 GMT
server
cloudflare
age
1209
etag
"60ba435d-3808"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8a26bcb6cef29b22-FRA
content-length
14344
expires
Sat, 20 Jul 2024 04:45:08 GMT
am-franklin-700i.woff2
am14.mediaite.com/med/cnt/themes/m2019/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://am14.mediaite.com/med/cnt/themes/m2019/fonts/am-franklin-700i.woff2?2106041514
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4369e005746c8a2a0aab78e11d85497a54a3d969bc283d5b492409faeda922b7

Request headers

Referer
https://www.mediaite.com/
Origin
https://www.mediaite.com
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma
public
date
Sat, 13 Jul 2024 05:05:17 GMT
cf-cache-status
HIT
last-modified
Fri, 04 Jun 2021 15:14:37 GMT
server
cloudflare
age
374120
etag
"60ba435d-3c98"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8a26bcb6ca4b65a6-FRA
content-length
15512
expires
Mon, 15 Jul 2024 21:09:57 GMT
am-franklin-800.woff2
am12.mediaite.com/med/cnt/themes/m2019/fonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://am12.mediaite.com/med/cnt/themes/m2019/fonts/am-franklin-800.woff2?2106041514
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0da206ff8e60d35e2ca003978c7f27a2a46a02e4c63abd632b3a2ebfe1bd8835

Request headers

Referer
https://www.mediaite.com/
Origin
https://www.mediaite.com
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma
public
date
Sat, 13 Jul 2024 05:05:18 GMT
cf-cache-status
HIT
last-modified
Fri, 04 Jun 2021 15:14:37 GMT
server
cloudflare
age
350940
etag
"60ba435d-3408"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8a26bcb7aad665a6-FRA
content-length
13320
expires
Tue, 16 Jul 2024 03:36:18 GMT
am-franklin-800i.woff2
am12.mediaite.com/med/cnt/themes/m2019/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://am12.mediaite.com/med/cnt/themes/m2019/fonts/am-franklin-800i.woff2?2106041514
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bf979eb49360af2f3aeed5cd5ebd25e8702f55cb5205ab14d6ef229b78855f5

Request headers

Referer
https://www.mediaite.com/
Origin
https://www.mediaite.com
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma
public
date
Sat, 13 Jul 2024 05:05:18 GMT
cf-cache-status
HIT
last-modified
Fri, 04 Jun 2021 15:14:37 GMT
server
cloudflare
age
372153
etag
"60ba435d-3f78"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8a26bcb7aad465a6-FRA
content-length
16248
expires
Mon, 15 Jul 2024 21:42:45 GMT
crit-main.min.css
am13.mediaite.com/med/cnt/themes/m2019/css/min/ 		36 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://am13.mediaite.com/med/cnt/themes/m2019/css/min/crit-main.min.css?2402071915
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06772a40a60519e707b4b2aabf4945607ac8d3eb6de4b57b02b3d905c0838871

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma
public
date
Sat, 13 Jul 2024 05:05:17 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 07 Feb 2024 19:15:56 GMT
server
cloudflare
age
342760
etag
W/"65c3d6ec-91f3"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cf-ray
8a26bcb6a83aa5f6-FRA
expires
Tue, 16 Jul 2024 05:52:37 GMT
def-main.min.css
am14.mediaite.com/med/cnt/themes/m2019/css/min/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://am14.mediaite.com/med/cnt/themes/m2019/css/min/def-main.min.css?2407061530
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
984f97bcdf1e05c38c49feaa6c42624cea2fcc07934d0ab7a7aa9780c7808b7a

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma
public
date
Sat, 13 Jul 2024 05:05:17 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 06 Jul 2024 15:30:20 GMT
server
cloudflare
age
566727
etag
W/"6689630c-1d55"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cf-ray
8a26bcb6a82fa5f6-FRA
expires
Sat, 13 Jul 2024 15:39:50 GMT
Screen-Shot-2024-07-12-at-7.51.18-PM-288x162.jpg
am11.mediaite.com/med/cnt/uploads/2024/07/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am11.mediaite.com/med/cnt/uploads/2024/07/Screen-Shot-2024-07-12-at-7.51.18-PM-288x162.jpg
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8d049f18f24330ee79ed08cd02b4cc829e476037583946de6f3a0ac29b9d698

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 05:05:17 GMT
cf-cache-status
HIT
age
677
content-length
14390
pragma
public
cf-bgj
h2pri
last-modified
Sat, 13 Jul 2024 02:51:36 GMT
server
cloudflare
etag
"6691ebb8-3836"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8a26bcb6a839a5f6-FRA
expires
Sat, 20 Jul 2024 04:54:00 GMT
Screenshot-2024-07-12-at-8.08.35%E2%80%AFPM-288x162.png
am12.mediaite.com/med/cnt/uploads/2024/07/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am12.mediaite.com/med/cnt/uploads/2024/07/Screenshot-2024-07-12-at-8.08.35%E2%80%AFPM-288x162.png
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b1775a2394a99b40132858c9fa142aa21192a39f729548786727169d3626cce

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma
public
date
Sat, 13 Jul 2024 05:05:18 GMT
cf-cache-status
MISS
last-modified
Sat, 13 Jul 2024 01:09:42 GMT
server
cloudflare
etag
"6691d3d6-16521"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8a26bcb7a941a5f6-FRA
content-length
91425
expires
Sat, 20 Jul 2024 05:05:18 GMT
AP20151752596432-288x162.jpg
am14.mediaite.com/med/cnt/uploads/2024/07/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am14.mediaite.com/med/cnt/uploads/2024/07/AP20151752596432-288x162.jpg
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
baa4c2747e958a1040485c77ba95ccf98db052d2d524a104e43aa3c2c9651a69

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 05:05:17 GMT
cf-cache-status
HIT
age
9740
content-length
15259
pragma
public
cf-bgj
h2pri
last-modified
Fri, 12 Jul 2024 22:50:08 GMT
server
cloudflare
etag
"6691b320-3b9b"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8a26bcb6d85ea5f6-FRA
expires
Sat, 20 Jul 2024 02:22:57 GMT
Screen-Shot-2024-07-12-at-6.03.00-PM-288x162.jpg
am13.mediaite.com/med/cnt/uploads/2024/07/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am13.mediaite.com/med/cnt/uploads/2024/07/Screen-Shot-2024-07-12-at-6.03.00-PM-288x162.jpg
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce2e01a2ab793a3e2222177cb5e335c6141872de115c26280f626af33a02a302

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 05:05:17 GMT
cf-cache-status
HIT
age
9111
content-length
13969
pragma
public
cf-bgj
h2pri
last-modified
Sat, 13 Jul 2024 01:03:19 GMT
server
cloudflare
etag
"6691d257-3691"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8a26bcb6e870a5f6-FRA
expires
Sat, 20 Jul 2024 02:33:26 GMT
AP24134755712134-288x162.jpg
am12.mediaite.com/med/cnt/uploads/2024/05/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am12.mediaite.com/med/cnt/uploads/2024/05/AP24134755712134-288x162.jpg
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
588fc589aeacdcae4c2673ea8773db44437384a0f91194e56348fa85a32e4096

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 05:05:18 GMT
cf-cache-status
HIT
age
9741
content-length
13484
pragma
public
cf-bgj
h2pri
last-modified
Tue, 14 May 2024 14:32:00 GMT
server
cloudflare
etag
"664375e0-34ac"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8a26bcb7a942a5f6-FRA
expires
Sat, 20 Jul 2024 02:22:57 GMT
AP23215009791761-2048x1366.jpg
am11.mediaite.com/med/cnt/uploads/2024/05/ 		273 KB
274 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am11.mediaite.com/med/cnt/uploads/2024/05/AP23215009791761-2048x1366.jpg
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91ac3d5ae5912a1f07c1651fdafc2fb432fe5092adcf6822ba96c28ab31d9f7a

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma
public
date
Sat, 13 Jul 2024 05:05:18 GMT
cf-cache-status
MISS
last-modified
Fri, 03 May 2024 04:20:20 GMT
server
cloudflare
etag
"66346604-4455d"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8a26bcb6a835a5f6-FRA
content-length
279901
expires
Sat, 20 Jul 2024 05:05:18 GMT
hacked-2048x960.jpg
am12.mediaite.com/med/cnt/uploads/2024/05/ 		276 KB
276 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am12.mediaite.com/med/cnt/uploads/2024/05/hacked-2048x960.jpg
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a57e62bad9d78ce3693df8d415bbe710a06eb71e6da389f7f2267996d8d3912

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma
public
date
Sat, 13 Jul 2024 05:05:18 GMT
cf-cache-status
MISS
last-modified
Fri, 03 May 2024 04:08:30 GMT
server
cloudflare
etag
"6634633e-44fe9"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8a26bcb7a943a5f6-FRA
content-length
282601
expires
Sat, 20 Jul 2024 05:05:18 GMT
reach.js
simple-cdn.s3.amazonaws.com/js/ 		0
367 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simple-cdn.s3.amazonaws.com/js/reach.js
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.218.221.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Date
Sat, 13 Jul 2024 05:05:19 GMT
Last-Modified
Tue, 26 Jan 2021 12:54:35 GMT
Server
AmazonS3
x-amz-request-id
JWXP32BEVGDDC73Z
ETag
"d41d8cd98f00b204e9800998ecf8427e"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
0
x-amz-id-2
0tzKjMT5GwnrecyLm4NgSnTFbg+vHwLB6Ww0V/ofWcELL6L1pqV+admG2KoyXLCx5ySxSA74Ha4=
maxresdefault.jpg
img.youtube.com/vi/HIiGIOKc9xk/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/HIiGIOKc9xk/maxresdefault.jpg
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2994853cfb2abaa39b5899f36cb9e131752effb9dd0f11148dd92458cd466f8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 05:04:33 GMT
x-content-type-options
nosniff
age
44
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35981
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 13 Jul 2024 05:09:33 GMT
maxresdefault.jpg
img.youtube.com/vi/GdYHw3oa3nI/ 		106 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.youtube.com/vi/GdYHw3oa3nI/maxresdefault.jpg
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1814f5969af017d60a7e1632da81d94b36fd1694a32e40c77337f764b1c0bb22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 04:41:39 GMT
x-content-type-options
nosniff
age
1418
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
108901
x-xss-protection
0
server
sffe
etag
"1720198723"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 13 Jul 2024 06:41:39 GMT
platform.js
apis.google.com/js/ 		55 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48b4186595c64c33e8190a639202e759c1730e3fbbfe038cfe474910057a1d16
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 13 Jul 2024 05:05:18 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21605
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"ecec368df63b2e6b"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Jul 2024 05:05:18 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=1.0.0
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 05:05:17 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
315
etag
W/"a87c48d211877c49b878679b2e3cdab8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8a26bcb718641941-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Tue, 16 Jul 2024 05:05:17 GMT
fbevents.js
connect.facebook.net/en_US/ 		223 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 13 Jul 2024 05:05:17 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58653
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=7, rtx=0, c=12, mss=1297, tbw=2777, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
0+nFBu2rm56aNqMOZcPyKr5Z4/lrBljg0LLGnq4jvzLemyVB+Cq5D2GPnewkutu0aLH45IONi2pEUe0hJZPJQw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
fiwBvTgc29EVE0skMlb3zpzZVVI_r2N9EWtugrJ9eiLo6qiTFlPiUPSIybVGBG50sDwdqewBnnKFw
profusesupport.com/v2/0/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://profusesupport.com/v2/0/fiwBvTgc29EVE0skMlb3zpzZVVI_r2N9EWtugrJ9eiLo6qiTFlPiUPSIybVGBG50sDwdqewBnnKFw
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccfc73ec1460a186d7495c6576b4ea027d7c9c34821a35c692cc43804254d424
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 05:05:18 GMT
content-encoding
br
via
1.1 google
strict-transport-security
max-age=15724800; preload
cf-cache-status
MISS
x-buildnumber
1353145067
alt-svc
h3=":443"; ma=86400
server
cloudflare
x-datacenter
gce-europe-west1
etag
W/"512ab2f0b40fdd752fdf96e55b54ed866ee9e1e533273a5f412497755b6be24c"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-test-mvfd
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
timing-allow-origin
*
cf-ray
8a26bcb80f73367f-FRA
ads.min.js
ads.adthrive.com/sites/5ac64c79fdf4d60603abe6a5/ 		97 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/sites/5ac64c79fdf4d60603abe6a5/ads.min.js?referrer=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&cb=42
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-98.fra2.r.cloudfront.net
Software
CloudFront /
Resource Hash
b21e674f7cdd5c6fcd92411e6a4fb9bc8fd0c43dd50d36e02c8d1b1b208d226a

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

adthrive-bucket
flex-10
date
Sat, 13 Jul 2024 05:05:18 GMT
content-encoding
br
via
1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
adthrive-deployment
2024-07-12-01:acd-467:pr5000:406e32c:4
x-amz-cf-pop
FRA2-C1
adthrive-commit
406e32c
x-cache
Miss from cloudfront
adthrive-gdpr
true
pragma
no-cache
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-store, must-revalidate, s-maxage=28800
x-amz-cf-id
MsBLcOgzz7ryT5x4vxtcVQmAAi96pzBK6LL-DsX0NPM1hwRbIIYlOw==
expires
0
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-38.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 04:02:05 GMT
content-encoding
gzip
via
1.1 93f1c701362eb59a676baaac7ea81bd8.cloudfront.net (CloudFront)
last-modified
Fri, 03 May 2024 13:20:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
3794
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
5FPKH9ShAgCxnw_Wwvk9cw4LecbUIJsJ3P4wazgXumXj08bhOpDX3w==
loader.js
cdn.taboola.com/libtrc/abramsmedia-mediaitenetwork/ 		768 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/abramsmedia-mediaitenetwork/loader.js
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
49f534300fc36cabcd217998dac71b63b0d8f2443fb7131a2c7b96f2ae84e38d

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id
BpuYrtxR_M0LYyD8rJrjExrj9tsV65op
content-encoding
gzip
via
1.1 varnish
date
Sat, 13 Jul 2024 05:05:18 GMT
x-amz-request-id
366WVY8YPNBB7841
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
59437
x-amz-id-2
yFQvBJvhgMkUo9U5UH3PY+qhx6FOFdKoD859Uvgb4mJYBLxrjvAzwA2XUII0SArQBH09tn4hrUE=
x-served-by
cache-mad22082-MAD
last-modified
Thu, 11 Jul 2024 14:35:36 GMT
server
AmazonS3
x-timer
S1720847118.115707,VS0,VE177
etag
"9f01ee3377a3f0430d85729c4ef871f1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
60
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
0
quant.js
secure.quantserve.com/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 05:05:18 GMT
content-encoding
gzip
etag
"tIg8n6xaLBY4WwNLLw9OGA=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sat, 20 Jul 2024 05:05:18 GMT
truncated
/ 		525 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b22e31dd0658b72a1248a1b9e40cdf109da76be3bf6b830fc6a98453f2ec278

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/png
972821673164991
connect.facebook.net/signals/config/ 		60 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/972821673164991?v=2.9.161&r=stable&domain=www.mediaite.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1e110a9e8d7d41d3dae0344c2c40ea75aa03909698e1d98d70f1f7bc5a1282bd
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 13 Jul 2024 05:05:17 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12352
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=7, rtx=0, c=64, mss=1297, tbw=64142, tp=-1, tpl=-1, uplat=3, ullat=-1
pragma
public
x-fb-debug
S2AeFz07ZD27OiXtxaf2oB4ldK0a6m8os843od/T31uZUX1b/6U68bslzHZWj9B9HBosEabiDMkokBTo0K54Rw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=972821673164991&ev=PageView&dl=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&rl=&if=false&ts=1720847117994&sw=1600&sh=1200&v=2.9.161&r=stable&a=wordpress-6.5.5-3.0.7&ec=0&o=4126&fbp=fb.1.1720847117994.647721540397968138&ler=empty&cdl=API_unavailable&it=1720847117970&coo=false&rqm=GET
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=8, rtx=0, c=10, mss=1297, tbw=2783, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 13 Jul 2024 05:05:18 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=972821673164991&ev=PageView&dl=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&rl=&if=false&ts=1720847117994&sw=1600&sh=1200&v=2.9.161&r=stable&a=wordpress-6.5.5-3.0.7&ec=0&o=4126&fbp=fb.1.1720847117994.647721540397968138&ler=empty&cdl=API_unavailable&it=1720847117970&coo=false&rqm=FGET
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Sat, 13 Jul 2024 05:05:18 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=8, rtx=0, c=10, mss=1297, tbw=3100, tp=-1, tpl=-1, uplat=33, ullat=0
pragma
no-cache
x-fb-debug
kg6E6JKxx6pCtOMnxy6lAwC2MtT02NwPDqKEmV/2zLlAzXZzgzK0AQ+Of0+PuVa1Ynaa14Pb4eP9A21aq0KqGg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		196 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-9069088-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ECWL4EPTZN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e94c6d311de30a8d29ba76bbcd0989daf7b846b77aba9843aa5975252ba59ab0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 05:05:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72747
x-xss-protection
0
last-modified
Sat, 13 Jul 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 13 Jul 2024 05:05:18 GMT
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-ECWL4EPTZN&gtm=45je4790v896814065za200&_p=1720847117893&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1515414796.1720847118&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720847118&sct=1&seg=0&dl=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&dt=Human%20Events%20and%20Post%20Millennial%20Websites%20Hacked&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=691&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ECWL4EPTZN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Sat, 13 Jul 2024 05:05:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mediaite.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ECWL4EPTZN&cid=1515414796.1720847118&gtm=45je4790v896814065za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ECWL4EPTZN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Sat, 13 Jul 2024 05:05:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mediaite.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.at/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.at/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ECWL4EPTZN&cid=1515414796.1720847118&gtm=45je4790v896814065za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1&npa=1&frm=0&z=1477943540
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Sat, 13 Jul 2024 05:05:18 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-9069088-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 13 Jul 2024 03:41:01 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5057
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 13 Jul 2024 05:41:01 GMT
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 05:05:18 GMT
content-encoding
gzip
last-modified
Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption
AES256
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15412
x-served-by
cache-iad-kiad7000168-IAD, cache-fra-etou8220087-FRA
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=1.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 05:05:18 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
109
etag
W/"e3be409ac3c100e2a5d3f264ec260551"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8a26bcb7d9191941-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Tue, 16 Jul 2024 05:05:18 GMT
Na18_7atOn0
www.youtube.com/embed/ Frame 3F74 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/Na18_7atOn0?autoplay=0&mute=1&rel=0
Requested by
Host: am11.mediaite.com
URL: https://am11.mediaite.com/med/cnt/themes/m2019/js/min/min.js?2401311500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mediaite.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jul 2024 05:05:18 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-xss-protection
0
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.yt0ljKjs5rs.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo_yzulJpTEe99NXWvLUgho342xMuA/ 		138 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.yt0ljKjs5rs.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo_yzulJpTEe99NXWvLUgho342xMuA/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd5bf2711b952af69162c95a19e30326c252011ffafeae2bd295cfe732a9b70c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 09 Jul 2024 10:14:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
327023
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49325
x-xss-protection
0
last-modified
Thu, 06 Jun 2024 15:21:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Jul 2025 10:14:55 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.yt0ljKjs5rs.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo_yzulJpTEe99NXWvLUgho342xMuA/ 		124 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.yt0ljKjs5rs.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo_yzulJpTEe99NXWvLUgho342xMuA/cb=gapi.loaded_1?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3d00e5d946b1dc139a67331992e089c0b773bb38fcd222755eef1873f994a12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 08 Jul 2024 17:51:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
386024
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43217
x-xss-protection
0
last-modified
Thu, 06 Jun 2024 15:21:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Jul 2025 17:51:34 GMT
subscribe_embed
www.youtube.com/ Frame D68D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCGJNv0jLqnkp9VbEXTbRd5w&layout=default&count=default&origin=https%3A%2F%2Fwww.mediaite.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.yt0ljKjs5rs.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo_yzulJpTEe99NXWvLUgho342xMuA%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mediaite.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 13 Jul 2024 05:05:18 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-xss-protection
0
b
sb.scorecardresearch.com/ 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=9304643&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1720847118066&ns_c=UTF-8&c7=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&c8=Human%20Events%20and%20Post%20Millennial%20Websites%20Hacked&c9=
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-38.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 05:05:18 GMT
via
1.1 93f1c701362eb59a676baaac7ea81bd8.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P11
x-amz-cf-id
tMZ0FOnkWVNQmb55ktL71wzvUWoIP3KdhKJrKl5w9M72G34WTE7oeQ==
x-cache
Miss from cloudfront
rules-p-41YeEX_ui4Qms.js
rules.quantcount.com/ 		160 B
632 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-41YeEX_ui4Qms.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:6600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f581d6679a6f83ee35007a20ded1bba92e4675c2e6911555e014612a3b9e29b6

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 04:48:38 GMT
via
1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
1003
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 22:56:05 GMT
server
AmazonS3
etag
"962ca8f7e53b2c29067795cc5ed95cfb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
fvAqoIE4ToZYU-33s7Zqtjy6QuQUOlMIBIt57pGVT0KibXN5_Tl1MQ==
web
onesignal.com/api/v1/sync/135a8c0a-92bf-468c-8032-395b9c19fe97/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/135a8c0a-92bf-468c-8032-395b9c19fe97/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec4481680a19b1503fc731c7fed012a1305b36983ccea195804cc10d5e82bd93
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 05:05:18 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
age
1298
cf-polished
origSize=3407
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
53d66fee-acb5-45ea-bb98-ad8853413ab2
x-runtime
0.030247
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"084ccbb3e81a4d92fd1df6ed3c33766a"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
8a26bcb859791941-FRA
access-control-allow-headers
SDK-Version
expires
Sat, 13 Jul 2024 06:05:18 GMT
postmessageRelay
accounts.google.com/o/oauth2/ Frame 5744 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.mediaite.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.yt0ljKjs5rs.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo_yzulJpTEe99NXWvLUgho342xMuA%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.yt0ljKjs5rs.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo_yzulJpTEe99NXWvLUgho342xMuA/cb=gapi.loaded_1?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-VrkxnPUOapncViDolvsmWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mediaite.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'nonce-VrkxnPUOapncViDolvsmWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
content-type
text/html; charset=utf-8
cross-origin-resource-policy
same-site
date
Sat, 13 Jul 2024 05:05:18 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
skeleton.gif
static.adsafeprotected.com/ 		43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?adspot_id=tdaadh_728x90_
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:fc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 12 Jul 2024 20:35:46 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
30572
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
kzH7hOsUAeLf3eSGNY7mVocdcYLy4v8Jggj648qsUxNKCT86Ybf9gg==
cmp.php
b.delivery.consentmanager.net/delivery/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b.delivery.consentmanager.net/delivery/cmp.php?&cdid=cf7510ba3149d&h=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&&__cmpfcc=1&l=en&ls=EN_EN_DE&lp=EN&o=1720847118141
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5ac64c79fdf4d60603abe6a5/ads.min.js?referrer=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&cb=42
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.230.98.78 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
ds87-230-98-78.dedicated.psmanaged.com
Software
/
Resource Hash
87d08e171dce6f01a67179cfa9204a12e014afc41bd78ef8c75cbf5eb3fb061e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Sat, 13 Jul 2024 05:05:18 GMT
content-encoding
gzip
last-modified
Sat, 13 Jul 2024 05:05:18 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
edge-control
no-store, no-cache, must-revalidate
cache-control
no-store, no-cache, must-revalidate
x-xss-protection
0
expires
Thu, 01 Dec 1994 16:00:00 GMT
cmp_final.min.js
cdn.consentmanager.net/delivery/js/ 		422 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.consentmanager.net/delivery/js/cmp_final.min.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5ac64c79fdf4d60603abe6a5/ads.min.js?referrer=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&cb=42
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
6c8e40d0b7910c8066300a7576b89ef59631fb077df2faf5890d36a10e1b8804

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-77-pop
frankfurtDE
date
Sat, 13 Jul 2024 05:05:18 GMT
content-encoding
gzip
x-accel-date-max
1720044029
x-77-cache
HIT
x-cache
HIT
edge-control
max-age=86400
x-age
25479
x-accel-date
1720821639
alt-svc
h3=":443"; ma=86400
x-77-nzt
EgwB1GY4tAH3h2MAAAgBJRPCNAFh
x-accel-expires
@1720908039
x-77-age
25479
last-modified
Wed, 03 Jul 2024 21:59:15 GMT
server
CDN77-Turbo
etag
W/"69737-61c5ef0ef92c0"
x-77-nzt-ray
6d204d11e92841370e0b92660c1dcd0b
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
expires
Thu, 04 Jul 2024 22:00:29 GMT
marmalade
ads.adthrive.com/api/v1/ 		5 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/api/v1/marmalade?siteid=5ac64c79fdf4d60603abe6a5&url=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&deliveryFeatures=amazonBetaApstag,consentManagerCMP,manualCookieSync,raptiveFloors,recencyFrequency,reissuingSticky,switzerlandGdpr,ttdSync
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5ac64c79fdf4d60603abe6a5/ads.min.js?referrer=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&cb=42
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-98.fra2.r.cloudfront.net
Software
/
Resource Hash
30bff6587a9dc3ecc8a27d538ff84be70cc8169c60ae121c63d74e9d6fdeff2c

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 05:05:18 GMT
content-encoding
br
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amzn-trace-id
Root=1-66920b0e-3c11516f437b7d5f197c0c29;Parent=1fd54eb7ced0dfad;Sampled=0;lineage=e948d84a:0
x-amzn-requestid
31462fe6-2396-4876-8c1c-eb3a9cb8192a
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=3600, s-maxage=3600
x-amz-apigw-id
a1aqTGS6oAMEuYQ=
x-amz-cf-id
1FE0yXCKsUTQj4a2a76g6ucsX7s_hSs9W5II_L6imEg43n9lO8ayQQ==
5ac64c79fdf4d60603abe6a5
ads.adthrive.com/api/v2/raptiveFloors/ 		42 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/api/v2/raptiveFloors/5ac64c79fdf4d60603abe6a5
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5ac64c79fdf4d60603abe6a5/ads.min.js?referrer=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&cb=42
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-98.fra2.r.cloudfront.net
Software
/
Resource Hash
486c8330aa4047501f52f6dc355d68eaf354bd737d9e69896aedbc950175ccef

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 12 Jul 2024 19:19:23 GMT
content-encoding
br
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
35154
x-amzn-trace-id
Root=1-669181bb-4d8bbc1d034151773aa55ecf;Parent=01a1cb03621ae929;Sampled=0;lineage=e7e36c41:0
x-amzn-requestid
9f50789f-f31d-4bcb-b508-bcf65231acb5
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
a0E1YH5VIAMEdEQ=
x-amz-cf-id
WT4BR0PUMTenFhgqets9X_YGgzT8gdqc2F48Ti4Lyrp01jTurAPwKA==
adthrive.min.js
ads.adthrive.com/builds/core/406e32c/es2018/js/ 		1 MB
342 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/406e32c/es2018/js/adthrive.min.js?deployment=2024-07-12-01:acd-467:pr5000:406e32c:4&bucket=flex-10&deliveryFeatures=amazonBetaApstag,consentManagerCMP,manualCookieSync,raptiveFloors,recencyFrequency,reissuingSticky,switzerlandGdpr,ttdSync&siteid=5ac64c79fdf4d60603abe6a5
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5ac64c79fdf4d60603abe6a5/ads.min.js?referrer=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&cb=42
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-98.fra2.r.cloudfront.net
Software
CloudFront /
Resource Hash
ffa15d5d3b25c5eeced4c196bf91875a37c70e53701238fc965391e93162f2f6

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 00:04:17 GMT
content-encoding
gzip
via
1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA2-C1
age
18061
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600, s-maxage=86400
content-length
350014
x-amz-cf-id
bS15W5bHHFaycvXa5kgYhtk5eXLcjN4c_9604vmi4ftRGR1m7j7xww==
5ac64c79fdf4d60603abe6a5.js
ads.adthrive.com/builds/customizations/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/customizations/5ac64c79fdf4d60603abe6a5.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5ac64c79fdf4d60603abe6a5/ads.min.js?referrer=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&cb=42
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-98.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2ca7cabb295b87897a31f8d84fdebc9057146e66d1aa1ef20981cb05c95e21a0

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id
BcTLvCsh9NHGJiT4KY0aXsxXR9np0p_W
content-encoding
br
via
1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
date
Sat, 13 Jul 2024 04:45:57 GMT
last-modified
Thu, 11 Jul 2024 17:33:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
1171
x-amz-server-side-encryption
AES256
etag
W/"b10f0ff4912c5a82f26020a86408ccdd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
6vgY9uLx2a-KZ-SHV9e3GveSA7ZQSkmIM-clY5YOiNv5IRl_urslKw==
adsct
t.co/i/ 		43 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=a5812c37-8827-4521-bd6a-0f831f4fc75b&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=a4a28c87-ac72-4175-b5e9-bc3eba1926e1&tw_document_href=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4cef&type=javascript&version=2.3.30
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-response-time
182
date
Sat, 13 Jul 2024 05:05:18 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
0d3dde5d522d5275
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
a158bc6c8d02cec93ec56df42a932a58fae173dea90a691625b5793d91c92bbc
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=a5812c37-8827-4521-bd6a-0f831f4fc75b&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=a4a28c87-ac72-4175-b5e9-bc3eba1926e1&tw_document_href=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4cef&type=javascript&version=2.3.30
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-response-time
184
date
Sat, 13 Jul 2024 05:05:18 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
394ded6b4a8a2929
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
11e8e4e7b5795f5a80316866417e8d22671277e3515634d0998acdf6791db8f9
content-length
43
collect
www.google-analytics.com/j/ 		1 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1759221274&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&ul=de-de&de=UTF-8&dt=Human%20Events%20and%20Post%20Millennial%20Websites%20Hacked&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=811623159&gjid=122848960&cid=1515414796.1720847118&tid=UA-9069088-1&_gid=794253796.1720847118&_r=1&gtm=457e4790za200zb896814065&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&jsscut=1&npa=1&z=848817148
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Jul 2024 05:05:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mediaite.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
bV8xLndfOTg5Nzgucl9HRFBSLmxfZW4uZF8zNDc0Mi54XzgxLnYucC50XzM0NzQyLnh0XzEy.js
cdn.consentmanager.net/delivery/customdata/ 		102 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.consentmanager.net/delivery/customdata/bV8xLndfOTg5Nzgucl9HRFBSLmxfZW4uZF8zNDc0Mi54XzgxLnYucC50XzM0NzQyLnh0XzEy.js
Requested by
Host: b.delivery.consentmanager.net
URL: https://b.delivery.consentmanager.net/delivery/cmp.php?&cdid=cf7510ba3149d&h=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&&__cmpfcc=1&l=en&ls=EN_EN_DE&lp=EN&o=1720847118141
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
edc38a78185af07f77d55e25981b34d0988bab772ada07729d521f4480d5e1b5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-77-pop
frankfurtDE
date
Sat, 13 Jul 2024 05:05:18 GMT
content-encoding
gzip
x-accel-date-max
1720845724
x-77-cache
HIT
x-cache
HIT
edge-control
public, max-age=1800
x-age
1394
x-accel-date
1720845724
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
x-77-nzt
EgwB1GY4tAH3cgUAAAwBJRPCNAH3BgAAAA
x-accel-expires
@1720847518
x-77-age
1394
last-modified
Sat, 13 Jul 2024 04:41:58 GMT
server
CDN77-Turbo
x-77-nzt-ray
6d204d11e92841370e0b92669f5f680c
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=1800
expires
Sat, 13 Jul 2024 05:11:58 GMT
6a5feb1f45ac8dc145b5230dfc9e942fd8e451c49ec53f2998200ef86e2b460a8b
soggysponge.com/submit/ 		303 B
721 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://soggysponge.com/submit/6a5feb1f45ac8dc145b5230dfc9e942fd8e451c49ec53f2998200ef86e2b460a8b
Requested by
Host: profusesupport.com
URL: https://profusesupport.com/v2/0/fiwBvTgc29EVE0skMlb3zpzZVVI_r2N9EWtugrJ9eiLo6qiTFlPiUPSIybVGBG50sDwdqewBnnKFw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25b1ed9a8b9269739148c249f9f6f262c64585cf80ff7d9ecf3579c8cd8fce77
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 13 Jul 2024 05:05:18 GMT
strict-transport-security
max-age=15724800; preload
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
br
x-buildnumber
1353145067
alt-svc
h3=":443"; ma=86400
server
cloudflare
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mediaite.com
x-hostname
fen-hoothoot-europe-west1-test-mvfd
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray
8a26bcbb6f731ac7-FRA
expires
Sat, 13 Jul 2024 05:05:17 GMT
/
c.delivery.consentmanager.net/delivery/info/ 		43 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.delivery.consentmanager.net/delivery/info/?id=98978&did=1&cfdid=1&t=pv.d_ncs.d_ancs.d_bncs&h=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&o=1720847118456&l=EN&lv=103409&d=1&ct=14&e=&e2=&e3=&i=&sv=12&dv=81&
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.230.98.76 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
ma5050018.psmanaged.com
Software
/
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Sat, 13 Jul 2024 05:05:18 GMT
last-modified
Sat, 13 Jul 2024 05:05:18 GMT
content-type
image/gif
access-control-allow-origin
*
edge-control
no-store, no-cache, must-revalidate
cache-control
no-store, no-cache, must-revalidate
content-length
43
x-xss-protection
0
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
c.delivery.consentmanager.net/delivery/info/ 		43 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.delivery.consentmanager.net/delivery/info/?id=98978&did=1&cfdid=1&t=cv&h=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&o=1720847118456&l=EN&lv=103409&d=1&ct=14&e=&e2=&e3=&i=&sv=12&dv=81&
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.230.98.76 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS
ma5050018.psmanaged.com
Software
/
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Sat, 13 Jul 2024 05:05:18 GMT
last-modified
Sat, 13 Jul 2024 05:05:18 GMT
content-type
image/gif
access-control-allow-origin
*
edge-control
no-store, no-cache, must-revalidate
cache-control
no-store, no-cache, must-revalidate
content-length
43
x-xss-protection
0
expires
Thu, 01 Dec 1994 16:00:00 GMT
en.gif
cdn.consentmanager.net/delivery/flags/ 		384 B
838 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.consentmanager.net/delivery/flags/en.gif
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
eee4cf12a666b414c57a7f3ad86679b3f8d3baeb0914c5f2ec68243d9375d881

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-77-pop
frankfurtDE
date
Sat, 13 Jul 2024 05:05:18 GMT
x-accel-date-max
1708090829
x-77-cache
HIT
x-cache
HIT
edge-control
max-age=2592000
x-age
12756289
x-accel-date
1708090829
alt-svc
h3=":443"; ma=86400
content-length
384
x-77-nzt
EgwB1GY4tAH3QaXCAAwB1GY4EQH3IgAAAA
x-accel-expires
@1739626795
x-77-age
12756289
last-modified
Mon, 14 Jun 2021 21:37:37 GMT
server
CDN77-Turbo
etag
"180-5c4c0aa828a40"
x-77-nzt-ray
6d204d11e92841370e0b926654fe6f1c
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Feb 2025 13:39:55 GMT
load.js
pm-widget.taboola.com/abramsmedia-mediaitenetwork/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/abramsmedia-mediaitenetwork/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/abramsmedia-mediaitenetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91d23e883844155a6d1b95820f81df1351008858b022cd3c144b8308f0e7b2ce

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id
4yEeZccdZ65nSkwItF8mHuM7JL75HTl0
content-encoding
gzip
via
1.1 varnish
date
Sat, 13 Jul 2024 05:05:18 GMT
x-amz-request-id
JHMC3WP9XAFYWFHH
age
0
x-cache
HIT
content-length
1119
x-amz-id-2
lTWIBAvc6cLpGb5UrcxHnLPbo6uWe0a+MJTGPWK2DnCQrE/FmHl/eKeJyuhBCNO/uByjYWvPdqQ=
x-served-by
cache-mad22082-MAD
last-modified
Fri, 15 Mar 2024 11:43:58 GMT
server
AmazonS3
x-timer
S1720847119.527823,VS0,VE309
etag
"a185b45137b16773b5c5c7bac51f1cfa"
vary
Accept-Encoding,
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
0
impl.20240711-17-RELEASE.js
cdn.taboola.com/libtrc/ 		909 KB
184 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20240711-17-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/abramsmedia-mediaitenetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
bf97073f136c1cf28013a7cdb83c5152a3672b4082d24f5c2a2fcd8af954ef15

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id
WYh0FYWDKhMNnbuHV0t4rEuvxX.X407D
content-encoding
br
via
1.1 varnish
date
Sat, 13 Jul 2024 05:05:18 GMT
x-amz-request-id
DAVYEGT5Q456DDPK
age
2193
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
188219
x-amz-id-2
0iHGIl1Du0CE4mIOs8GHpb5ju+pLDvnTK+twxSztr+1xmn5OP04xWBh3onKh5Gp45lElV9NAE4Y=
x-served-by
cache-mad22082-MAD
last-modified
Thu, 11 Jul 2024 12:23:14 GMT
server
AmazonS3-br
x-timer
S1720847119.527841,VS0,VE0
etag
"63646b4af7062a3efa767a30ddc2f420"
vary
Accept-Encoding
content-type
application/javascript
abp
12
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
2110
cb=gapi.loaded_2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.yt0ljKjs5rs.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo_yzulJpTEe99NXWvLUgho342xMuA/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.yt0ljKjs5rs.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo_yzulJpTEe99NXWvLUgho342xMuA/cb=gapi.loaded_2?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
sffe /
Resource Hash
15ac93425f657629cd95ae465f8cd231e7cd7edad78d508dba5fa734e8f63ac4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 09 Jul 2024 14:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
310809
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9105
x-xss-protection
0
last-modified
Thu, 06 Jun 2024 15:21:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Jul 2025 14:45:09 GMT
subscribe_embed
www.youtube.com/ Frame FEE4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCGJNv0jLqnkp9VbEXTbRd5w&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.yt0ljKjs5rs.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo_yzulJpTEe99NXWvLUgho342xMuA%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.yt0ljKjs5rs.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo_yzulJpTEe99NXWvLUgho342xMuA/cb=gapi.loaded_0?le=scs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f14.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mediaite.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 13 Jul 2024 05:05:18 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-xss-protection
0
border_3.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		43 B
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 09 Jul 2024 10:12:37 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
327161
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/gif
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 09 Jul 2025 10:12:37 GMT
spacer.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 09 Jul 2024 15:27:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
age
308247
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/gif
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 09 Jul 2025 15:27:51 GMT
bubbleSprite_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		318 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 09 Jul 2024 22:37:42 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
282456
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
318
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 09 Jul 2025 22:37:42 GMT
bubbleDropR_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		116 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 09 Jul 2024 09:46:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
age
328735
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
116
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 09 Jul 2025 09:46:23 GMT
bubbleDropB_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 		117 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 09 Jul 2024 09:37:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
age
329250
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
117
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 09 Jul 2025 09:37:48 GMT
google-topics-api.20240711-17-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/google-topics-api.20240711-17-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/abramsmedia-mediaitenetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd9b4cbf21fae5bdbfa55193c97e3485b8f2640cbe7655ba97a34a517aab4486

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id
G7G_DdmtrdbmRJlrQ.eTOoAoLORapQvu
content-encoding
gzip
via
1.1 varnish
date
Sat, 13 Jul 2024 05:05:18 GMT
x-amz-request-id
6FPPQT2TNJ8V2B5J
age
146492
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
979
x-amz-id-2
l8vFDUzkVh5HLWoIyy+cXO9E/Ty38ol54nGYaHtAOcH1MN3X8QhftebZFRKA0gujVUUfNFHVHOk=
x-served-by
cache-mad22082-MAD
last-modified
Thu, 11 Jul 2024 12:23:41 GMT
server
AmazonS3
x-timer
S1720847119.723351,VS0,VE0
etag
"05b930a6720bd44c0b455a58e108af93"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
5
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
229587
sync
gum.criteo.com/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS&us_privacy=1---&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240711-17-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
dbe8e596830dc94145acacd17ebdc3fd9553df87b0cb637d10d338e676a9a831
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 05:05:18 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
339076
expires
60
taboola-browsing-topics.html
cdn.taboola.com/libtrc/static/topics/ Frame A312 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/google-topics-api.20240711-17-RELEASE.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.mediaite.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

abp
24
accept-ranges
bytes
access-control-allow-origin
*
age
54191
cache-control
private,max-age=31536000
content-encoding
gzip
content-length
340
content-type
text/html
date
Sat, 13 Jul 2024 05:05:18 GMT
etag
"8b140f0f0f6e1a0f986cc7d6dfd74d65"
last-modified
Tue, 13 Feb 2024 13:15:59 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 varnish
x-amz-id-2
LWGDGE1PLP+m2VEGO90QMrVBSzlOkAfyHzFmaVHqw3KYVJkVVwglRGVYVOrw9RgCRBxHdC8lgEw=
x-amz-replication-status
COMPLETED
x-amz-request-id
R0ZZ92XNJT9GK5YD
x-amz-server-side-encryption
AES256
x-amz-version-id
4MpQ_aQntJKuJTBB3LGK3B7cfa8k5k0b
x-cache
HIT
x-cache-hits
46692
x-served-by
cache-mad2200127-MAD
x-timer
S1720847119.870176,VS0,VE0
346cd897dcf91b02de302459a4889a6e30a4c357febd3d70db20518b2
soggysponge.com/f78052429/ 		259 B
626 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://soggysponge.com/f78052429/346cd897dcf91b02de302459a4889a6e30a4c357febd3d70db20518b2
Requested by
Host: profusesupport.com
URL: https://profusesupport.com/v2/0/fiwBvTgc29EVE0skMlb3zpzZVVI_r2N9EWtugrJ9eiLo6qiTFlPiUPSIybVGBG50sDwdqewBnnKFw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
123afbccccfd68f5b29a8a1385ceb3fe558cecaf777e4fe1b070ff6b8cf4ffad
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 13 Jul 2024 05:05:18 GMT
strict-transport-security
max-age=15724800; preload
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
br
x-buildnumber
1353145067
alt-svc
h3=":443"; ma=86400
server
cloudflare
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mediaite.com
x-hostname
fen-hoothoot-europe-west1-test-mvfd
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray
8a26bcbc58681ac7-FRA
expires
Sat, 13 Jul 2024 05:05:17 GMT
FixEngageRecovered
soggysponge.com/dist/7d9e02bddab1d6b9ba2a7757104cc4e720e4a33bc57897196a1edb88/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://soggysponge.com/dist/7d9e02bddab1d6b9ba2a7757104cc4e720e4a33bc57897196a1edb88/FixEngageRecovered
Requested by
Host: profusesupport.com
URL: https://profusesupport.com/v2/0/fiwBvTgc29EVE0skMlb3zpzZVVI_r2N9EWtugrJ9eiLo6qiTFlPiUPSIybVGBG50sDwdqewBnnKFw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.24.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3fcb1fe09e2e160fc646ac7c02da667d1a5ac8e828ffd9455c7122fdb899821
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.mediaite.com/
Origin
https://www.mediaite.com
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 05:05:18 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=15724800; preload
cf-cache-status
MISS
x-buildnumber
1353145067
alt-svc
h3=":443"; ma=86400
server
cloudflare
x-datacenter
gce-europe-west1
etag
W/"f3e5502dcf30d11a33013e3992a7071944de5e031a966d16c7f5408c7982011f"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language, Origin
access-control-allow-methods
POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://www.mediaite.com
x-hostname
fen-hoothoot-europe-west1-test-mvfd
cache-control
private, must-revalidate, max-age=21600
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray
8a26bcbc98951ac7-FRA
pmk-20220605.4.js
pm-widget.taboola.com/abramsmedia-mediaitenetwork/ 		69 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/abramsmedia-mediaitenetwork/pmk-20220605.4.js
Requested by
Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/abramsmedia-mediaitenetwork/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
86130925c7dbecb1a2eae2efa1280beb5f583bc983ffb70a20ccc7ed2d52751b

Request headers

Referer
https://www.mediaite.com/
Origin
https://www.mediaite.com
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id
YGuIIXoqAT6KpOrV5_0g3GDmplm_C3b9
content-encoding
gzip
via
1.1 varnish
date
Sat, 13 Jul 2024 05:05:18 GMT
x-amz-request-id
GDVFQQ6M1Z9VGBAJ
age
1475030
x-cache
HIT
content-length
19865
x-amz-id-2
8kNcieEuqsWNFfr9VWvu+zw2IBXjqBYrU3YwUF/8MbcFUizeNg6GiMIxJWki964UIZad4+ELCjE=
x-served-by
cache-mad22057-MAD
last-modified
Fri, 15 Mar 2024 11:43:56 GMT
server
AmazonS3
x-timer
S1720847119.946219,VS0,VE1
etag
"38c6ff5eb44befb5ee4be702879dcef3"
vary
Accept-Encoding, ,Origin
access-control-allow-methods
GET,POST,PUT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
1
chartbeat.js
static.chartbeat.com/js/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:6200:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 12 Jul 2024 16:20:17 GMT
content-encoding
gzip
via
1.1 97e94c27c00c2a3986c6b205fc51001e.cloudfront.net (CloudFront)
last-modified
Wed, 05 Jun 2024 00:13:00 GMT
server
nginx
x-amz-cf-pop
FRA60-P5
age
45902
etag
W/"665fad8c-9895"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
5v7moEj1noxDQfFnY8ggOFv-csEeDtdNv2MNjAMgUGbvtz2kw0IY_A==
expires
Sat, 13 Jul 2024 16:20:17 GMT
favicon.ico
www.mediaite.com/ 		894 B
737 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.mediaite.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3a6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d56c6a7208faa78b0363e0f0468a1d7d537a96f1ff0f6dadfa2ef0dbbf314e3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 05:05:19 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 06 Jul 2017 20:49:57 GMT
server
cloudflare
etag
W/"595ea275-37e"
vary
Accept-Encoding
content-type
image/x-icon
cache-control
max-age=14400
cf-ray
8a26bcbdafd1a5f6-FRA
i.html
ads.adthrive.com/builds/core/406e32c/html/ Frame 8837 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/406e32c/html/i.html
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/406e32c/es2018/js/adthrive.min.js?deployment=2024-07-12-01:acd-467:pr5000:406e32c:4&bucket=flex-10&deliveryFeatures=amazonBetaApstag,consentManagerCMP,manualCookieSync,raptiveFloors,recencyFrequency,reissuingSticky,switzerlandGdpr,ttdSync&siteid=5ac64c79fdf4d60603abe6a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-78.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.mediaite.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

age
267
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Sat, 13 Jul 2024 05:01:01 GMT
etag
W/"7ff33d1082bd05a8e5c77e94bc0fa576"
last-modified
Fri, 12 Jul 2024 17:39:18 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
x-amz-cf-id
p8FcyCTOXKJONmcg3Rd5TTkgr3ocVATSFjwa83_DpQln_0b4EwN_DQ==
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
WvB8yn.PlMazDw6Hae8jM93.E6TCrqy9
x-cache
Hit from cloudfront
prebid.min.js
ads.adthrive.com/builds/core/406e32c/gdpr/vendor/prebid/es2018/s2s/ 		606 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/406e32c/gdpr/vendor/prebid/es2018/s2s/prebid.min.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/406e32c/es2018/js/adthrive.min.js?deployment=2024-07-12-01:acd-467:pr5000:406e32c:4&bucket=flex-10&deliveryFeatures=amazonBetaApstag,consentManagerCMP,manualCookieSync,raptiveFloors,recencyFrequency,reissuingSticky,switzerlandGdpr,ttdSync&siteid=5ac64c79fdf4d60603abe6a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-98.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c132a6033409d8dbd5a21cfdd31ad4fb4f7d6a788633024ee326c261c264cd4

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id
hDPkOGpwUPS4kFXfvbLD5jC6X0yXjhYM
content-encoding
br
via
1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
date
Sat, 13 Jul 2024 05:05:19 GMT
last-modified
Fri, 12 Jul 2024 17:39:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
33
x-amz-server-side-encryption
AES256
etag
W/"2054b617a142beab83f1ac0a1fb14702"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
Rho3oiXq1yydLKVgrBBeBJmsfMAS7yohlsjT1bpS6qslc1V4su-9dg==
apstag.js
c.aps.amazon-adsystem.com/ 		326 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.aps.amazon-adsystem.com/apstag.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/406e32c/es2018/js/adthrive.min.js?deployment=2024-07-12-01:acd-467:pr5000:406e32c:4&bucket=flex-10&deliveryFeatures=amazonBetaApstag,consentManagerCMP,manualCookieSync,raptiveFloors,recencyFrequency,reissuingSticky,switzerlandGdpr,ttdSync&siteid=5ac64c79fdf4d60603abe6a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9bd1d4177f0d80cba31cb90cb6f63a3895fd1a1e439fcc62d5249b7c39372f1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 05:05:20 GMT
content-encoding
br
via
1.1 28f8e84a396255d768dd04c506bf86f0.cloudfront.net (CloudFront)
x-amz-version-id
uccabqffHxZzsXPXF73BtX6gP1zfaqai
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P10
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 11 Jul 2024 13:14:50 GMT
server
AmazonS3
etag
W/"e67aa2e9438d441b441e1fb7c4688736"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
zhjxPr3-jMcrYwEEbKkeblQ7AISducSQhscsyoIRjrviFF8uXn54-g==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		101 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/406e32c/es2018/js/adthrive.min.js?deployment=2024-07-12-01:acd-467:pr5000:406e32c:4&bucket=flex-10&deliveryFeatures=amazonBetaApstag,consentManagerCMP,manualCookieSync,raptiveFloors,recencyFrequency,reissuingSticky,switzerlandGdpr,ttdSync&siteid=5ac64c79fdf4d60603abe6a5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
36b6fcd9e99b58f778ecb3ad1a197f21c662f62846e4e3895de65ce5fb3152f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 05:05:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31991
x-xss-protection
0
server
cafe
etag
719 / 19917 / m202407090101 / config-hash: 1273856019300616712
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 13 Jul 2024 05:05:19 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=mediaite.com&p=%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&u=BJQ__iDpZ9TPDMAZbo&d=mediaite.com&g=3557&g0=Politics&g1=Charlie%20Nash&n=1&f=00001&c=0&x=0&m=0&y=3780&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&b=1634&t=Cylg59D5j2g_RqanEbcsGA2M0en&V=147&i=Human%20Events%20and%20Post%20Millennial%20Websites%20Hacked&tz=-120&sn=1&sv=CS2pyGDkqwdoCVQB5VBv0_KSCUcLm7&sr=external&sd=1&im=067b0ff0&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.63.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-63-64.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 13 Jul 2024 05:05:19 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
count.js
mediaite.disqus.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mediaite.disqus.com/count.js
Requested by
Host: am11.mediaite.com
URL: https://am11.mediaite.com/med/cnt/themes/m2019/js/min/min.js?2401311500
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Date
Sat, 13 Jul 2024 05:05:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=300; includeSubdomains
X-Amz-Cf-Pop
DFW3-C1
Age
221
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 09 Jul 2024 13:14:54 GMT
Server
nginx
ETag
"668d37ce-367"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id
St974-x2OzQ_6l8cRT4Lp77H4oZ4P4Gzwlv5FT9YA2v5a0jkgDbQHQ==
count-data.js
mediaite.disqus.com/ 		716 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mediaite.disqus.com/count-data.js?1=5541044%20https%3A%2F%2Fwww.mediaite.com%2F%3Fp%3D5541044&1=5556786%20https%3A%2F%2Fwww.mediaite.com%2F%3Fp%3D5556786&1=5556795%20https%3A%2F%2Fwww.mediaite.com%2F%3Fp%3D5556795&1=5556813%20https%3A%2F%2Fwww.mediaite.com%2F%3Fp%3D5556813&1=5556818%20https%3A%2F%2Fwww.mediaite.com%2F%3Fp%3D5556818&1=5556852%20https%3A%2F%2Fwww.mediaite.com%2F%3Fp%3D5556852&1=5556857%20https%3A%2F%2Fwww.mediaite.com%2F%3Fp%3D5556857
Requested by
Host: mediaite.disqus.com
URL: https://mediaite.disqus.com/count.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
27e102564d595d947d804947a8506d66f8692ba4b2ced2570c13388934b1674f
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Date
Sat, 13 Jul 2024 05:05:19 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
0
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
716
X-XSS-Protection
1; mode=block
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.aps.amazon-adsystem.com
URL: https://c.aps.amazon-adsystem.com/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-120.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding
gzip
via
1.1 c2a926ef1bafe1ab239d4761594a8098.cloudfront.net (CloudFront)
date
Sat, 13 Jul 2024 03:19:27 GMT
x-amz-cf-pop
FRA2-C1
age
6743
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
PGtHbB5swK9yyjr1G4sHvOWfg9dJMlVL_-sElYu5XG0_W7e7gE8tEQ==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407090101/ 		467 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e26560ac1cafd1b40a57a9752030456e204533d0a9de82d86988baa5c7392b07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 12 Jul 2024 20:42:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
30171
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
149005
x-xss-protection
0
server
cafe
etag
9149364935077818280
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 12 Jul 2025 20:42:28 GMT
40NRYcC2
cdn.jwplayer.com/v2/playlists/ 		110 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/playlists/40NRYcC2?max_resolution=320
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/406e32c/es2018/js/adthrive.min.js?deployment=2024-07-12-01:acd-467:pr5000:406e32c:4&bucket=flex-10&deliveryFeatures=amazonBetaApstag,consentManagerCMP,manualCookieSync,raptiveFloors,recencyFrequency,reissuingSticky,switzerlandGdpr,ttdSync&siteid=5ac64c79fdf4d60603abe6a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:b800:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
19f0f495d2d8b52e3a03ae53e2e8684431a3297da861db54b14ee89a0b4d21c7

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 05:04:14 GMT
content-encoding
gzip
via
1.1 87fae571c6ea0d7d1101b71cc2131bba.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
age
65
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-robots-tag
noindex, indexifembedded
content-length
11456
x-amz-cf-id
JNwXuiFLjfizpDjFBbnQVixJju0LEzEaiMUkkStuoI3ySUg92vqT9A==
expires
Sat, 13 Jul 2024 05:07:14
beacon-ios.js
sb.scorecardresearch.com/internal-cs/6035453/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/6035453/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/6035453/beacon-ios.js
12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/6035453/beacon-ios.js
Protocol
H2
Server
18.244.18.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-38.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dbe68196f39972c46eb2edcd065c7b5f35e3fdcdfbdd4f79cf404000f1d29f7d

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 04:56:31 GMT
content-encoding
gzip
via
1.1 93f1c701362eb59a676baaac7ea81bd8.cloudfront.net (CloudFront)
last-modified
Mon, 15 Apr 2024 09:46:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
529
x-amz-server-side-encryption
AES256
etag
W/"65312d85159eeef144a8a374bc54a1ac"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
otxZfrtClONsuN9BmJamSu9u0FYUSIIvQvwu44aKKIV7YjHUtJC8Ug==

Redirect headers

date
Sat, 13 Jul 2024 05:05:19 GMT
via
1.1 93f1c701362eb59a676baaac7ea81bd8.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P11
x-cache
Miss from cloudfront
location
/internal-cs/6035453/beacon-ios.js
content-length
0
x-amz-cf-id
A-yDT6KTzz7JFmluP9_JuS0ruwYipXd_1EIfXibdXmAfirYtcszFfg==
config.js
cdn.confiant-integrations.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/ 		331 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/config.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/406e32c/es2018/js/adthrive.min.js?deployment=2024-07-12-01:acd-467:pr5000:406e32c:4&bucket=flex-10&deliveryFeatures=amazonBetaApstag,consentManagerCMP,manualCookieSync,raptiveFloors,recencyFrequency,reissuingSticky,switzerlandGdpr,ttdSync&siteid=5ac64c79fdf4d60603abe6a5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a5d7ab01abbd44d8fb8ec81b87bf8d470f684fbfb1d56ef2c37d2dfbd95a70c

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 05:05:19 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
F5A3AA8H5V37EAE1
age
521
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
65357
x-amz-id-2
n/+gZb42XV3OlqIMs3KDVzo5+jxpJUY2oTYlUpfHiXY/4u12xrUj4Eo0JbFkuY8/7K1lfStzDlk=
last-modified
Sat, 13 Jul 2024 03:35:43 GMT
server
cloudflare
etag
"85aec3151d43cd1b9b062661e8c8cc1f"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
cf-ray
8a26bcc3bcd46964-FRA
launchpad-liveramp.js
launchpad-wrapper.privacymanager.io/69e75073-3763-483e-a64c-0d281bfd9225/ 		315 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad-wrapper.privacymanager.io/69e75073-3763-483e-a64c-0d281bfd9225/launchpad-liveramp.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/406e32c/es2018/js/adthrive.min.js?deployment=2024-07-12-01:acd-467:pr5000:406e32c:4&bucket=flex-10&deliveryFeatures=amazonBetaApstag,consentManagerCMP,manualCookieSync,raptiveFloors,recencyFrequency,reissuingSticky,switzerlandGdpr,ttdSync&siteid=5ac64c79fdf4d60603abe6a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-105.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dbbec194bb1980e49f3241f20ace32dfb18e16ce32b0b455ec317d49388c2850

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id
VKY5ciaio.on5QjFmj7nEPs.Ii9y92Ew
content-encoding
gzip
via
1.1 88fd4dc311317996718ed4ed98e5cbda.cloudfront.net (CloudFront)
date
Sat, 13 Jul 2024 01:18:08 GMT
x-amz-cf-pop
FRA60-P7
age
13632
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="launchpad-liveramp.js"
last-modified
Mon, 01 Jul 2024 14:01:33 GMT
server
AmazonS3
etag
W/"0ae472e5f29db7c94f13d3e70aa0c26a"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
xj_SYRkEB17e32j3Q9-LmRAb1yAzOxRiFxD9fQW2WSXgp6Ngs7YAqw==
ads.min.css
ads.adthrive.com/sites/5ac64c79fdf4d60603abe6a5/ 		688 B
981 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/sites/5ac64c79fdf4d60603abe6a5/ads.min.css
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/406e32c/es2018/js/adthrive.min.js?deployment=2024-07-12-01:acd-467:pr5000:406e32c:4&bucket=flex-10&deliveryFeatures=amazonBetaApstag,consentManagerCMP,manualCookieSync,raptiveFloors,recencyFrequency,reissuingSticky,switzerlandGdpr,ttdSync&siteid=5ac64c79fdf4d60603abe6a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-98.fra2.r.cloudfront.net
Software
CloudFront /
Resource Hash
0f89ba1e319462068c896f7469de78055f63c0318e612faf056a82a7c8fd952b

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 12 Jul 2024 19:40:05 GMT
via
1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA2-C1
age
33914
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=3600, s-maxage=86400
content-length
688
x-amz-cf-id
h5g1cgNiTy9HesB2nFT15rsKfoToiYjTWfCCgsL4U_NaDgLddgPc4A==
4fbba76f-7987-4fa2-9733-c27eb3a2170b
config.aps.amazon-adsystem.com/configs/ 		563 B
830 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/4fbba76f-7987-4fa2-9733-c27eb3a2170b
Requested by
Host: c.aps.amazon-adsystem.com
URL: https://c.aps.amazon-adsystem.com/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-65.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
57da007436809f672fd40685d537dff9c1041c6d662e6e98a29442462942a54c

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 04:15:47 GMT
via
1.1 67cd7fbfa7b3b35b6217719b3f0167d2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P8
age
2972
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
563
x-amz-cf-id
x5b5IZw2piz1uF3jhJTTuHWQiYlSrH9H_7W_hkXMh7iszbUBVo3qLw==
config
c.amazon-adsystem.com/cdn/prod/ 		494 B
853 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.mediaite.com&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b
Requested by
Host: c.aps.amazon-adsystem.com
URL: https://c.aps.amazon-adsystem.com/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-120.fra2.r.cloudfront.net
Software
Server /
Resource Hash
068fcfb02c6a1bb3605aa25f2ca8f71cd9317c4fd909dd2a682defc8189fd35f

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 01:20:48 GMT
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
age
13470
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.mediaite.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
494
x-amz-cf-id
92J_oSHCFfdD4LcnRcFLOWzefLXYUDl9Tmfet_V1lj_5A8WGHY3W3A==
bid
aax.amazon-adsystem.com/e/dtb/ 		64 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&pid=AKoH9ew1DbJw6&cb=0&ws=1600x1200&v=24.626.1741&t=1800&slots=%5B%7B%22sd%22%3A%22AdThrive_Footer_1_desktop%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Footer_1%2F5ac64c79fdf4d60603abe6a5%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A14%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%7D&schain=1.0%2C1%21cafemedia.com%2C5ac64c79fdf4d60603abe6a5%2C1%2C%2C%2C&gpp=DBAA&gpp_sid=%5B2%5D&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdpre=1&gdprc=CQBsInAQBsInAAfPSBENA9EgAAAAAEPgAAigAAAPkgRAAIgAUABYAFQAOAAeABAADIAGgAPAAmABVADMAGgAPQAfgBCACOAGAAMoAaIA5ABzgDuAH7AQcBCACLAF1ANeAdsA9oChwF5gMkAfIAAA.YAAACHwAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&_c=1
Requested by
Host: c.aps.amazon-adsystem.com
URL: https://c.aps.amazon-adsystem.com/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.143.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-143-149.fra60.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 05:05:19 GMT
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.mediaite.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
YgxRTkvhbluSriuiI37Zt08jNDaAALAsW96AXrrfe1WCypNRkG-5Vw==
bid
aax.amazon-adsystem.com/e/dtb/ 		64 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&pid=AKoH9ew1DbJw6&cb=1&ws=1600x1200&v=24.626.1741&t=1800&slots=%5B%7B%22sd%22%3A%22AdThrive_Sidebar_9_desktop%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22320x50%22%2C%22160x600%22%2C%22336x280%22%2C%22300x50%22%2C%22320x100%22%2C%22250x250%22%2C%22300x420%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Sidebar_9%2F5ac64c79fdf4d60603abe6a5%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A16%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%7D&schain=1.0%2C1%21cafemedia.com%2C5ac64c79fdf4d60603abe6a5%2C1%2C%2C%2C&gpp=DBAA&gpp_sid=%5B2%5D&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdpre=1&gdprc=CQBsInAQBsInAAfPSBENA9EgAAAAAEPgAAigAAAPkgRAAIgAUABYAFQAOAAeABAADIAGgAPAAmABVADMAGgAPQAfgBCACOAGAAMoAaIA5ABzgDuAH7AQcBCACLAF1ANeAdsA9oChwF5gMkAfIAAA.YAAACHwAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&_c=1
Requested by
Host: c.aps.amazon-adsystem.com
URL: https://c.aps.amazon-adsystem.com/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.143.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-143-149.fra60.r.cloudfront.net
Software
Server /
Resource Hash
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 05:05:19 GMT
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.mediaite.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
1sNkieVizEcSDmGh_Mswp9EgXSqzcdQq9rFxx6hwbm_5Ov5q1ksOlw==
bid
aax.amazon-adsystem.com/e/dtb/ 		64 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&pid=AKoH9ew1DbJw6&cb=2&ws=1600x1200&v=24.626.1741&t=1800&slots=%5B%7B%22sd%22%3A%22AdThrive_Content_1_desktop%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%2C%22320x50%22%2C%22336x280%22%2C%22300x50%22%2C%22320x100%22%2C%22468x60%22%2C%22250x250%22%2C%221x1%22%2C%22300x300%22%2C%22552x334%22%2C%22728x250%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Content_1%2F5ac64c79fdf4d60603abe6a5%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A19%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%7D&schain=1.0%2C1%21cafemedia.com%2C5ac64c79fdf4d60603abe6a5%2C1%2C%2C%2C&gpp=DBAA&gpp_sid=%5B2%5D&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdpre=1&gdprc=CQBsInAQBsInAAfPSBENA9EgAAAAAEPgAAigAAAPkgRAAIgAUABYAFQAOAAeABAADIAGgAPAAmABVADMAGgAPQAfgBCACOAGAAMoAaIA5ABzgDuAH7AQcBCACLAF1ANeAdsA9oChwF5gMkAfIAAA.YAAACHwAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&_c=1
Requested by
Host: c.aps.amazon-adsystem.com
URL: https://c.aps.amazon-adsystem.com/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.143.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-143-149.fra60.r.cloudfront.net
Software
Server /
Resource Hash
f0fe7e69e970311a87c3b57b217e6fc19f0a65b25813ad64426169712f61e402

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 05:05:19 GMT
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.mediaite.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
U9P0fc-uD6FT5nWeXhmEtc5Ny-f4ujGhRj9yODN0_8Pv6DHE6K6pkA==
bid
aax.amazon-adsystem.com/e/dtb/ 		64 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&pid=AKoH9ew1DbJw6&cb=3&ws=1600x1200&v=24.626.1741&t=1800&slots=%5B%7B%22sd%22%3A%22AdThrive_Content_2_desktop%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%2C%22320x50%22%2C%22336x280%22%2C%22300x50%22%2C%22320x100%22%2C%22468x60%22%2C%22250x250%22%2C%221x1%22%2C%22300x300%22%2C%22552x334%22%2C%22728x250%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Content_2%2F5ac64c79fdf4d60603abe6a5%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A9%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%7D&schain=1.0%2C1%21cafemedia.com%2C5ac64c79fdf4d60603abe6a5%2C1%2C%2C%2C&gpp=DBAA&gpp_sid=%5B2%5D&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdpre=1&gdprc=CQBsInAQBsInAAfPSBENA9EgAAAAAEPgAAigAAAPkgRAAIgAUABYAFQAOAAeABAADIAGgAPAAmABVADMAGgAPQAfgBCACOAGAAMoAaIA5ABzgDuAH7AQcBCACLAF1ANeAdsA9oChwF5gMkAfIAAA.YAAACHwAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&_c=1
Requested by
Host: c.aps.amazon-adsystem.com
URL: https://c.aps.amazon-adsystem.com/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.143.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-143-149.fra60.r.cloudfront.net
Software
Server /
Resource Hash
e74fc9882fd1b046474630282635991e5aa59cb761302f13d7a304c1a3bae89b

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 05:05:19 GMT
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.mediaite.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
IXazjA7Ymvd_etq_6ZIbU8zew9Sc7eck6oW6j9wFwTBfea98ZuMOxQ==
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202402121010/ 		300 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202402121010/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83fb5073665d9434da512303204b7628f0e5905071c54bb50f0d46bf807b1963

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 05:05:20 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
CPJNVX3WBRE4ZCNK
age
8674242
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
109265
x-amz-id-2
e07/SAF/BZ1ID7UPSLRJVa5RvKYvSWp2sOAV2ESBALKyvwi4AqooiTQrsJdMRCRi0dU/l43xhzA=
last-modified
Mon, 12 Feb 2024 15:11:18 GMT
server
cloudflare
etag
"3d93a0af15b12fc9dbbc93edd96a2b7f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a26bcc44d1e6964-FRA
launchpad.bundle.js
launchpad.privacymanager.io/latest/ 		155 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by
Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/69e75073-3763-483e-a64c-0d281bfd9225/launchpad-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-78.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9f3b1f8338765052b8997f05c84f174819a9ddf6be230a213a28e08e18814b15

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id
_TI.1jbqvSJo.LKwY0QUykU_4fkAFecP
content-encoding
br
via
1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
date
Sat, 13 Jul 2024 04:07:02 GMT
last-modified
Mon, 01 Jul 2024 11:09:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
3499
x-amz-server-side-encryption
AES256
etag
W/"252663f5c16b21323bb27421a73bf2b7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
yOSMHWJz3tcTLmlbKOGkSKsxSfqgmYhsoMQ0xwlLW8LF5iW1mcehvQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		64 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&pid=AKoH9ew1DbJw6&cb=4&ws=1600x1200&v=24.626.1741&t=1800&slots=%5B%7B%22sd%22%3A%22AdThrive_Sidebar_2_desktop%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x50%22%2C%22336x280%22%2C%22300x50%22%2C%22320x100%22%2C%22250x250%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Sidebar_2%2F5ac64c79fdf4d60603abe6a5%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A16%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%7D&schain=1.0%2C1%21cafemedia.com%2C5ac64c79fdf4d60603abe6a5%2C1%2C%2C%2C&gpp=DBAA&gpp_sid=%5B2%5D&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdpre=1&gdprc=CQBsInAQBsInAAfPSBENA9EgAAAAAEPgAAigAAAPkgRAAIgAUABYAFQAOAAeABAADIAGgAPAAmABVADMAGgAPQAfgBCACOAGAAMoAaIA5ABzgDuAH7AQcBCACLAF1ANeAdsA9oChwF5gMkAfIAAA.YAAACHwAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&_c=1
Requested by
Host: c.aps.amazon-adsystem.com
URL: https://c.aps.amazon-adsystem.com/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.143.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-143-149.fra60.r.cloudfront.net
Software
Server /
Resource Hash
13ca66cf6767366a16dcab079a022ab7efaff7ad1f44fe904543916d56bb2d9b

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 05:05:19 GMT
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.mediaite.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
tsUD6ZdHgXo_isdRNfzPZL_6YMuJXlbFqqwnLPufB4tMTvGUEIraRw==
bid
aax.amazon-adsystem.com/e/dtb/ 		64 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&pid=AKoH9ew1DbJw6&cb=5&ws=1600x1200&v=24.626.1741&t=1800&slots=%5B%7B%22sd%22%3A%22AdThrive_Sidebar_1_desktop%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x50%22%2C%22336x280%22%2C%22300x50%22%2C%22320x100%22%2C%22250x250%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Sidebar_1%2F5ac64c79fdf4d60603abe6a5%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A16%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%7D&schain=1.0%2C1%21cafemedia.com%2C5ac64c79fdf4d60603abe6a5%2C1%2C%2C%2C&gpp=DBAA&gpp_sid=%5B2%5D&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdpre=1&gdprc=CQBsInAQBsInAAfPSBENA9EgAAAAAEPgAAigAAAPkgRAAIgAUABYAFQAOAAeABAADIAGgAPAAmABVADMAGgAPQAfgBCACOAGAAMoAaIA5ABzgDuAH7AQcBCACLAF1ANeAdsA9oChwF5gMkAfIAAA.YAAACHwAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&_c=1
Requested by
Host: c.aps.amazon-adsystem.com
URL: https://c.aps.amazon-adsystem.com/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.143.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-143-149.fra60.r.cloudfront.net
Software
Server /
Resource Hash
0f790bdfb9c12c83da88b657a00be6b9aee3d14d167002faaa9562bc74404325

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 05:05:19 GMT
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.mediaite.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
DC8ehdcuyLiVWVLL0lgz51yoRm-Hb6oV2W8uzTNf9S_tSAGGrHN9qA==
/
geo.privacymanager.io/ 		30 B
627 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-59.fra60.r.cloudfront.net
Software
/
Resource Hash
a57258a3f51dc6ee13ca490ab8e780ed443e5725a650e7f085f1c67325784461

Request headers

Accept
application/json
Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Content-Type
application/json

Response headers

date
Fri, 12 Jul 2024 17:34:25 GMT
via
1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront), 1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, FRA60-P3
age
41455
x-amzn-trace-id
Root=1-66916921-6518bcb604c8d55d2bc8f85c;Parent=4362be8eab122af8;Sampled=0;lineage=06620786:0
x-amzn-requestid
51b7c9fa-ff25-46d4-9577-b8e66a83d492
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id
az1dOGWZDoEELnQ=
content-length
30
x-amz-cf-id
xX5hng8ysVDa3CPQ5FCBPE4qrK32xfkpEEO8-vPzo25MswV_Lh651Q==
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-59.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.mediaite.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Sat, 13 Jul 2024 05:05:20 GMT
via
1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront), 1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
x-amz-apigw-id
a1aqlEYzjoEEgKQ=
x-amz-cf-id
RcucGZ00PJj5l6R0YNhzdi8HHPbbiVryBnGEDp-nrn63AkXUakMZUw==
x-amz-cf-pop
FRA56-P3 FRA60-P3
x-amzn-requestid
c81ab240-8471-41ec-a31a-903c93668d04
x-cache
Miss from cloudfront
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
fb5b8acb6ba3c170c723fd98e0877e70070d3e91d3e465ccbdf3b8f2f9b287b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 13 Jul 2024 05:05:21 GMT
content-md5
h1C6sNx3lVyIcYUw7as0Tg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=10, rtx=0, c=23, mss=1232, tbw=4614, tp=11, tpl=0, uplat=0, ullat=-1
x-fb-debug
EOWurMWO3Q4yvHI3B7jxCYkEAEfiP80h3u870IxTzv3U06At4GRMBnuB9+t/tFoif/GuSLs9pkjfblfubhWDOA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
879b309da3aa8b500b2813793a5343be
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"a1f5bff4ece3bc20cef766f75fd75080"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Sat, 13 Jul 2024 05:14:47 GMT
widgets.js
platform.twitter.com/ 		91 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 05:05:21 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
27597
x-served-by
cache-iad-kjyo7100044-IAD, cache-fra-etou8220110-FRA
last-modified
Mon, 11 Dec 2023 17:20:28 GMT
etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
tw-cdn
FT
all.js
connect.facebook.net/en_US/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=9b4c51a02e319967b8477d46ca68b7a1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
242754e77d4180dcf52c3f402516c66f29b36652cad58807589c41156dde6357
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.mediaite.com/
Origin
https://www.mediaite.com
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 13 Jul 2024 05:05:21 GMT
content-md5
427jriLcZiisohy3ObA1nQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88544
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=7, rtx=0, c=23, mss=1232, tbw=4292, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug
8mWy9GswdqeHLMMTyQkIoWotqRIW4oYQ5ftR6y1oLonjDmLaEAK6+sbk/32Qvi0eIjK4UJunHq1/JYRfzqKGaQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
24b7d21c4bedddeba3760a0e112b453f
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"54f65492cee1fd41b2366cd6c8798d7b"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Sun, 13 Jul 2025 04:09:12 GMT
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame 3D51 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.mediaite.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.mediaite.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

accept-ranges
bytes
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
105429
content-type
text/html; charset=utf-8
date
Sat, 13 Jul 2024 05:05:21 GMT
etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
last-modified
Mon, 11 Dec 2023 17:19:49 GMT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn
FT
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-served-by
cache-iad-kjyo7100176-IAD, cache-fra-etou8220116-FRA
share_button.php
www.facebook.com/plugins/ Frame 099A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f7e086120075fa7%26domain%3Dwww.mediaite.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.mediaite.com%252Ff48a1cfb685f32abf%26relation%3Dparent.parent&container_width=67&href=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&layout=button&locale=en_US&sdk=joey
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=9b4c51a02e319967b8477d46ca68b7a1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mediaite.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jul 2024 05:05:22 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=12, rtx=0, c=10, mss=1297, tbw=2769, tp=-1, tpl=-1, uplat=267, ullat=0
x-fb-debug
c7ySw4s8j9sG05WgjPo4zMTJ5PoJkcVTUnVA/89oqE3Q6td3ZXXGJxn06J+U00UTC5KSnSGWsEGkp40PQy44Ig==
x-xss-protection
0
i.js
tag.bounceexchange.com/3721/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.bounceexchange.com/3721/i.js
Requested by
Host: am11.mediaite.com
URL: https://am11.mediaite.com/med/cnt/themes/m2019/js/min/min.js?2401311500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
250.253.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
72f6c3432af686b59d9983ac7207b6516c33f321dc8de085aef5799af255bbee

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 04:58:02 GMT
content-encoding
gzip
x-envoy-decorator-operation
tag-router.tag-router.svc.cluster.local:80/*
via
1.1 google
age
440
x-envoy-upstream-service-time
0
x-region
us-central1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2400
server
istio-envoy
etag
15f8c38096d034
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=60
timing-allow-origin
*
link
<https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect
load.js
s.ntv.io/serve/ 		570 KB
179 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: am11.mediaite.com
URL: https://am11.mediaite.com/med/cnt/themes/m2019/js/min/min.js?2401311500
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.185.46 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-185-46.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7a075245e7a64b4a1841097d0f9485e0969a2f1124e57518afa2ecb4712cba6e

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

Date
Sat, 13 Jul 2024 05:05:22 GMT
Content-Encoding
gzip
x-amz-request-id
K23V1T8ZAP5S4HEE
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
wt527BVYpGPEBny01IqoodwdN1QAF0x0Mq2g81SnTRHanzTJOXdAjCykIjX6YstNS57GgRqIFhM=
Last-Modified
Tue, 09 Jul 2024 23:23:56 GMT
Server
AmazonS3
ETag
"2f8fbd563a9b6f37409fdcdfab8a4da2"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
script.js
powerad.ai/ 		211 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://powerad.ai/script.js
Requested by
Host: am11.mediaite.com
URL: https://am11.mediaite.com/med/cnt/themes/m2019/js/min/min.js?2401311500
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.23.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-23-185.compute-1.amazonaws.com
Software
/ Express
Resource Hash
5270e54f1a92254ebced9bbba6d94104c5691994bb9cb2b696326d714e3d42e7

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 05:05:22 GMT
content-encoding
gzip
last-modified
Mon, 17 Jun 2024 09:49:49 GMT
x-powered-by
Express
etag
W/"34a7c-190259a53f2"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=172800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
button.856debeac157d9669cf51e73a08fbc93.js
platform.twitter.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.856debeac157d9669cf51e73a08fbc93.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 05:05:22 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
2620
x-served-by
cache-iad-kjyo7100074-IAD, cache-fra-etou8220110-FRA
last-modified
Mon, 11 Dec 2023 17:19:47 GMT
etag
"fdf02dd038ed38dbf3c240d56262af0c+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
tw-cdn
FT
tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
platform.twitter.com/widgets/ Frame C3CE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.mediaite.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

accept-ranges
bytes
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
12332
content-type
text/html; charset=utf-8
date
Sat, 13 Jul 2024 05:05:22 GMT
etag
"e29e65db7bf0a096587728e1faacfd9c+gzip"
last-modified
Mon, 11 Dec 2023 17:19:48 GMT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn
FT
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-served-by
cache-iad-kcgs7200168-IAD, cache-fra-etou8220116-FRA
embeds
syndication.twitter.com/i/jot/ 		43 B
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22mediaite%22%2C%22widget_creator_screen_name%22%3A%22mediaite%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1720847122153%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=493923d96f3188c310ad8f1cc12eb7deba28471f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

x-response-time
112
date
Sat, 13 Jul 2024 05:05:21 GMT
strict-transport-security
max-age=631138519
last-modified
Sat, 13 Jul 2024 05:05:22 GMT
server
tsa_o
vary
Origin
content-type
image/gif
x-transaction-id
c2e6fd0cf24eff4c
cache-control
must-revalidate, max-age=600
perf
7402827104
x-connection-hash
eb8e790b6a1e15ac0c40749f1330dc04bda62640d5f1b2203c46e26d9a1282e7
content-length
43
runtime_6459738026535cda4232dc813c61447d.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/runtime_6459738026535cda4232dc813c61447d.br.js
Requested by
Host: tag.bounceexchange.com
URL: https://tag.bounceexchange.com/3721/i.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
59f1b7d93f47fcc926143154888aa471910eaf81c3c41270b61cfe012dda08df

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 25 Jun 2024 03:41:52 GMT
content-encoding
br
age
1560210
x-guploader-uploadid
ACJd0NpST0L3e3iNDDmETLF_TTs6ivMvSxlDk2hNJ7ixun9dbwxjWUABVs6ypdFkSD6-yyYPT6_CMQti7Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1316
last-modified
Thu, 20 Jun 2024 14:05:04 GMT
server
UploadServer
etag
"09512239cb2a22728ca9f8608dfc2181"
x-goog-generation
1713883050962681
ad-auction-allowed
true
access-control-allow-origin
*
x-goog-hash
crc32c=BS9gKg==, md5=CVEiOcsqInKMqfhgjfwhgQ==
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
1316
accept-ranges
bytes
content-type
text/javascript
main-v2_f01faeed4f261176a71666567394c61a.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		499 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_f01faeed4f261176a71666567394c61a.br.js
Requested by
Host: tag.bounceexchange.com
URL: https://tag.bounceexchange.com/3721/i.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9f9e72467e556b193d96c4a3cf06cf82ea3ac7d2dc87431b1bbfbde5f0ea9b76

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 10 Jul 2024 20:07:41 GMT
content-encoding
br
age
205061
x-guploader-uploadid
ACJd0NqgyykVTvoFN4qJHfJ_33aQRj3IaiRcDuy9Nk2T3zkb0NsQt1RFtgM9OVs3y9Y1qYsxrYq3HWSPYw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111559
last-modified
Wed, 10 Jul 2024 20:07:33 GMT
server
UploadServer
etag
"ec2154a211aad04436477a35f412d033"
x-goog-generation
1720642053346262
ad-auction-allowed
true
access-control-allow-origin
*
x-goog-hash
crc32c=Y9fkEw==, md5=7CFUohGq0EQ2R3o19BLQMw==
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
111559
accept-ranges
bytes
content-type
text/javascript
onsite-v2_0e56ab6ba004ee080ce3deb3edae35e9.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite-v2_0e56ab6ba004ee080ce3deb3edae35e9.br.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_f01faeed4f261176a71666567394c61a.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f10699f59e4285b87af5097e4ba9e470ee29b4f3487fa767f2818bdbbdd6bb14

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 25 Jun 2024 03:41:52 GMT
content-encoding
br
age
1560210
x-guploader-uploadid
ACJd0NoQWZu-_-v6dSGskELL0vFIkmOl3Vn_Xa3hqT-L7i7-tKJvikpvTONKHZCgbEDvklsP4w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5003
last-modified
Thu, 20 Jun 2024 14:04:58 GMT
server
UploadServer
etag
"7ff99b6f1cea743cef749de91009e764"
x-goog-generation
1713883044855037
ad-auction-allowed
true
access-control-allow-origin
*
x-goog-hash
crc32c=qFvE1Q==, md5=f/mbbxzqdDzvdJ3pEAnnZA==
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
5003
accept-ranges
bytes
content-type
text/javascript
ads-v2_9299f60775d267b57110c55646cbcb63.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		172 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/ads-v2_9299f60775d267b57110c55646cbcb63.br.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_f01faeed4f261176a71666567394c61a.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
fd1aea0e2cdb0b89e9363991d67bfd16fa43bb5f2d7b059829f2cbd28c5ccdd9

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 10 Jul 2024 15:24:53 GMT
content-encoding
br
age
222029
x-guploader-uploadid
ACJd0Nqzsnc3Q2pWyK3HbTxV2mJi_mkgEW_fmPdAimzsNWH7zFPiRbG130Bo0ou1EWTjx7JXlS4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38984
last-modified
Wed, 10 Jul 2024 15:24:44 GMT
server
UploadServer
etag
"da0b47cff24e894ebd76f8db0c5d26f3"
x-goog-generation
1720625084479260
ad-auction-allowed
true
access-control-allow-origin
*
x-goog-hash
crc32c=+MqzRw==, md5=2gtHz/JOiU69dvjbDF0m8w==
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
38984
accept-ranges
bytes
content-type
text/javascript
jquery-3.7.1.min.js
assets.bounceexchange.com/assets/bounce/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/jquery-3.7.1.min.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_f01faeed4f261176a71666567394c61a.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 05 Jul 2024 20:35:17 GMT
content-encoding
br
age
635405
x-guploader-uploadid
ACJd0NoWiEFlTaV-X3i57kwiGpnZGElReH8wVhG9Qkz6NYWCIiDXEvg-Fx0Krbctwo_PJgx4_p6R9giQPA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31009
last-modified
Mon, 01 Jul 2024 15:41:34 GMT
server
UploadServer
etag
W/"2c872dbe60f4ba70fb85356113d8b35e"
vary
Accept-Encoding
x-goog-generation
1719848494006967
ad-auction-allowed
true
access-control-allow-origin
*
x-goog-hash
crc32c=fsBEgw==, md5=LIctvmD0unD7hTVhE9izXg==
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
87533
accept-ranges
none
content-type
text/javascript; charset=UTF-8
bx_suppress
events.bouncex.net/track.gif/ 		42 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bx_suppress?reason=tcf&status=no_consent&uspString=undefined&details=library%20unknown%20consent&message=unexpected%20response&regulation=GDPR&websiteid=3721&source=web&agent=user
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Sat, 13 Jul 2024 05:05:22 GMT
x-envoy-decorator-operation
event-collector.event-collector.svc.cluster.local:80/*
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
topics.html
postrelease.com/iframes/ Frame 8AF6 		0
0
t
jadserve.postrelease.com/ 		0
0
/
reporting.powerad.ai/ 		2 B
272 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://reporting.powerad.ai/
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.234.151.247 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 13 Jul 2024 05:05:22 GMT
server
nginx/1.18.0 (Ubuntu)
x-powered-by
Express
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
2
detect-aau
powerad.ai/ 		0
0
detect-aau
powerad.ai/ 		0
0
pwt.js
ads.pubmatic.com/AdServer/js/pwt/157577/2378// Frame B094 		250 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Requested by
Host: www.mediaite.com
URL: https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.53.112.234 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-53-112-234.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
762a6921a033f9c9921fa1d1ef75351b4e82685fd77e6eafd97134a8cd4436c0

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 05:05:22 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:26:15 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=26686
accept-ranges
bytes
content-length
77836
expires
Sat, 13 Jul 2024 12:30:08 GMT
pbjs_wrapper.v2.0.js
hb.brainlyads.com/ Frame 826C 		0
0
/
powerad.ai/pubPls/ 		36 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://powerad.ai/pubPls/?width=1600&url=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.23.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-23-185.compute-1.amazonaws.com
Software
/ Express
Resource Hash
4e9c4c011ffbb25a1fc0b1d398e49c27aee525245f65128800d84271b5af25a7

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 05:05:22 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"8eb4-ObaRaiWIshOo4Sbwo9ra9yz5fUA"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.mediaite.com
access-control-allow-credentials
true
access-control-allow-headers
*
prebid.js
hb.brainlyads.com/ Frame B094 		0
0
Hc6PdfQeAi.js
pixel.zprk.io/v5/pixeljs/ 		0
0
js
www.googletagmanager.com/gtag/ 		208 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-137034616-18
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
77f175079c4b94c1fca50c56764822f05928deb29db51652594a93f3dca3b7b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 05:05:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76851
x-xss-protection
0
last-modified
Sat, 13 Jul 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 13 Jul 2024 05:05:22 GMT
js
www.googletagmanager.com/gtag/ 		208 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-137034616-18&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ECWL4EPTZN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2b65c5bdfce3d669803a4e18c71b5af91f33c1f86c2549d38a729c6e05160b9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 05:05:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76848
x-xss-protection
0
last-modified
Sat, 13 Jul 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 13 Jul 2024 05:05:22 GMT
251
a.ad.gt/api/v1/u/matches/ 		0
0
px.js
p.cpx.to/p/12967/ 		0
0
js
www.googletagmanager.com/gtag/ 		0
0
analytics.js
www.google-analytics.com/ 		52 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137034616-18
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 13 Jul 2024 03:41:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5057
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 13 Jul 2024 05:41:01 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1759221274&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&ul=de-de&de=UTF-8&dt=Human%20Events%20and%20Post%20Millennial%20Websites%20Hacked&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAUABAAAAICAAIg~&cid=1515414796.1720847118&tid=UA-137034616-18&_gid=794253796.1720847118&gtm=457e4790za200zb896814065&gcd=13m3l3m2m5&dma_cps=-&dma=1&tag_exp=0&jsscut=1&gcs=G10-&tcfd=10v4b&npa=1&z=483017591
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mediaite.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Fri, 12 Jul 2024 23:21:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
20635
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
json
trc.taboola.com/abramsmedia-mediaite/trc/3/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
postrelease.com
URL
https://postrelease.com/iframes/topics.html
Domain
jadserve.postrelease.com
URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&ntv_mvi&us_privacy=1---
Domain
powerad.ai
URL
https://powerad.ai/detect-aau?ch=2
Domain
powerad.ai
URL
https://powerad.ai/detect-aau?ch=1
Domain
hb.brainlyads.com
URL
https://hb.brainlyads.com/pbjs_wrapper.v2.0.js
Domain
hb.brainlyads.com
URL
https://hb.brainlyads.com/prebid.js
Domain
pixel.zprk.io
URL
https://pixel.zprk.io/v5/pixeljs/Hc6PdfQeAi.js?dne=1
Domain
a.ad.gt
URL
https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F&ref=
Domain
p.cpx.to
URL
https://p.cpx.to/p/12967/px.js
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=G-N65BDYR3C2&l=dataLayer&cx=c
Domain
trc.taboola.com
URL
https://trc.taboola.com/abramsmedia-mediaite/trc/3/json?tim=07%3A05%3A23.746&lti=deflated&data=%7B%22id%22%3A930%2C%22ii%22%3A%22%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1720708533520%2C%22vi%22%3A1720847123745%2C%22cv%22%3A%2220240711-17-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cmps%22%3A0%2C%22ga%22%3Atrue%2C%22tcs%22%3A%22CQBsInAQBsInAAfPSBENA9EgAAAAAEPgAAigAAAPkgRAAIgAUABYAFQAOAAeABAADIAGgAPAAmABVADMAGgAPQAfgBCACOAGAAMoAaIA5ABzgDuAH7AQcBCACLAF1ANeAdsA9oChwF5gMkAfIAAA.YAAACHwAAAA%22%2C%22gwto%22%3Atrue%2C%22ccpa_ps%22%3A%221---%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.mediaite.com%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2F%22%2C%22vpi%22%3A%22%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3901%2C%22nsid%22%3A%22abramsmedia-mediaitenetwork%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Apub%3Dabramsmedia-mediaitenetwork%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A2963.25%2C%22mw%22%3A735%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A2%2C%22uim%22%3A%22thumbnails-rr%3Apub%3Dabramsmedia-mediaitenetwork%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22cd%22%3A2193.984375%2C%22mw%22%3A340%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fpolitics%2Fconservative-news-websites-hacked-replaced-with-page-leaking-private-information%2CBelow%20Article%20Thumbnails%3Dalternating-thumbnails-a%3Apub%3Dabramsmedia-mediaitenetwork%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%3Dthumbnails-rr%3Apub%3Dabramsmedia-mediaitenetwork%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2

Verdicts & Comments Add Verdict or Comment

339 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| __reach_config function| powerpress_pinw function| fbq function| _fbq function| documentInitOneSignal function| OneSignal string| newsletterURL object| phpProps function| FontFaceObserver object| Cookies function| disqus_config function| admiral object| googletag object| amTargeting object| adthrive object| _comscore number| _sf_startpt object| _sf_async_config function| gtag object| dataLayer object| _taboola object| _qevents object| twitterShareButton function| arrayShuffle function| disqusScript object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| gapi object| ___jsl string| GoogleAnalyticsObject function| ga function| nextMillenniumLoadFooter function| nativoLoadFooter function| bouncexLoad function| twq number| lazyEmbedsYMargin number| lazyEmbedsTimeout object| COMSCORE object| ns_p function| quantserve function| __qc object| ezt object| _F_toggles object| osapi object| gadgets object| iframer object| __gapi_jstiming__ number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow function| 4dm1r11545242527 boolean| gdprAppliesGlobally string| cmp_cdid string| cmp_host string| cmp_cdn string| cmp_proto string| cmp_codesrc function| cmp_getsupportedLangs function| cmp_getRTLLangs function| cmp_getlang function| cmp_extractlang function| cmp_getlangs function| cmp_getPageLangs function| cmp_getPageLang function| cmp_getLangsFromURL function| cmp_getXMLLang function| cmp_rc function| cmp_stub function| cmp_dsastub function| cmp_gppstub function| cmp_gpp_ping function| cmp_addFrame function| cmp_msghandler function| cmp_setStub function| cmp_setGppStub function| __cmp function| __tcfapi function| __uspapi function| __gpp function| __dsa object| adthriveCLS object| regeneratorRuntime object| twttr object| gaplugins object| gaData object| cmp_config_data object| cmp_scripts function| cmp_loadCS function| cmp_append_script function| cmp_append_script2 function| cmp_script_loaded function| cmp_gppmanifest function| cmp_fibo function| cmp_reader function| cmp_writer function| cmp_cs function| cmp_lang function| cmp_purpose function| cmp_stack function| cmp_vendor function| cmp_utils function| cmp_snapshot function| cmp_storage function| cmp_gpp_helper function| cmp_api function| cmp_contentblocking function| cmp_behavior function| cmp_amp function| cmp_eventwrapper function| cmp_html function| cmp_wcagdialog function| cmp_display function| cmp_display_age function| cmp_display_background function| cmp_display_images function| cmp_display_langchoice function| cmp_display_policy function| cmp_display_qr function| cmp_display_welect function| cmpsource function| cmpmngr_queryfile string| cmpccsversionbuild function| cmp_unq function| cmp_fnd number| cmpccsversion function| btoa2 function| atob2 function| cmp_loadconsole object| cmp_dataLayer function| cmp_gtag function| cmp_getGPPManifests function| cmp_regulations function| cmp_getregulation function| cmp_affiliatedomains function| cmp_awindomains function| cmp_getcss object| cmpmngr function| cmp_gc function| cmp_hc function| __cmapi object| __cmp_langs_loaded function| cmp_svg_no function| cmp_svg_yes function| cmp_svg_yesorange function| cmp_svg_noorange function| cmp_svg_multi function| cmp_svg_nodisabled function| cmp_svg_yesdisabled function| cmp_svg_icologoiablogo function| cmp_svg_icomatexternal_link function| cmp_svg_icoprv58 function| cmp_svg_icoprv36 function| cmp_svg_icoprv40 function| cmp_svg_icoprv34 function| cmp_svg_icoprv28 function| cmp_svg_icoprv33 function| cmp_svg_icoprv32 function| cmp_svg_icoprv30 function| cmp_svg_icoprv42 function| cmp_svg_icoprv35 function| cmp_svg_icoprv46 function| cmp_svg_icoprv41 function| cmp_svg_icoprv57 function| cmp_svg_icoprv54 object| cmp_loadedLangs number| cmpGDPR string| cmpRegulation string| cmpConsentString string| cmpCurrentStatus string| cmpLastStatus string| cmpLastTCFStatus string| cmpLoadingStatus string| cmpDisplayStatus string| cmpVendorsConsent string| cmpCustomVendorsConsent string| cmpGoogleVendorsConsent string| cmpPurposesConsent string| cmpCustomPurposeConsent string| cmpConsentVendors string| cmpConsentPurposes string| cmpLIVendors string| cmpLIPurposes string| cmpIABUSP number| cmpDesignId boolean| consentExists string| userChoiceType string| userChoiceStatus object| utag_data function| cmp_spachange function| _typeof object| TRC object| _tblConsole string| pm_pgtp function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level object| TRCImpl string| GUM_DOMAIN string| CONFIG_CSM_DOMAIN_NAME string| CALLER_ID function| CONFIG_JS_CALLBACK number| CONFIG_RTUS_RESPONSE_RECEIVED_TIMEOUT_MS object| criteo_syncframe_state string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation object| pmglb object| _pm_ecd function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter object| admrlWpJsonP number| __admiralPMNextID object| __admiralTemplates object| _pmk function| TBWidgetFacebook function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| Me object| image number| _sf_endpt object| pbjs object| apstag object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| _pbjsGlobals object| DISQUSWIDGETS object| _aps boolean| apstagLOADED object| ggeac object| google_js_reporting_queue object| confiant boolean| liModuleEnabled object| apscustom object| ns_ object| google_reactive_ads_global_state object| launchPad object| launchPadConfiguration object| nodeScript function| __launchpad object| FB object| __twttrll object| __twttr object| __buffer object| bouncex object| webpackChunksmart_tag function| reload_campaigns function| setBounceCookie function| getBounceCookie function| setBounceVisitCookie function| getBounceVisitCookie function| clearBounceCookie number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability object| ntvData function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus function| jQuery object| _0x4cc4 function| _0x30b6 function| _0x4a113e object| _ds05un3 number| _pa_v object| paGlobal function| callUnitMan object| pa_prebid_fw object| pa_pbjs_fw2.0 object| refCatKv

23 Cookies

Domain/Path Name / Value
.onesignal.com/ Name: __cf_bm
Value: dVo7czcMHNQoqG2wfapC.wdrx4WY4ut3ekQxZrm1H18-1720847117-1.0.1.1-TCHb69EX35qJRDIfv5rvdp7jpGpNUPh50BfZ8d_XYzXFcTKR56Hi1u5K6Zr8YRdgGN.RPg8YrLz7AMRjXxeAeA
.mediaite.com/ Name: _fbp
Value: fb.1.1720847117994.647721540397968138
.mediaite.com/ Name: _ga_ECWL4EPTZN
Value: GS1.1.1720847118.1.0.1720847118.60.0.0
www.mediaite.com/ Name: am-sub
Value: 0
.mediaite.com/ Name: _ga
Value: GA1.2.1515414796.1720847118
.mediaite.com/ Name: _gid
Value: GA1.2.794253796.1720847118
.mediaite.com/ Name: _gat_gtag_UA_9069088_1
Value: 1
.youtube.com/ Name: YSC
Value: vWtTGpeUlpc
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJBVBIcEhgSFhMLFBUWFwwYGRobHB0eHw4PIBAREiEgZw%3D%3D
.mediaite.com/ Name: __cmpconsentx98978
Value: CQBsInAQBsInAAfPSBENA9EgAAAAAEPgAAigAAAPkgRAAIgAUABYAFQAOAAeABAADIAGgAPAAmABVADMAGgAPQAfgBCACOAGAAMoAaIA5ABzgDuAH7AQcBCACLAF1ANeAdsA9oChwF5gMkAfIAAA.YAAACHwAAAA
.mediaite.com/ Name: __cmpcccx98978
Value: aBQBtG6QAAAAAAA
.t.co/ Name: muc_ads
Value: 355dcd77-21dc-4ef1-83e0-e7a94c09ec1e
.twitter.com/ Name: personalization_id
Value: "v1_88Ur5nPUqChW95A1lYVszA=="
.mediaite.com/ Name: _awl
Value: 2.1720847118.5-83b98f1105e8d403aa44c59b85a7c3f6-6763652d6575726f70652d7765737431-0
.mediaite.com/ Name: _cb
Value: BJQ__iDpZ9TPDMAZbo
.mediaite.com/ Name: _chartbeat2
Value: .1720847119042.1720847119042.1.CS2pyGDkqwdoCVQB5VBv0_KSCUcLm7.1
.mediaite.com/ Name: _cb_svref
Value: external
powerad.ai/ Name: 12331dcr-g
Value: 1
powerad.ai/ Name: 12593dcr-g
Value: 1
powerad.ai/ Name: 12594dcr-g
Value: 1
powerad.ai/ Name: 12595dcr-g
Value: 1
powerad.ai/ Name: 12940dcr-g
Value: 1
powerad.ai/ Name: 13127dcr-g
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
aax.amazon-adsystem.com
accounts.google.com
ads.adthrive.com
ads.pubmatic.com
am11.mediaite.com
am12.mediaite.com
am13.mediaite.com
am14.mediaite.com
analytics.twitter.com
apis.google.com
assets.bounceexchange.com
b.delivery.consentmanager.net
c.amazon-adsystem.com
c.aps.amazon-adsystem.com
c.delivery.consentmanager.net
cdn.confiant-integrations.net
cdn.consentmanager.net
cdn.jwplayer.com
cdn.onesignal.com
cdn.taboola.com
config.aps.amazon-adsystem.com
connect.facebook.net
events.bouncex.net
geo.privacymanager.io
gum.criteo.com
hb.brainlyads.com
img.youtube.com
jadserve.postrelease.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
mediaite.disqus.com
onesignal.com
p.cpx.to
ping.chartbeat.net
pixel.zprk.io
platform.twitter.com
pm-widget.taboola.com
postrelease.com
powerad.ai
profusesupport.com
region1.analytics.google.com
reporting.powerad.ai
rules.quantcount.com
s.ntv.io
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
simple-cdn.s3.amazonaws.com
soggysponge.com
ssl.gstatic.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
stats.g.doubleclick.net
syndication.twitter.com
t.co
tag.bounceexchange.com
trc.taboola.com
www.facebook.com
www.google-analytics.com
www.google.at
www.googletagmanager.com
www.mediaite.com
www.youtube.com
a.ad.gt
hb.brainlyads.com
jadserve.postrelease.com
p.cpx.to
pixel.zprk.io
postrelease.com
powerad.ai
trc.taboola.com
www.googletagmanager.com
104.16.160.145
104.18.20.97
104.18.24.111
104.244.42.3
104.244.42.8
13.224.186.120
13.224.189.78
13.224.189.98
13.32.27.78
13.32.99.59
142.250.185.206
142.250.186.174
146.75.120.157
151.101.1.44
151.101.193.44
157.240.0.6
172.217.18.14
172.217.18.2
18.244.18.38
18.245.31.65
18.66.143.149
199.232.192.134
2.16.185.46
2001:4860:4802:32::36
216.58.206.72
23.53.112.234
2600:9000:223c:6600:6:44e3:f8c0:93a1
2600:9000:223f:fc00:8:48e:53c0:93a1
2600:9000:225e:b800:1:a3fa:7cc0:93a1
2600:9000:2646:6200:18:1fcd:354:4b41
2606:4700:10::6816:3a6e
2606:4700:10::ac43:1906
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:80e::2003
2a00:1450:4001:81d::2008
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:830::200e
2a00:1450:400c:c0a::54
2a00:1450:400c:c0c::9b
2a02:2638:3::c
2a02:6ea0:c700::22
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
3.160.150.105
3.161.82.122
3.221.23.185
3.225.63.64
34.111.8.32
34.120.253.250
34.98.72.95
52.218.221.27
54.234.151.247
87.230.98.76
87.230.98.78
93.184.221.165
06772a40a60519e707b4b2aabf4945607ac8d3eb6de4b57b02b3d905c0838871
068fcfb02c6a1bb3605aa25f2ca8f71cd9317c4fd909dd2a682defc8189fd35f
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0a5d7ab01abbd44d8fb8ec81b87bf8d470f684fbfb1d56ef2c37d2dfbd95a70c
0da206ff8e60d35e2ca003978c7f27a2a46a02e4c63abd632b3a2ebfe1bd8835
0f790bdfb9c12c83da88b657a00be6b9aee3d14d167002faaa9562bc74404325
0f89ba1e319462068c896f7469de78055f63c0318e612faf056a82a7c8fd952b
123afbccccfd68f5b29a8a1385ceb3fe558cecaf777e4fe1b070ff6b8cf4ffad
13b2d5629179d12b272d8e9b8369ba940e3bf8b81f1d222e80d74f4aaa6e1f5e
13ca66cf6767366a16dcab079a022ab7efaff7ad1f44fe904543916d56bb2d9b
15ac93425f657629cd95ae465f8cd231e7cd7edad78d508dba5fa734e8f63ac4
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
1814f5969af017d60a7e1632da81d94b36fd1694a32e40c77337f764b1c0bb22
19f0f495d2d8b52e3a03ae53e2e8684431a3297da861db54b14ee89a0b4d21c7
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b22e31dd0658b72a1248a1b9e40cdf109da76be3bf6b830fc6a98453f2ec278
1e110a9e8d7d41d3dae0344c2c40ea75aa03909698e1d98d70f1f7bc5a1282bd
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
242754e77d4180dcf52c3f402516c66f29b36652cad58807589c41156dde6357
25b1ed9a8b9269739148c249f9f6f262c64585cf80ff7d9ecf3579c8cd8fce77
27e102564d595d947d804947a8506d66f8692ba4b2ced2570c13388934b1674f
2994853cfb2abaa39b5899f36cb9e131752effb9dd0f11148dd92458cd466f8b
2b1775a2394a99b40132858c9fa142aa21192a39f729548786727169d3626cce
2b65c5bdfce3d669803a4e18c71b5af91f33c1f86c2549d38a729c6e05160b9a
2ca7cabb295b87897a31f8d84fdebc9057146e66d1aa1ef20981cb05c95e21a0
30bff6587a9dc3ecc8a27d538ff84be70cc8169c60ae121c63d74e9d6fdeff2c
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
36b6fcd9e99b58f778ecb3ad1a197f21c662f62846e4e3895de65ce5fb3152f6
3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4369e005746c8a2a0aab78e11d85497a54a3d969bc283d5b492409faeda922b7
486c8330aa4047501f52f6dc355d68eaf354bd737d9e69896aedbc950175ccef
48b4186595c64c33e8190a639202e759c1730e3fbbfe038cfe474910057a1d16
49f534300fc36cabcd217998dac71b63b0d8f2443fb7131a2c7b96f2ae84e38d
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4e9c4c011ffbb25a1fc0b1d398e49c27aee525245f65128800d84271b5af25a7
5270e54f1a92254ebced9bbba6d94104c5691994bb9cb2b696326d714e3d42e7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
57da007436809f672fd40685d537dff9c1041c6d662e6e98a29442462942a54c
588fc589aeacdcae4c2673ea8773db44437384a0f91194e56348fa85a32e4096
59f1b7d93f47fcc926143154888aa471910eaf81c3c41270b61cfe012dda08df
5bf979eb49360af2f3aeed5cd5ebd25e8702f55cb5205ab14d6ef229b78855f5
5d56c6a7208faa78b0363e0f0468a1d7d537a96f1ff0f6dadfa2ef0dbbf314e3
69b1faac5f52c20c991dcf5e73fa241d9fb3f8f7cbe3c4d94750ae1b05d7b0fe
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
6c8e40d0b7910c8066300a7576b89ef59631fb077df2faf5890d36a10e1b8804
72f6c3432af686b59d9983ac7207b6516c33f321dc8de085aef5799af255bbee
762a6921a033f9c9921fa1d1ef75351b4e82685fd77e6eafd97134a8cd4436c0
76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b
77f175079c4b94c1fca50c56764822f05928deb29db51652594a93f3dca3b7b2
7a075245e7a64b4a1841097d0f9485e0969a2f1124e57518afa2ecb4712cba6e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83fb5073665d9434da512303204b7628f0e5905071c54bb50f0d46bf807b1963
86130925c7dbecb1a2eae2efa1280beb5f583bc983ffb70a20ccc7ed2d52751b
87d08e171dce6f01a67179cfa9204a12e014afc41bd78ef8c75cbf5eb3fb061e
8a57e62bad9d78ce3693df8d415bbe710a06eb71e6da389f7f2267996d8d3912
8c132a6033409d8dbd5a21cfdd31ad4fb4f7d6a788633024ee326c261c264cd4
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
91ac3d5ae5912a1f07c1651fdafc2fb432fe5092adcf6822ba96c28ab31d9f7a
91d23e883844155a6d1b95820f81df1351008858b022cd3c144b8308f0e7b2ce
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
984f97bcdf1e05c38c49feaa6c42624cea2fcc07934d0ab7a7aa9780c7808b7a
9bd1d4177f0d80cba31cb90cb6f63a3895fd1a1e439fcc62d5249b7c39372f1b
9f3b1f8338765052b8997f05c84f174819a9ddf6be230a213a28e08e18814b15
9f9e72467e556b193d96c4a3cf06cf82ea3ac7d2dc87431b1bbfbde5f0ea9b76
a57258a3f51dc6ee13ca490ab8e780ed443e5725a650e7f085f1c67325784461
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b21e674f7cdd5c6fcd92411e6a4fb9bc8fd0c43dd50d36e02c8d1b1b208d226a
b3d00e5d946b1dc139a67331992e089c0b773bb38fcd222755eef1873f994a12
b54be48da33c00a2cfc226e0ab102a5e851cf2ccc5b1f2f9954296972f6482b7
b8bcf4c4415959ae01774a5c743ddcde1e9776df4b219b969be9c59ed311168c
baa4c2747e958a1040485c77ba95ccf98db052d2d524a104e43aa3c2c9651a69
bd9b4cbf21fae5bdbfa55193c97e3485b8f2640cbe7655ba97a34a517aab4486
bf97073f136c1cf28013a7cdb83c5152a3672b4082d24f5c2a2fcd8af954ef15
c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
ccfc73ec1460a186d7495c6576b4ea027d7c9c34821a35c692cc43804254d424
ce0dad2005f9d23bc02116b687ab3235ce3b397e3860eaad5ca3999a22756c20
ce2e01a2ab793a3e2222177cb5e335c6141872de115c26280f626af33a02a302
ceedb3a311e1610e2e62c405b618d40560bd0f068cdf86cfb5bab4cf68e385ac
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d3fcb1fe09e2e160fc646ac7c02da667d1a5ac8e828ffd9455c7122fdb899821
d8d049f18f24330ee79ed08cd02b4cc829e476037583946de6f3a0ac29b9d698
dbbec194bb1980e49f3241f20ace32dfb18e16ce32b0b455ec317d49388c2850
dbe68196f39972c46eb2edcd065c7b5f35e3fdcdfbdd4f79cf404000f1d29f7d
dbe8e596830dc94145acacd17ebdc3fd9553df87b0cb637d10d338e676a9a831
dc7bb80e6d7bfffbc85ae2314c11c8ef6e92e2d9ba67f144ffb3bec24c5ab859
dd5bf2711b952af69162c95a19e30326c252011ffafeae2bd295cfe732a9b70c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e26560ac1cafd1b40a57a9752030456e204533d0a9de82d86988baa5c7392b07
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e74fc9882fd1b046474630282635991e5aa59cb761302f13d7a304c1a3bae89b
e94c6d311de30a8d29ba76bbcd0989daf7b846b77aba9843aa5975252ba59ab0
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
ec4481680a19b1503fc731c7fed012a1305b36983ccea195804cc10d5e82bd93
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
edc38a78185af07f77d55e25981b34d0988bab772ada07729d521f4480d5e1b5
eee4cf12a666b414c57a7f3ad86679b3f8d3baeb0914c5f2ec68243d9375d881
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0fe7e69e970311a87c3b57b217e6fc19f0a65b25813ad64426169712f61e402
f10699f59e4285b87af5097e4ba9e470ee29b4f3487fa767f2818bdbbdd6bb14
f581d6679a6f83ee35007a20ded1bba92e4675c2e6911555e014612a3b9e29b6
fb5b8acb6ba3c170c723fd98e0877e70070d3e91d3e465ccbdf3b8f2f9b287b6
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
fd1aea0e2cdb0b89e9363991d67bfd16fa43bb5f2d7b059829f2cbd28c5ccdd9
ffa15d5d3b25c5eeced4c196bf91875a37c70e53701238fc965391e93162f2f6