urlscan.io logo urlscan.io
SecurityTrails logo

crooksandliars.com Open in urlscan Pro
150.238.37.130  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.crooksandliars.com//team//john/-amato
Effective URL: https://crooksandliars.com//team//john/-amato
Submission: On September 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 46 IPs in 4 countries across 30 domains to perform 139 HTTP transactions. The main IP is 150.238.37.130, located in United States and belongs to SOFTLAYER, US. The main domain is crooksandliars.com. The Cisco Umbrella rank of the primary domain is 291751.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 14th 2024. Valid for: a year.
This is the only time crooksandliars.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 37 150.238.37.130 36351 (SOFTLAYER)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:272... 16509 (AMAZON-02)
5 2600:9000:264... 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.5.165.213 14618 (AMAZON-AES)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2606:2800:234... 15133 (EDGECAST)
2 18.172.112.100 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 44.196.238.254 14618 (AMAZON-AES)
1 2600:9000:206... 16509 (AMAZON-02)
3 18.207.73.182 14618 (AMAZON-AES)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:440... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 172.217.18.6 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
10 172.66.42.247 13335 (CLOUDFLAR...)
1 34.120.253.250 396982 (GOOGLE-CL...)
4 2a00:1450:400... 15169 (GOOGLE)
2 13.225.78.104 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
2 130.211.23.194 396982 (GOOGLE-CL...)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
1 44.240.96.48 16509 (AMAZON-02)
5 34.98.72.95 396982 (GOOGLE-CL...)
1 2600:9000:223... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 172.66.41.9 13335 (CLOUDFLAR...)
1 108.157.4.18 16509 (AMAZON-02)
4 54.72.195.79 16509 (AMAZON-02)
1 184.28.88.244 16625 (AKAMAI-AS)
1 54.160.11.30 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
2 13.33.187.77 16509 (AMAZON-02)
1 18.66.102.81 16509 (AMAZON-02)
8 52.222.214.103 16509 (AMAZON-02)
4 99.80.185.164 16509 (AMAZON-02)
1 2606:4700::68... ()
139 46
37    150.238.37.130 (United States)

ASN36351 (SOFTLAYER, US)
PTR: sam.crooksandliars.com
www.crooksandliars.com
crooksandliars.com
tr.crooksandliars.com
3    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2600:9000:2724:1600:10:3422:3f00:21 (United States)

ASN16509 (AMAZON-02, US)
df80k0z3fi8zg.cloudfront.net
5    2600:9000:2644:9000:1c:386f:ec80:21 (United States)

ASN16509 (AMAZON-02, US)
d3lcz8vpax4lo2.cloudfront.net
4    2606:4700::6811:6fdf (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
1    52.5.165.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-165-213.compute-1.amazonaws.com
static.newsmaxfeednetwork.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    18.172.112.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-100.fra60.r.cloudfront.net
global.proper.io
4    2606:4700::6812:196f (United States)

ASN13335 (CLOUDFLARENET, US)
glisteningguide.com
1    44.196.238.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-238-254.compute-1.amazonaws.com
geoip.instiengage.com
1    2600:9000:206f:ac00:9:78a:e540:93a1 (United States)

ASN16509 (AMAZON-02, US)
auth.instiengage.com
3    18.207.73.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-73-182.compute-1.amazonaws.com
event.insticator.com
geoip.insticator.com
1    2606:4700:10::ac43:293c (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
2    2606:4700:4400::6812:2b5a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
2    2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    172.217.18.6 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f6.1e100.net
ad.doubleclick.net
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
10    172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)
resources.infolinks.com
router.infolinks.com
rt3010.infolinks.com
1    34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com
tag.bounceexchange.com
4    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
2    13.225.78.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-104.fra2.r.cloudfront.net
abcheck.proper.io
1    2600:9000:223f:5200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
2    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
1    44.240.96.48 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-96-48.us-west-2.compute.amazonaws.com
bids.proper.io
5    34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com
assets.bounceexchange.com
1    2600:9000:223c:9400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    172.66.41.9 (United States)

ASN13335 (CLOUDFLARENET, US)
rt3010.infolinks.com
1    108.157.4.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-18.dus51.r.cloudfront.net
assets.newsmaxwidget.com
4    54.72.195.79 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-195-79.eu-west-1.compute.amazonaws.com
trends.newsmaxwidget.com
1    184.28.88.244 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-28-88-244.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    54.160.11.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-11-30.compute-1.amazonaws.com
soapps.net
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    13.33.187.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-77.fra60.r.cloudfront.net
assets.revcontent.com
1    18.66.102.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-81.fra56.r.cloudfront.net
img.revcontent.com
8    52.222.214.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-103.fra56.r.cloudfront.net
images.newsmaxwidget.com
4    99.80.185.164 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-185-164.eu-west-1.compute.amazonaws.com
yeet.revcontent.com
1    2606:4700::6812:1231 (None, )

ASN- ()
images.getadmiral.com
Apex Domain
Subdomains		 Transfer
37 crooksandliars.com
www.crooksandliars.com
crooksandliars.com — Cisco Umbrella Rank: 291751
tr.crooksandliars.com — Cisco Umbrella Rank: 570017
364 KB
13 newsmaxwidget.com
assets.newsmaxwidget.com — Cisco Umbrella Rank: 330085
trends.newsmaxwidget.com — Cisco Umbrella Rank: 294709
images.newsmaxwidget.com — Cisco Umbrella Rank: 313285
151 KB
12 infolinks.com
resources.infolinks.com — Cisco Umbrella Rank: 6762
router.infolinks.com — Cisco Umbrella Rank: 2813
rt3010.infolinks.com — Cisco Umbrella Rank: 61334
111 KB
7 revcontent.com
assets.revcontent.com — Cisco Umbrella Rank: 8626
img.revcontent.com — Cisco Umbrella Rank: 10842
yeet.revcontent.com — Cisco Umbrella Rank: 9613
17 KB
6 bounceexchange.com
tag.bounceexchange.com — Cisco Umbrella Rank: 4426
assets.bounceexchange.com — Cisco Umbrella Rank: 2511
188 KB
6 cloudfront.net
df80k0z3fi8zg.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
227 KB
5 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 688
region1.analytics.google.com — Cisco Umbrella Rank: 4054
129 KB
5 proper.io
global.proper.io — Cisco Umbrella Rank: 13076
abcheck.proper.io — Cisco Umbrella Rank: 14537
bids.proper.io — Cisco Umbrella Rank: 13897
150 KB
5 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 213
ad.doubleclick.net — Cisco Umbrella Rank: 153
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
182 KB
4 glisteningguide.com
glisteningguide.com — Cisco Umbrella Rank: 549290
106 KB
4 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 4855
onesignal.com — Cisco Umbrella Rank: 1583
83 KB
3 gstatic.com
fonts.gstatic.com
188 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
imasdk.googleapis.com — Cisco Umbrella Rank: 506
151 KB
3 btloader.com
btloader.com — Cisco Umbrella Rank: 869
api.btloader.com — Cisco Umbrella Rank: 1033
26 KB
3 insticator.com
event.insticator.com — Cisco Umbrella Rank: 26224
geoip.insticator.com — Cisco Umbrella Rank: 36869
429 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
250 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
21 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 907
1 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1700
134 KB
2 instiengage.com
geoip.instiengage.com — Cisco Umbrella Rank: 33331
auth.instiengage.com — Cisco Umbrella Rank: 25882
429 B
2 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1491
28 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 178
89 KB
1 getadmiral.com
images.getadmiral.com
9 KB
1 soapps.net
soapps.net — Cisco Umbrella Rank: 64120
10 KB
1 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 553
67 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1541
2 KB
1 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1497
10 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 10137
63 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 723
481 B
1 newsmaxfeednetwork.com
static.newsmaxfeednetwork.com — Cisco Umbrella Rank: 325255
935 B
139 30
Domain Requested by
35 crooksandliars.com crooksandliars.com
8 images.newsmaxwidget.com
5 assets.bounceexchange.com tag.bounceexchange.com
assets.bounceexchange.com
5 resources.infolinks.com crooksandliars.com
resources.infolinks.com
5 d3lcz8vpax4lo2.cloudfront.net crooksandliars.com
d3lcz8vpax4lo2.cloudfront.net
4 yeet.revcontent.com assets.newsmaxwidget.com
4 trends.newsmaxwidget.com crooksandliars.com
assets.newsmaxwidget.com
4 rt3010.infolinks.com resources.infolinks.com
4 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
4 glisteningguide.com crooksandliars.com
glisteningguide.com
3 fonts.gstatic.com crooksandliars.com
fonts.googleapis.com
3 router.infolinks.com resources.infolinks.com
3 securepubads.g.doubleclick.net crooksandliars.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
3 www.googletagmanager.com crooksandliars.com
www.googletagmanager.com
2 assets.revcontent.com assets.newsmaxwidget.com
2 fonts.googleapis.com glisteningguide.com
2 api.btloader.com btloader.com
2 abcheck.proper.io crooksandliars.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 ad-delivery.net crooksandliars.com
2 onesignal.com cdn.onesignal.com
2 cdn.confiant-integrations.net d3lcz8vpax4lo2.cloudfront.net
cdn.confiant-integrations.net
2 event.insticator.com d3lcz8vpax4lo2.cloudfront.net
2 global.proper.io crooksandliars.com
global.proper.io
2 platform.twitter.com crooksandliars.com
platform.twitter.com
2 connect.facebook.net crooksandliars.com
connect.facebook.net
2 cdn.onesignal.com crooksandliars.com
cdn.onesignal.com
1 images.getadmiral.com
1 img.revcontent.com
1 imasdk.googleapis.com resources.infolinks.com
1 soapps.net crooksandliars.com
1 ads.pubmatic.com assets.newsmaxwidget.com
1 assets.newsmaxwidget.com static.newsmaxfeednetwork.com
1 rules.quantcount.com secure.quantserve.com
1 bids.proper.io global.proper.io
1 secure.quantserve.com global.proper.io
1 www.google.de crooksandliars.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 static.adsafeprotected.com crooksandliars.com
1 tag.bounceexchange.com crooksandliars.com
1 tr.crooksandliars.com crooksandliars.com
1 ad.doubleclick.net crooksandliars.com
1 geoip.insticator.com d3lcz8vpax4lo2.cloudfront.net
1 btloader.com d3lcz8vpax4lo2.cloudfront.net
1 auth.instiengage.com d3lcz8vpax4lo2.cloudfront.net
1 geoip.instiengage.com d3lcz8vpax4lo2.cloudfront.net
1 static.newsmaxfeednetwork.com crooksandliars.com
1 df80k0z3fi8zg.cloudfront.net crooksandliars.com
1 www.crooksandliars.com 1 redirects
139 50
Subject Issuer Validity Valid
*.crooksandliars.com
Sectigo RSA Domain Validation Secure Server CA		 2024-01-14 -
2025-02-13		 a year crt.sh
*.google-analytics.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
*.onesignal.com
WE1		 2024-09-02 -
2024-12-01		 3 months crt.sh
newsmaxfeednetwork.com
Amazon RSA 2048 M03		 2024-05-26 -
2025-06-24		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-06-25 -
2024-09-23		 3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-08 -
2025-07-07		 a year crt.sh
*.proper.io
Amazon RSA 2048 M02		 2024-04-15 -
2025-05-14		 a year crt.sh
glisteningguide.com
WE1		 2024-07-20 -
2024-10-18		 3 months crt.sh
*.instiengage.com
Sectigo RSA Organization Validation Secure Server CA		 2024-05-17 -
2025-05-17		 a year crt.sh
*.insticator.com
Sectigo RSA Organization Validation Secure Server CA		 2024-08-01 -
2025-08-28		 a year crt.sh
btloader.com
WE1		 2024-08-10 -
2024-11-08		 3 months crt.sh
confiant-integrations.net
WE1		 2024-09-09 -
2024-12-08		 3 months crt.sh
onesignal.com
WE1		 2024-09-02 -
2024-12-01		 3 months crt.sh
ad-delivery.net
WE1		 2024-09-12 -
2024-12-11		 3 months crt.sh
*.doubleclick.net
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
infolinks.com
WE1		 2024-08-10 -
2024-11-08		 3 months crt.sh
tag.bounceexchange.com
R11		 2024-09-15 -
2024-12-14		 3 months crt.sh
*.google.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2024-04-25 -
2025-05-24		 a year crt.sh
api.btloader.com
WR3		 2024-08-02 -
2024-10-31		 3 months crt.sh
*.google.de
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
quantserve.com
R11		 2024-08-23 -
2024-11-21		 3 months crt.sh
assets.bounceexchange.com
WR3		 2024-09-15 -
2024-12-14		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
newsmaxwidget.com
Amazon RSA 2048 M03		 2024-09-01 -
2025-09-30		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
*.soapps.net
Sectigo RSA Organization Validation Secure Server CA		 2024-01-16 -
2025-01-25		 a year crt.sh
revcontent.com
Amazon RSA 2048 M03		 2024-04-18 -
2025-05-17		 a year crt.sh
images.getadmiral.com
WE1		 2024-09-06 -
2024-12-05		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://crooksandliars.com//team//john/-amato
Frame ID: 27B879D0ECFAD8332352098FFC272950
Requests: 133 HTTP requests in this frame

Frame: https://auth.instiengage.com/auth/index.html
Frame ID: 5534C50188D8E2060C839D351C11E02B
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fcrooksandliars.com
Frame ID: A4F646FFF72CF995A5EF37708AE7AA98
Requests: 1 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3325427&wsid=0&pdom=crooksandliars.com&purl=https%3A%2F%2Fcrooksandliars.com%2F%2Fteam%2F%2Fjohn%2F-amato
Frame ID: 6BF1D77DDC24C53EC6962794385254EE
Requests: 1 HTTP requests in this frame

Frame: https://resources.infolinks.com/static/container-4.0.html
Frame ID: 5358E9F4BF68215BB9A621AB121EF4D3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Our Team | Crooks and Liars

Page URL History Show full URLs

  1. http://www.crooksandliars.com//team//john/-amato HTTP 307
    https://www.crooksandliars.com//team//john/-amato HTTP 302
    https://crooksandliars.com//team//john/-amato Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:link|style)[^>]+"/sites/(?:default|all)/(?:themes|modules)/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

139
Requests

99 %
HTTPS

53 %
IPv6

30
Domains

50
Subdomains

46
IPs

4
Countries

2695 kB
Transfer

8563 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.crooksandliars.com//team//john/-amato HTTP 307
    https://www.crooksandliars.com//team//john/-amato HTTP 302
    https://crooksandliars.com//team//john/-amato Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

139 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request -amato
crooksandliars.com//team//john/
Redirect Chain
  • http://www.crooksandliars.com//team//john/-amato
  • https://www.crooksandliars.com//team//john/-amato
  • https://crooksandliars.com//team//john/-amato
52 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
c7deaf679fcfc8dce963a1e993323007f774586737ba2cc2579e55f1fd02bb17
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
token, Content-Type
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, HEAD, OPTIONS
access-control-allow-origin
*
cache-control
public, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 16 Sep 2024 04:08:19 GMT
etag
W/"1726459699-0"
expires
Sun, 11 Mar 1984 12:00:00 GMT
last-modified
Mon, 16 Sep 2024 04:08:19 +0000
server
nginx
service-worker-allowed
/
vary
Accept-Encoding Accept-Encoding Cookie
x-drupal-cache
MISS
x-ua-compatible
IE=edge
x-xss-protection
0

Redirect headers

content-length
138
content-type
text/html
date
Mon, 16 Sep 2024 04:08:19 GMT
location
https://crooksandliars.com//team//john/-amato
server
nginx
fixes.css
crooksandliars.com/sites/all/themes/cl_theme21/public/ 		0
192 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://crooksandliars.com/sites/all/themes/cl_theme21/public/fixes.css?3
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com//team//john/-amato
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:19 GMT
last-modified
Tue, 09 Nov 2021 02:27:37 GMT
server
nginx
etag
"6189dc99-0"
content-type
text/css
cache-control
max-age=315360000
accept-ranges
bytes
content-length
0
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
fixes.css
crooksandliars.com/sites/all/themes/cl_theme21/ 		159 B
348 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://crooksandliars.com/sites/all/themes/cl_theme21/fixes.css
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
6e403e2d554aa481361609012af929dcbc5b8f4a531561905a743b548735ff1f

Request headers

Referer
https://crooksandliars.com//team//john/-amato
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:19 GMT
content-encoding
gzip
last-modified
Thu, 18 Nov 2021 00:16:48 GMT
server
nginx
etag
W/"61959b70-9f"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
theme21.css
crooksandliars.com/sites/all/themes/cl_theme21/public/resources/ 		109 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://crooksandliars.com/sites/all/themes/cl_theme21/public/resources/theme21.css?v=003b06a5e1bb72e0f970
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
140bba341ba73adbe5d69dc1ca459c579d71fc6e436017f77c21c8c13c7458e8

Request headers

Referer
https://crooksandliars.com//team//john/-amato
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:19 GMT
content-encoding
gzip
last-modified
Thu, 22 Dec 2022 14:18:32 GMT
server
nginx
etag
W/"63a46738-1b2c5"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/ 		199 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-2640119-1
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
89e7371a5e545fec5450e9a65ac95e2435f534cb5191c68a169f3b138d456030
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73589
x-xss-protection
0
last-modified
Mon, 16 Sep 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 16 Sep 2024 04:08:20 GMT
dd_theme.red.css
crooksandliars.com/sites/all/modules/custom/donation_drives/css/ 		347 B
434 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://crooksandliars.com/sites/all/modules/custom/donation_drives/css/dd_theme.red.css
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
3a3782ed8869a7b7f49c5a2242ce3e433439f03cbab0cda66a8e0658e2daf546

Request headers

Referer
https://crooksandliars.com//team//john/-amato
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:19 GMT
content-encoding
gzip
last-modified
Sat, 14 May 2022 23:12:43 GMT
server
nginx
etag
W/"6280376b-15b"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		105 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd3f30aace2746baa5c81ef4b2b93ae827c7a850ca6fee7b7632b084c7482f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32665
x-xss-protection
0
server
cafe
etag
653 / 19982 / 31087006 / config-hash: 6381089854016581128
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 16 Sep 2024 04:08:19 GMT
bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
df80k0z3fi8zg.cloudfront.net/files/instibid/ 		163 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:1600:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ae147bdedb062e34a025af585c79f80ebfe2b7e9ed99826f9192a78ddba677c3

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
Ki__HoowC9rZCCaNFLMg1NpfAzRciW3x
content-encoding
br
via
1.1 b542963649ffc3f71c6540a2347be55a.cloudfront.net (CloudFront)
date
Sun, 15 Sep 2024 08:26:07 GMT
last-modified
Sat, 14 Sep 2024 08:20:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
age
70947
x-amz-server-side-encryption
AES256
etag
W/"b6f03953f1d17ff57faf6e817fac34fd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
pmbzGBFivk43PWbOisvKD8F32o9zCKGn6AUnYPTRMfsMJw1vaAVSnw==
bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
d3lcz8vpax4lo2.cloudfront.net/ads-code/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:9000:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
621d43bfeb282fd0946d684636203e8aff3f0718fcc6f87a9ea88e95e34a60ff

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
xe1mZ4sNQKit9HVRAIMMR7dFwZFqVbIe
content-encoding
br
via
1.1 81cb77eb84eee291ebbd90b4c274c1c4.cloudfront.net (CloudFront)
date
Mon, 16 Sep 2024 04:08:19 GMT
x-amz-cf-pop
FRA60-P6
age
38
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 14 Sep 2024 08:21:04 GMT
server
AmazonS3
etag
W/"9d264412194acacd8380aa483f044e2f"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-id
BVFn255boW9--p9N1lzYrtKAfqbVstrZKwlvYDMWMMdJmmH5WWgRCw==
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:6fdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:19 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1183
etag
W/"09282956186c8515ef0d208902803581"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8c3dfea4bd21363c-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Sep 2024 04:08:19 GMT
logo_sm.png
crooksandliars.com/sites/all/themes/cl_theme21/public/static/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/sites/all/themes/cl_theme21/public/static/logo_sm.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
a89adf784f7d54cd1d3f7e34a7b3d200eaf57abcb3cd8f0e418a0462c7ecf19a

Request headers

Referer
https://crooksandliars.com//team//john/-amato
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:19 GMT
last-modified
Tue, 09 Nov 2021 02:27:37 GMT
server
nginx
etag
"6189dc99-acb"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
2763
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo_full.png
crooksandliars.com/sites/all/themes/cl_theme21/public/static/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/sites/all/themes/cl_theme21/public/static/logo_full.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
e3bf4936fbf82a51c0dbd4b478287e19915d0c3dd2ef15d32042b360bd7365f6

Request headers

Referer
https://crooksandliars.com//team//john/-amato
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:19 GMT
last-modified
Tue, 09 Nov 2021 02:27:37 GMT
server
nginx
etag
"6189dc99-131c"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
4892
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
picture-2.jpg
crooksandliars.com/files/imagecache/team_md/pictures/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/team_md/pictures/picture-2.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
cc7655087d146682067e37c47b2bff72ee86f6ed7a3702291642b502c123dfd2

Request headers

Referer
https://crooksandliars.com//team//john/-amato
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:19 GMT
last-modified
Tue, 09 Nov 2021 02:02:42 GMT
server
nginx
etag
"6189d6c2-f99"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
3993
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
picture-1186262e86fe5b4fd6.jpg
crooksandliars.com/files/imagecache/team_md/pictures/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/team_md/pictures/picture-1186262e86fe5b4fd6.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
dfeb024869f39e050a86af6dc5e62f5acf773dc88c8a8a080ae0313cf68797ab

Request headers

Referer
https://crooksandliars.com//team//john/-amato
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:19 GMT
last-modified
Tue, 02 Aug 2022 00:30:08 GMT
server
nginx
etag
"62e87010-15c6"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
5574
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
picture-6283961fae23d5d9f5.jpg
crooksandliars.com/files/imagecache/team_md/pictures/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/team_md/pictures/picture-6283961fae23d5d9f5.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
5161cc95c861a52ca114dba71188bcb827f4f9afaf97f75db65e572cd649289b

Request headers

Referer
https://crooksandliars.com//team//john/-amato
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:19 GMT
last-modified
Sun, 13 Aug 2023 15:20:51 GMT
server
nginx
etag
"64d8f4d3-1276"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
4726
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
picture-2964908eefa7356.jpg
crooksandliars.com/files/imagecache/team_md/pictures/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/team_md/pictures/picture-2964908eefa7356.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
cff8e4f68f855d1dbafcc5ed6c37805ec82116dd7fd625c85fcd3bd022008964

Request headers

Referer
https://crooksandliars.com//team//john/-amato
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:19 GMT
last-modified
Mon, 19 Jun 2023 17:23:10 GMT
server
nginx
etag
"64908efe-16cd"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
5837
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
picture-91.jpg
crooksandliars.com/files/imagecache/team_md/pictures/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/team_md/pictures/picture-91.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
0685687c82e970dc8176b9009f530d9de6aa9a1f39ace3634d216c578adaef23

Request headers

Referer
https://crooksandliars.com//team//john/-amato
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:19 GMT
last-modified
Tue, 09 Nov 2021 02:07:55 GMT
server
nginx
etag
"6189d7fb-f6f"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
3951
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
picture-8.jpg
crooksandliars.com/files/imagecache/team_md/pictures/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/team_md/pictures/picture-8.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
c2d224ef3dff232e7c5fc3ad39f3a3d837ba465995d5066885249c1d2a7cae68

Request headers

Referer
https://crooksandliars.com//team//john/-amato
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
last-modified
Tue, 09 Nov 2021 13:00:47 GMT
server
nginx
etag
"618a70ff-12c5"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
4805
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
picture-7228.png
crooksandliars.com/files/imagecache/team_md/pictures/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/team_md/pictures/picture-7228.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
3055cc01a20f40cc3601b08d75b37cdec4dbd9b58669e8b597bc14ab4fca18b5

Request headers

Referer
https://crooksandliars.com//team//john/-amato
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
last-modified
Tue, 09 Nov 2021 02:02:42 GMT
server
nginx
etag
"6189d6c2-50fe"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
20734
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
picture-57017.jpg
crooksandliars.com/files/imagecache/team_md/pictures/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/team_md/pictures/picture-57017.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
9efedf206218e4fb1cecd20e02aa0d7cfcb9c7402044bc1f8722d2fb95e425c6

Request headers

Referer
https://crooksandliars.com//team//john/-amato
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
last-modified
Sat, 18 Jun 2022 17:37:52 GMT
server
nginx
etag
"62ae0d70-1227"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
4647
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
picture-52899.jpg
crooksandliars.com/files/imagecache/team_md/pictures/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/team_md/pictures/picture-52899.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
036be9796eef8ac45778fbc62ff46be10f3c6005fceb7c44ed49d0a8b4d62a02

Request headers

Referer
https://crooksandliars.com//team//john/-amato
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
last-modified
Tue, 09 Nov 2021 04:07:50 GMT
server
nginx
etag
"6189f416-e48"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
3656
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
picture-10811662ce0228f3a4d.jpg
crooksandliars.com/files/imagecache/team_md/pictures/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/team_md/pictures/picture-10811662ce0228f3a4d.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
2046683f261337ea3f4244fb5d27741b6a1d9e2313ee202bea1cdf0f374001dc

Request headers

Referer
https://crooksandliars.com//team//john/-amato
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
last-modified
Tue, 02 Aug 2022 00:06:44 GMT
server
nginx
etag
"62e86a94-1494"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
5268
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
defuserpicture.gif
crooksandliars.com/files/imagecache/team_md/pictures/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/team_md/pictures/defuserpicture.gif
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
2bb182e56056c786fad829d88c6218686e54b73f94bbaef51671ec03d96071ee

Request headers

Referer
https://crooksandliars.com//team//john/-amato
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
last-modified
Tue, 09 Nov 2021 01:55:57 GMT
server
nginx
etag
"6189d52d-10d2"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
content-length
4306
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
picture-29721.jpg
crooksandliars.com/files/imagecache/team_md/pictures/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/team_md/pictures/picture-29721.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
7c21a6311bd9343da9c0cd779007eebbcff3d77cc9286125d5da26134bc0f32a

Request headers

Referer
https://crooksandliars.com//team//john/-amato
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
last-modified
Tue, 09 Nov 2021 18:23:05 GMT
server
nginx
etag
"618abc89-15e5"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
5605
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
picture-11261.png
crooksandliars.com/files/imagecache/team_md/pictures/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/team_md/pictures/picture-11261.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
160cde24ba1ff1d2f48cb147e61a9835f9594092da1ea3cafed08e7c6aa43f41

Request headers

Referer
https://crooksandliars.com//team//john/-amato
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
last-modified
Wed, 27 Jul 2022 01:00:47 GMT
server
nginx
etag
"62e08e3f-3c69"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
15465
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
picture-105053.jpg
crooksandliars.com/files/imagecache/team_md/pictures/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/team_md/pictures/picture-105053.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
de0e585989b9cb68e60604e8f06bd3e95216a0aff1b1867a72a4cc6b9e112a9a

Request headers

Referer
https://crooksandliars.com//team//john/-amato
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
last-modified
Tue, 02 Aug 2022 00:25:11 GMT
server
nginx
etag
"62e86ee7-10cb"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
4299
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
picture-8251864165469c1c68.jpg
crooksandliars.com/files/imagecache/team_md/pictures/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/team_md/pictures/picture-8251864165469c1c68.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
2d6a133b731b7012df588f194570780eaf10077357b41f7c6d419a8d48fd2261

Request headers

Referer
https://crooksandliars.com//team//john/-amato
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
last-modified
Sun, 19 Mar 2023 00:17:37 GMT
server
nginx
etag
"641654a1-1c72"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
7282
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
bootloader.js
static.newsmaxfeednetwork.com/web-clients/bootloaders/TdUGmQOcTfm6Or8W2H9nVT/ 		1 KB
935 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.newsmaxfeednetwork.com/web-clients/bootloaders/TdUGmQOcTfm6Or8W2H9nVT/bootloader.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.5.165.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-165-213.compute-1.amazonaws.com
Software
envoy / Express
Resource Hash
2e2f8485434c1dc7ba8426b78bcdcce5d13462028693bc1b749957ef88909763

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Mon, 16 Sep 2024 04:08:20 GMT
content-encoding
gzip
server
envoy
x-powered-by
Express
etag
W/"58e-rpAHw0NpBBZ2yx67ykqppRQRbos"
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=300
x-envoy-upstream-service-time
3
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
83eab0690a46e6481bbad2e36f64118da3b167c77ba77598fddfa889dee018a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 16 Sep 2024 04:08:19 GMT
content-md5
1F0QmHsFmo/cAt9JJn/y2Q==
document-policy
force-load-at-top
x-fb-server-load
33
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4453, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug
67s2lNw/4oCGX3hjdB+0ks4fIQskYIMkTb8Vh8iLw2XNhX34OElZF23keez5hHWmK2dU3FCERk0WTl/RFDWCCA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
fc307756d40a5c70ad6d2faa82ed1d21
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"95c17e91e783d63a298c47845dbef238"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Mon, 16 Sep 2024 04:21:41 GMT
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B8E) /
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Mon, 16 Sep 2024 04:08:20 GMT
Content-Encoding
gzip
Age
78
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27597
Last-Modified
Mon, 11 Dec 2023 17:20:28 GMT
Server
ECS (amb/6B8E)
Etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
theme21.js
crooksandliars.com/sites/all/themes/cl_theme21/public/resources/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://crooksandliars.com/sites/all/themes/cl_theme21/public/resources/theme21.js?v=003b06a5e1bb72e0f970
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
8af15646b18da3c584568f9e606fdb0e47f172cc241edeec5f6334c5afd3e081

Request headers

Referer
https://crooksandliars.com//team//john/-amato
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:19 GMT
content-encoding
gzip
last-modified
Tue, 17 May 2022 16:47:01 GMT
server
nginx
etag
W/"6283d185-2ab3"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=315360000
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
analytics.plausible.js
crooksandliars.com/sites/all/modules/custom/cl_analytics/public/resources/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://crooksandliars.com/sites/all/modules/custom/cl_analytics/public/resources/analytics.plausible.js?v=d21e6856a25360ef33cc
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
e054996061a5469a34aee45729b79d33ddbbfa6dbf28b58eefe1a851872fc02a

Request headers

Referer
https://crooksandliars.com//team//john/-amato
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:19 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 00:10:37 GMT
server
nginx
etag
W/"61e756fd-c55"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=315360000
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
crooksandliars.min.js
global.proper.io/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/crooksandliars.min.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-100.fra60.r.cloudfront.net
Software
/
Resource Hash
036cc536d49295e353522a416481117c1ca225434bf41f877d6072dd5d0abced

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:04:36 GMT
content-encoding
br
via
1.1 67697a0060e2336f6ffa8579d528820e.cloudfront.net (CloudFront)
last-modified
Wed, 04 Sep 2024 16:00:22 GMT
x-amz-cf-pop
FRA60-P8
age
224
x-amzn-requestid
36398d86-f682-4d56-90da-6db3645059b0
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=300
x-amz-cf-id
_fyrnt8c-SLvB-aMkqXZZvvbN8QY9AvCo1GpcZWPJWhRJDYVSIajdg==
print.css
crooksandliars.com/sites/all/themes/cl_theme21/public/ 		0
192 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://crooksandliars.com/sites/all/themes/cl_theme21/public/print.css?3
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com//team//john/-amato
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
last-modified
Tue, 09 Nov 2021 02:27:37 GMT
server
nginx
etag
"6189dc99-0"
content-type
text/css
cache-control
max-age=315360000
accept-ranges
bytes
content-length
0
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
v2svfVFmfR692y-_LnnShhl08-248o3qFh5AJHol-9kA088r9prIfWE8vFc-u44i_
glisteningguide.com/ 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://glisteningguide.com/v2svfVFmfR692y-_LnnShhl08-248o3qFh5AJHol-9kA088r9prIfWE8vFc-u44i_
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:196f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56678e2cda023fa75db6f56ff4c468cfd2ffb4d1dff25e0d14f7992876f892e0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
content-encoding
br
via
1.1 google
strict-transport-security
max-age=15724800; preload
cf-cache-status
MISS
x-buildnumber
1433990761
alt-svc
h3=":443"; ma=86400
server
cloudflare
x-datacenter
gce-europe-west1
etag
W/"dc978c4438b10fd167a2cb6e0a4e8588ff367375049207ad634a4260147c2e39"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-ffgg
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
timing-allow-origin
*
cf-ray
8c3dfea53ba435ec-FRA
gtm.js
www.googletagmanager.com/ 		224 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-QXNM
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
def2eceb21c23f209b291c6684ac128a16d630da31597a69e84c6cb73ca793d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80166
x-xss-protection
0
last-modified
Mon, 16 Sep 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 16 Sep 2024 04:08:20 GMT
f7440d2f090b5788c86c.ttf
crooksandliars.com/sites/all/themes/cl_theme21/public/resources/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://crooksandliars.com/sites/all/themes/cl_theme21/public/resources/f7440d2f090b5788c86c.ttf?p3phxz
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/sites/all/themes/cl_theme21/public/resources/theme21.css?v=003b06a5e1bb72e0f970
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
8c180d84a57f7e3bfec361c93d5334da2202bb7b3ceee66f0166957f6978931d

Request headers

Referer
https://crooksandliars.com/sites/all/themes/cl_theme21/public/resources/theme21.css?v=003b06a5e1bb72e0f970
Origin
https://crooksandliars.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
last-modified
Thu, 22 Dec 2022 14:18:32 GMT
server
nginx
etag
"63a46738-1060"
content-type
application/octet-stream
cache-control
max-age=315360000
accept-ranges
bytes
content-length
4192
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
fnc_kurtz_dogs_1-720p_to_mov-0001-enhanced-sr.jpg
crooksandliars.com/files/imagecache/featured_650/primary_image/24/09/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/featured_650/primary_image/24/09/fnc_kurtz_dogs_1-720p_to_mov-0001-enhanced-sr.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
1310eac23d10ba13c1e7388c552fc52100d5892e65aec91ddde78d59f0eb299b

Request headers

Referer
https://crooksandliars.com//team//john/-amato
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
last-modified
Mon, 16 Sep 2024 02:01:07 GMT
server
nginx
etag
"66e79163-6bfa"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
27642
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
bartiromo_cotton_1-enhanced-sr.jpg
crooksandliars.com/files/imagecache/featured_650/primary_image/24/09/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/featured_650/primary_image/24/09/bartiromo_cotton_1-enhanced-sr.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
c7d1bc31be2ab930e06dee9af49acf8225399148a37cca2e1aebdd20bdab3683

Request headers

Referer
https://crooksandliars.com//team//john/-amato
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
last-modified
Sun, 15 Sep 2024 19:00:24 GMT
server
nginx
etag
"66e72ec8-87ea"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
34794
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
fnc_stiles_save_act_1-720p_to_mov-0001-enhanced-sr.jpg
crooksandliars.com/files/imagecache/featured_650/primary_image/24/09/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/featured_650/primary_image/24/09/fnc_stiles_save_act_1-720p_to_mov-0001-enhanced-sr.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
9e03460ddf51854065b5ed1042c94dbc35045da49373004a7e46abb5f746f35e

Request headers

Referer
https://crooksandliars.com//team//john/-amato
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
last-modified
Mon, 16 Sep 2024 00:00:42 GMT
server
nginx
etag
"66e7752a-784e"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
30798
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
62220.jpg
crooksandliars.com/files/imagecache/featured_650/embeds/2024/09/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/featured_650/embeds/2024/09/62220.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
004a8e6726c340c0fcea8a34ea5317d388772d237a718a9cc468598df63d1702

Request headers

Referer
https://crooksandliars.com//team//john/-amato
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
last-modified
Mon, 16 Sep 2024 03:01:13 GMT
server
nginx
etag
"66e79f79-7a7a"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
31354
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
screenshot_2024-09-15_022120.png
crooksandliars.com/files/imagecache/featured_650/primary_image/24/09/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/featured_650/primary_image/24/09/screenshot_2024-09-15_022120.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
60d7e6cb14bb5060b93acdf8f70b09136bc3e4b90918c79385975ee931613e3b

Request headers

Referer
https://crooksandliars.com//team//john/-amato
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
last-modified
Mon, 16 Sep 2024 01:01:41 GMT
server
nginx
etag
"66e78375-8e7d"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
36477
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
55653.jpg
crooksandliars.com/files/imagecache/featured_650/mediaposters/2024/09/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/featured_650/mediaposters/2024/09/55653.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
7d7af1f6c6027dcac278577529ae155182da451be8906544bb7ff680620749a1

Request headers

Referer
https://crooksandliars.com//team//john/-amato
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
last-modified
Sun, 15 Sep 2024 21:27:13 GMT
server
nginx
etag
"66e75131-af57"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
44887
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
5b03b132-0fc5-40d4-8fbc-731985f55a06.js
d3lcz8vpax4lo2.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3/ 		455 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3/5b03b132-0fc5-40d4-8fbc-731985f55a06.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:9000:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ee3e4b488dcaceabab3b95b91d4066a2d2496ddbdbd3d0c0002231fac2d9d4fc

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
aptGrF0bVCsM3gh6vHymOMW65UTBeUKm
content-encoding
br
via
1.1 81cb77eb84eee291ebbd90b4c274c1c4.cloudfront.net (CloudFront)
date
Mon, 16 Sep 2024 01:21:55 GMT
x-amz-cf-pop
FRA60-P6
age
10254
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 08 Aug 2024 14:08:28 GMT
server
AmazonS3
etag
W/"3a95ec10199de38b2a8f4b8d238b600f"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-id
6GXkSHblTK2YVNrgBcP2Zy3_f7ZT14bo0oF0LMM87cazogeVGdnIEQ==
5b03b132-0fc5-40d4-8fbc-731985f55a06-hb.js
d3lcz8vpax4lo2.cloudfront.net/header-tags/bf354797-2feb-4d2a-ad39-b31b027bc5f3/ 		123 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/header-tags/bf354797-2feb-4d2a-ad39-b31b027bc5f3/5b03b132-0fc5-40d4-8fbc-731985f55a06-hb.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:9000:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1cf75dc14a8eef40549a945c423a03fb9488250b4d9b0c6cc25ff0d4dbfbb86c

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
pp5chJg6wBYq8inCdfuefK0JMv7to467
content-encoding
br
via
1.1 81cb77eb84eee291ebbd90b4c274c1c4.cloudfront.net (CloudFront)
date
Mon, 16 Sep 2024 04:08:19 GMT
x-amz-cf-pop
FRA60-P6
age
38
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 14 Sep 2024 08:21:00 GMT
server
AmazonS3
etag
W/"55e37f9b24b6c19ec0dd5d8980b50a78"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-id
m-kVJhiKdMSBLopr5BtTr84Gb9osOpaxrnErvHQC_Iif4WzgjMQP2Q==
5b03b132-0fc5-40d4-8fbc-731985f55a06-dmp.js
d3lcz8vpax4lo2.cloudfront.net/header-tags/bf354797-2feb-4d2a-ad39-b31b027bc5f3/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/header-tags/bf354797-2feb-4d2a-ad39-b31b027bc5f3/5b03b132-0fc5-40d4-8fbc-731985f55a06-dmp.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:9000:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91c714817155d5ba88496036401939bfb04ce0af83178e4a0a57fa48ee0603ca

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
_sni9lX6mu8hFl1m53D800.oK9xDAnth
content-encoding
br
via
1.1 81cb77eb84eee291ebbd90b4c274c1c4.cloudfront.net (CloudFront)
date
Mon, 16 Sep 2024 04:08:19 GMT
x-amz-cf-pop
FRA60-P6
age
38
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 14 Sep 2024 08:21:00 GMT
server
AmazonS3
etag
W/"25fb6026c4470ff5949c6941c0dcb451"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-id
kPXSsxv9DqyVnK8Aiz-E4bOTFHeKlISJbwQmv2F65oA4WkdU9Po_nw==
/
geoip.instiengage.com/json/ 		241 B
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.instiengage.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.238.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-238-254.compute-1.amazonaws.com
Software
/
Resource Hash
f766489f29fd283b6ced293d10433d30f941dd81b298b6e603512d6c019390c5

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Mon, 16 Sep 2024 04:08:20 GMT
access-control-allow-credentials
true
x-database-date
Sun, 15 Sep 2024 08:02:42 GMT
content-length
241
vary
Origin
content-type
application/json
index.html
auth.instiengage.com/auth/ Frame 5534 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/index.html
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:ac00:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://crooksandliars.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
90
cache-control
max-age=300
content-length
75
content-type
text/html
date
Mon, 16 Sep 2024 04:06:51 GMT
etag
"2e3d17ce9023be2c1313c02113f5c568"
last-modified
Tue, 16 Jul 2024 12:05:16 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
x-amz-cf-id
MuDDiOJ0HHuLSxIPcndGNRCL6pacmMqdL3ctkJKHdaRuqbcphbh4CQ==
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
moPMP4k2cVXVdeI1Q.tOg6xtomkFE0ZD
x-cache
Hit from cloudfront
sdk.js
connect.facebook.net/en_US/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=bb8fc827f1e8746e19de2a35ff59d04d
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ef68fe54ada8977621ed05518392a25094ac3f58a83fbf3a6d340bb94247696b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://crooksandliars.com/
Origin
https://crooksandliars.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 16 Sep 2024 04:08:19 GMT
content-md5
DuyXt93yGCmJoljbM0Gg8Q==
document-policy
force-load-at-top
x-fb-server-load
62
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
89219
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=23, mss=1232, tbw=4409, tp=8, tpl=0, uplat=0, ullat=-1
x-fb-debug
jovjAXF5KTzUwUG60hX21saVc+tOjObpqwombY9Ohefg0mYbtPyXmGzNYsHxDx3ly1wvvUz/SsMpXfrZiERxPw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
cc721cfc681fa3e739bc716034fd8600
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"e159563b174f453a3a23394addbc5414"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Tue, 16 Sep 2025 03:19:37 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:6fdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
785d3e9ea187b7242e1a4365a48c3fd95dd7a469245d24c6769b8d46c4ef4b81
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:19 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2411
etag
W/"7e91359b46e1da637080a03b759164fa"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8c3dfea4dd3f363c-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Sep 2024 04:08:19 GMT
event
event.insticator.com/v1/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/bf354797-2feb-4d2a-ad39-b31b027bc5f3/5b03b132-0fc5-40d4-8fbc-731985f55a06-dmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.73.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-73-182.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Mon, 16 Sep 2024 04:08:20 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.73.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-73-182.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://crooksandliars.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://crooksandliars.com
access-control-max-age
3600
content-length
0
date
Mon, 16 Sep 2024 04:08:20 GMT
vary
Origin
tag
btloader.com/ 		85 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=4879373895204864&upapi=true
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/bf354797-2feb-4d2a-ad39-b31b027bc5f3/5b03b132-0fc5-40d4-8fbc-731985f55a06-hb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:293c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73d198eec600bf9510e50046186bc60fdef27ffff5b5d10e31854e0f0492c314

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Mon, 16 Sep 2024 03:26:36 GMT
server
cloudflare
age
2451
etag
"720f720e4606b7928d8492616d89ef5a"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
x-robots-tag
noindex, nofollow
cf-ray
8c3dfea54e019b5d-FRA
content-length
26466
/
geoip.insticator.com/json/ 		241 B
429 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/bf354797-2feb-4d2a-ad39-b31b027bc5f3/5b03b132-0fc5-40d4-8fbc-731985f55a06-hb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.207.73.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-207-73-182.compute-1.amazonaws.com
Software
/
Resource Hash
f766489f29fd283b6ced293d10433d30f941dd81b298b6e603512d6c019390c5

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Mon, 16 Sep 2024 04:08:20 GMT
access-control-allow-credentials
true
x-database-date
Mon, 16 Sep 2024 02:18:29 GMT
content-length
241
vary
Origin
content-type
application/json
5b03b132-0fc5-40d4-8fbc-731985f55a06.js
d3lcz8vpax4lo2.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3/ 		455 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3/5b03b132-0fc5-40d4-8fbc-731985f55a06.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/bf354797-2feb-4d2a-ad39-b31b027bc5f3/5b03b132-0fc5-40d4-8fbc-731985f55a06-hb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:9000:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ee3e4b488dcaceabab3b95b91d4066a2d2496ddbdbd3d0c0002231fac2d9d4fc

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
aptGrF0bVCsM3gh6vHymOMW65UTBeUKm
content-encoding
br
via
1.1 81cb77eb84eee291ebbd90b4c274c1c4.cloudfront.net (CloudFront)
date
Mon, 16 Sep 2024 01:21:55 GMT
x-amz-cf-pop
FRA60-P6
age
10254
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 08 Aug 2024 14:08:28 GMT
server
AmazonS3
etag
W/"3a95ec10199de38b2a8f4b8d238b600f"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-id
6GXkSHblTK2YVNrgBcP2Zy3_f7ZT14bo0oF0LMM87cazogeVGdnIEQ==
config.js
cdn.confiant-integrations.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/ 		129 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/bf354797-2feb-4d2a-ad39-b31b027bc5f3/5b03b132-0fc5-40d4-8fbc-731985f55a06-hb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adf4c837e06903430b427e34ed4aaf493adc435b331cf8003a201f71daa5e5a1

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
VNNA8WQZT5M8FNZ1
age
134
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
28333
x-amz-id-2
9ziWQfiEnB0gu+uPolbJUpbHl0CDHmXeFQeNGVNF27Q49NkShDOCvRKRPCHuwcwBhJJS1gWk5wo=
last-modified
Mon, 16 Sep 2024 04:02:27 GMT
server
cloudflare
etag
"a59cfa85781ed9d588fd56cba3e32947"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
cf-ray
8c3dfea53b85d376-FRA
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409110101/ 		480 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409110101/pubads_impl.js?cb=31087006
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d72bb9bb78332c65fa76e41498792ef6a1b87f65fdd702e39758d6501d57a45c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 14:24:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
49442
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153463
x-xss-protection
0
server
cafe
etag
8412016981113913088
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 15 Sep 2025 14:24:18 GMT
web
onesignal.com/api/v1/sync/6e53e4f0-debb-4365-bdbe-2806cd20ee52/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/6e53e4f0-debb-4365-bdbe-2806cd20ee52/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:6fdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6354deae735c3989483d185d09f73115648e1551d671dee0a947308b61623f17
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
age
381
cf-polished
origSize=5522
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
733d28bb-e0c8-4a35-969a-67cc8cb330a2
x-runtime
0.035015
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"18c2e2a993bb588b90cf4b2d4ace86fe"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
8c3dfea59dd8d3b9-FRA
access-control-allow-headers
SDK-Version
expires
Mon, 16 Sep 2024 05:08:20 GMT
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202408281111/ 		297 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202408281111/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f2626696382e9b963bbb2163ce47381c09359af9dea37965a9303b6ae1c1834

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
SSQWYQF98F3B57JY
age
1595602
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
107889
x-amz-id-2
F1OjrNoQMwSws0ydvQ2A1lneLz//82TWQ3/21OKMo9E3wC5VUUasTl/xBoTigNVTXi9hoROIpWY=
last-modified
Wed, 28 Aug 2024 15:18:26 GMT
server
cloudflare
etag
"4bba3a5ce05019f13906b73afe3a64fc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8c3dfea5ac51d376-FRA
px.gif
ad-delivery.net/ 		43 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2553409
x-guploader-uploadid
ABPtcPqRtnRhbEjR725uVT1Yizf1XtfvDbBWoyIkpVjboRSmpGBLY2bXWXB9v_YhC8s4Mtbu9MUNtSfBrA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ccn4p7oJWTbCBkidfmOgIWksBF9%2BHoQxnNPnLyw5iEmuTdiDqPgQYOiA1sKi%2FGwL6w2IQKPNIYPuzWumKFh8SBiWM1j9xE4%2FUBp66E4dIa%2FML2fPMM78fMe5G9uV1IyiWm%2Bo7tzom4xRqkcSYw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8c3dfea5ca49193c-FRA
expires
Sat, 17 Aug 2024 15:14:46 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 06:50:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76699
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 16 Sep 2024 06:50:01 GMT
px.gif
ad-delivery.net/ 		43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.8892384443685806
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2553409
x-guploader-uploadid
ABPtcPqRtnRhbEjR725uVT1Yizf1XtfvDbBWoyIkpVjboRSmpGBLY2bXWXB9v_YhC8s4Mtbu9MUNtSfBrA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MM6Q1BIvPWfi%2FsmBViUCwyT8ByIrUycgvNQRgW%2FqS0OSPLQbKEvhdly1%2FeDPyhnwMZNsCyBmrFl37CXDnoXI45MxMtAi3loTFdl2ef53hPNqt1sRc0mM%2BbyzvAxPdMBnAJaRZY56J90uodNByQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8c3dfea5ca46193c-FRA
expires
Sat, 17 Aug 2024 15:14:46 GMT
js
www.googletagmanager.com/gtag/ 		292 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MBSB7S97P1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2640119-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f2014f4c968c15546e5f734704f0cc98151f3de2eb9118a5930e326f8bbb7b21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
101215
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 16 Sep 2024 04:08:20 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2640119-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 16 Sep 2024 04:02:04 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
376
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 16 Sep 2024 06:02:04 GMT
event
tr.crooksandliars.com/api/ 		2 B
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tr.crooksandliars.com/api/event
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/sites/all/modules/custom/cl_analytics/public/resources/analytics.plausible.js?v=d21e6856a25360ef33cc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
server
nginx
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
2
x-request-id
F_Wd80wqh_XQyEUdh4bB
infolinks_main.js
resources.infolinks.com/js/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/infolinks_main.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caf2f11a5ecde99dae998a54cf3be6c60478903612ae2cf76b395f7accd9d657

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 12 Sep 2024 07:46:33 GMT
server
cloudflare
age
1234
etag
W/"1092-621e74e2ec89c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
8c3dfea5ec3d65d4-FRA
expires
Mon, 16 Sep 2024 04:47:46 GMT
i.js
tag.bounceexchange.com/3601/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.bounceexchange.com/3601/i.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
250.253.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
19aa071845d2515d70a65288ab1531b2b59b4d398c73a16c3aa30ca9963f0848

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:01:58 GMT
content-encoding
gzip
x-envoy-decorator-operation
tag-router.tag-router.svc.cluster.local:80/*
via
1.1 google
age
382
x-envoy-upstream-service-time
0
x-region
us-central1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1901
server
istio-envoy
etag
8a71e5197f91ba
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=60
timing-allow-origin
*
link
<https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect
1010624
fundingchoicesmessages.google.com/i/ 		208 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/1010624?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409110101/pubads_impl.js?cb=31087006
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5380dd60a797b5f7b20912834018f60e741fd7233bfb1b2fe5bf79737e4e0b2f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-iISrBbEcthAYYqfveRCv3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
content-security-policy
script-src 'report-sample' 'nonce-iISrBbEcthAYYqfveRCv3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw15BiOO90h-k6EEt8fcmkBsRO6TNYA4C49eY51slAnPTvPGsBELtrXWT1B-IlERdZDyReZDVUuMRqD8SqPZdYjYH4_rpLrM-BeO_HS6xHgbhI4gprAxALcXNsuTdvO5vAgl0PopQ0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDCwNjfQMTOMLDAD1GkFL"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
latest.js
global.proper.io/payloads/ 		622 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/payloads/latest.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/crooksandliars.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-100.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3682ce850eb37d9c7692129c5bb2df91e13d1dbb91cd6e3a6f0cf04f0c62c942

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 14:39:12 GMT
content-encoding
br
via
1.1 67697a0060e2336f6ffa8579d528820e.cloudfront.net (CloudFront)
last-modified
Thu, 12 Sep 2024 16:09:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P8
age
48549
etag
W/"39dfab4eafaedc7517425f8be740bc5b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
1YxWNSXypPFboSl84s2aqwB76jLBH8UbHw3XkADQzsmL5qbDGO0N6Q==
px.gif
abcheck.proper.io/ 		842 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abcheck.proper.io/px.gif?ch=1&rn=7.438612295958791
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-104.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 00:30:32 GMT
via
1.1 1e498d046330e15095a1a2a958463bf4.cloudfront.net (CloudFront)
last-modified
Thu, 06 Jan 2022 18:51:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
13071
etag
"04b36c8411ae7bf7a8c369fa94b30e56"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
842
x-amz-cf-id
SkRKAhi6jCS1FFB_VwGZMZzw_hT89CgnBCBqch4w6-Xh5ZJfCGIyiQ==
px.gif
abcheck.proper.io/ 		842 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abcheck.proper.io/px.gif?ch=2&rn=7.438612295958791
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-104.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 00:30:32 GMT
via
1.1 1e498d046330e15095a1a2a958463bf4.cloudfront.net (CloudFront)
last-modified
Thu, 06 Jan 2022 18:51:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
13071
etag
"04b36c8411ae7bf7a8c369fa94b30e56"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
842
x-amz-cf-id
iOYJveh2WJHDLXL0vMBwpQAXd2b12UVUJgCBJ-8OS1QVFO4FAX0cSA==
skeleton.gif
static.adsafeprotected.com/ 		43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?service=ad&adid=bdfme&adnum=173472
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:5200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 10:57:05 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
61875
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
LCVsNViuAcnKwdqlcQ62ifbCFF8MsJBDA7FVFAC8BJDOw6HPOmI72Q==
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame A4F6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fcrooksandliars.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BB9) /
Resource Hash

Request headers

Referer
https://crooksandliars.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
15127492
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105429
Content-Type
text/html; charset=utf-8
Date
Mon, 16 Sep 2024 04:08:20 GMT
Etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified
Mon, 11 Dec 2023 17:19:49 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6BB9)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
country
api.btloader.com/ 		37 B
153 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country?o=4879373895204864
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=4879373895204864&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
pv
api.btloader.com/ 		0
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=91F1aQ7T&w=4907695571730432&o=4879373895204864&cv=2.1.53-2-g9f547cd&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fcrooksandliars.com%2F%2Fteam%2F%2Fjohn%2F-amato&sid=4CwVldsxcA&pm=true&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=4879373895204864&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 16 Sep 2024 04:08:20 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
collect
www.google-analytics.com/j/ 		1 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2056600757&t=pageview&_s=1&dl=https%3A%2F%2Fcrooksandliars.com%2F%2Fteam%2F%2Fjohn%2F-amato&ul=de-de&de=UTF-8&dt=Our%20Team%20%7C%20Crooks%20and%20Liars&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1247311827&gjid=1740098990&cid=1893553979.1726459700&tid=UA-2640119-1&_gid=1365662621.1726459700&_r=1&gtm=457e4990za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&cd5=team%2Fjohn%2F-amato&jsscut=1&npa=1&z=2135902936
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Sep 2024 04:08:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://crooksandliars.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ice.js
resources.infolinks.com/js/1944.014-4.010/ 		192 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1944.014-4.010/ice.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d69760be287d1e9365ec5c512978eef33ff2134de1dd2bf425de5ccdd24b997

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 11 Sep 2024 12:21:40 GMT
server
cloudflare
age
12223
etag
W/"2fe37-621d7083bd1c3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
8c3dfea66c8665d4-FRA
expires
Wed, 16 Oct 2024 00:44:37 GMT
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-MBSB7S97P1&gtm=45je4990v886290966za200&_p=1726459699937&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1893553979.1726459700&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1726459700&sct=1&seg=0&dl=https%3A%2F%2Fcrooksandliars.com%2F%2Fteam%2F%2Fjohn%2F-amato&dt=Our%20Team%20%7C%20Crooks%20and%20Liars&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1305
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MBSB7S97P1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Sep 2024 04:08:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://crooksandliars.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-MBSB7S97P1&cid=1893553979.1726459700&gtm=45je4990v886290966za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MBSB7S97P1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Sep 2024 04:08:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://crooksandliars.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-MBSB7S97P1&cid=1893553979.1726459700&gtm=45je4990v886290966za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=415108047
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Sep 2024 04:08:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
quant.js
secure.quantserve.com/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
content-encoding
gzip
etag
"tIg8n6xaLBY4WwNLLw9OGA=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 23 Sep 2024 04:08:20 GMT
bidding
bids.proper.io/api/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.proper.io/api/bidding
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.240.96.48 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-96-48.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 16 Sep 2024 04:08:20 GMT
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
runtime_c81e76ee00d795b1eebf8d27949f8dc5.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		908 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/runtime_c81e76ee00d795b1eebf8d27949f8dc5.br.js
Requested by
Host: tag.bounceexchange.com
URL: https://tag.bounceexchange.com/3601/i.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
546e554a3c51ce180d022de9ff5506f14603b38d40ece9f2be43c88328358a52

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 20:50:40 GMT
content-encoding
br
ad-auction-allowed
true
age
544660
x-guploader-uploadid
AD-8ljv653H8H6eJk5vMvYgEgVWU7DKNUGcde-a4zr1Y21N7XwaknHkGHd2ZWyNS5WEyXgzaKUQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
509
last-modified
Mon, 09 Sep 2024 20:50:37 GMT
server
UploadServer
etag
"1c2c5753dfb57640a8ba54f111934b30"
x-goog-generation
1725915037857422
x-goog-hash
crc32c=zwy9lg==, md5=HCxXU9+1dkCoulTxEZNLMA==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
509
accept-ranges
bytes
content-type
text/javascript
AGSKWxWb23vb1-iJL7JFN6b_8sWcQ2z6DeLIgoepGT3cGEOxC92_xTozoKIjQ_gbZ8F2T9Kl0qlq6CUOCX0rjDrIVWtgEUR_NshCcgOBh8iEC_YhISsHTnA1imToH1sL54K5_PjY6-6wag==
fundingchoicesmessages.google.com/f/ 		404 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWb23vb1-iJL7JFN6b_8sWcQ2z6DeLIgoepGT3cGEOxC92_xTozoKIjQ_gbZ8F2T9Kl0qlq6CUOCX0rjDrIVWtgEUR_NshCcgOBh8iEC_YhISsHTnA1imToH1sL54K5_PjY6-6wag==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI2NDU5NzAwLDMzMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9jcm9va3NhbmRsaWFycy5jb20vL3RlYW0vL2pvaG4vLWFtYXRvIixudWxsLFtbOCwiZ1Q2X0pJdlZxdEEiXSxbOSwiZGUiXSxbMjAsIltudWxsLG51bGwsWzk1MzQwMjUwXSxudWxsLDE0XSJdLFsxOSwiMSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.gT6_JIvVqtA.es5.O/am=KBg/d=1/rs=AJlcJMwRpqh1JG3EKV2wxWctSdZmYHrOrA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a2431f9d129bc3eadcc0a6b829cbeeffcdbe4374b4d08317bbb51f1db5fa4ec3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-W6Sq0JhMBf1ntOoHMWWl6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
content-security-policy
script-src 'report-sample' 'nonce-W6Sq0JhMBf1ntOoHMWWl6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmII0pBiOHHrNtMFID7vdIfpOhBLfH3JpAbETukzWAOAuPXmOdbJQJz07zxrARC7a11k9QfiJREXWQ8kXmQ1VLjEag_Eqj2XWI2B-P66S6zPgXjvx0usR4G4SOIKawMQC_FwbLk3bzubwIGfN3cxKmkk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYWBoa6RmYxhcYAAB0QEce"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
manage
router.infolinks.com/usync/ Frame 6BF1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/manage?pid=3325427&wsid=0&pdom=crooksandliars.com&purl=https%3A%2F%2Fcrooksandliars.com%2F%2Fteam%2F%2Fjohn%2F-amato
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1944.014-4.010/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://crooksandliars.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8c3dfea78da6656b-AMS
content-length
0
date
Mon, 16 Sep 2024 04:08:20 GMT
server
cloudflare
via
1.1 google
lcmanage
router.infolinks.com/usync/ 		0
43 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/lcmanage?pid=3325427&wsid=0&pdom=crooksandliars.com&purl=https%3A%2F%2Fcrooksandliars.com%2F%2Fteam%2F%2Fjohn%2F-amato
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1944.014-4.010/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8c3dfea74d2365d4-FRA
content-length
0
gsd
router.infolinks.com/ 		319 B
489 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/gsd?evt=afterGSD&pid=3325427&pdom=crooksandliars.com&purl=https%3A%2F%2Fcrooksandliars.com%2F%2Fteam%2F%2Fjohn%2F-amato&jsv=1944.014-4.010&_cb=17264597003560
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1944.014-4.010/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d916dbd80771d9244ae09a56803a75407428c08a0eba3fa3410964abbf1d066a

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Sep 2024 04:08:20 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/javascript;charset=UTF-8
p3p
CP="NON DSP NID OUR COR"
cache-control
max-age=0
cf-ray
8c3dfea74d2465d4-FRA
expires
Thu, 01 Jan 1970 00:00:00 GMT
rules-p-mEzuYq24VEJ-3.js
rules.quantcount.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2541943eb1b759367d198f4b470134d85aadc1bf18a48da5e49de3c61b9a59ac

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 03:30:37 GMT
content-encoding
gzip
via
1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
2263
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Fri, 14 Oct 2022 00:52:56 GMT
server
AmazonS3
etag
W/"bc35b7c476efec25f5c48ba8fb7b9906"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
LVbJihW_-BTFgfk_oLtzOSNjLIMpE_JOp-XuFiODtdZP6t2CGzZzuA==
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:6fdf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2206
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
8c3dfea75872d3b9-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Wed, 16 Oct 2024 04:08:20 GMT
main-v2_9d211eb186177a1005c747735de6140a.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		514 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_9d211eb186177a1005c747735de6140a.br.js
Requested by
Host: tag.bounceexchange.com
URL: https://tag.bounceexchange.com/3601/i.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2aa7d34f035906f4d5039227e2d40c1d5d2863794f1e042a8a20e13a1b16dd30

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 13:25:10 GMT
content-encoding
br
ad-auction-allowed
true
age
225790
x-guploader-uploadid
AD-8ljszX0rd1VrTGKguvLb7L01uOr4vfA19J-fOfCVS0K59UwMqysK3hjhaaL4L1HEGyDEiQClJkhLCnA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
114633
last-modified
Fri, 13 Sep 2024 13:24:58 GMT
server
UploadServer
etag
"86660a498dc1afb96826e43f2316a91e"
x-goog-generation
1726233898916550
x-goog-hash
crc32c=6nl7zg==, md5=hmYKSY3Br7loJuQ/IxapHg==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
114633
accept-ranges
bytes
content-type
text/javascript
onsite-v2_abbdf7a49be9b52b097917b7b527b262.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite-v2_abbdf7a49be9b52b097917b7b527b262.br.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_9d211eb186177a1005c747735de6140a.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a8b68b46f44aac34f59d2926e8db6bdae4bc3b7fe3aad60948e97f428b087531

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 15:06:47 GMT
content-encoding
br
ad-auction-allowed
true
age
478893
x-guploader-uploadid
AD-8ljs3a7MDtQunl00QIXljKUZRQmopFsHgKSnf_eLHvQkKH7j0N149g89b3RGMxvHTjE7fLfs
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5039
last-modified
Mon, 09 Sep 2024 20:50:29 GMT
server
UploadServer
etag
"13eb7a6c2a8c85bdca9cba840b00db2c"
x-goog-generation
1725915029715220
x-goog-hash
crc32c=YWhgXQ==, md5=E+t6bCqMhb3KnLqECwDbLA==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
5039
accept-ranges
bytes
content-type
text/javascript
ads-v2_005ab6b05ecd8ae76686b26c919990d4.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		165 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/ads-v2_005ab6b05ecd8ae76686b26c919990d4.br.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_9d211eb186177a1005c747735de6140a.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
28460b0249f720da5a2c3dc54e26ee895e6611c4ba71eca598e0e3124b9e866f

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 12 Sep 2024 16:48:14 GMT
content-encoding
br
ad-auction-allowed
true
age
300006
x-guploader-uploadid
AD-8ljtW6tWl-y2_udIRhK7Bh59c2ygI6_mwvVrWnL_m3GvEOil4pCpWUedyqNBj8y546Ax6xBw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37889
last-modified
Wed, 11 Sep 2024 16:09:00 GMT
server
UploadServer
etag
"48fe2805c5d6f274d92851152a4a02a1"
x-goog-generation
1726070940633643
x-goog-hash
crc32c=BD5Lfw==, md5=SP4oBcXW8nTZKFEVKkoCoQ==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
37889
accept-ranges
bytes
content-type
text/javascript
css
fonts.googleapis.com/ 		109 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.gT6_JIvVqtA.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzGPo4wpIwb-fU41USyPNoi4itpjg/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fd3090687e1d99f2bf2ec597b58d68f93ef721f6be2faf30f4dbbe76160781b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 16 Sep 2024 04:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 16 Sep 2024 04:08:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 16 Sep 2024 04:08:20 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
Origin
https://crooksandliars.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 00:52:45 GMT
x-content-type-options
nosniff
age
184535
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Sep 2025 00:52:45 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
Origin
https://crooksandliars.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 11:41:59 GMT
x-content-type-options
nosniff
age
491181
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Sep 2025 11:41:59 GMT
AGSKWxUZ9lfBeLQKO453_HDgk3wyhOpz7wdnroKSdlvmuJtLN9ZYZTJkrgLFws9TAPLSspjePkc9RIV5hrphvwH1ld6KMva6kD4F2lvCFww1YDaCN2oC5b__p5PfG1s6m-dnCc7Qd_GNdg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUZ9lfBeLQKO453_HDgk3wyhOpz7wdnroKSdlvmuJtLN9ZYZTJkrgLFws9TAPLSspjePkc9RIV5hrphvwH1ld6KMva6kD4F2lvCFww1YDaCN2oC5b__p5PfG1s6m-dnCc7Qd_GNdg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.gT6_JIvVqtA.es5.O/am=KBg/d=1/rs=AJlcJMwRpqh1JG3EKV2wxWctSdZmYHrOrA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Z-_MWWiKAfw7wfN-AqFTwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
content-security-policy
script-src 'report-sample' 'nonce-Z-_MWWiKAfw7wfN-AqFTwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0ZBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDi23Ju3nU1gx_cHPxmVXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmBpaGRnoF5fIEBAJRgLuc"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUZ9lfBeLQKO453_HDgk3wyhOpz7wdnroKSdlvmuJtLN9ZYZTJkrgLFws9TAPLSspjePkc9RIV5hrphvwH1ld6KMva6kD4F2lvCFww1YDaCN2oC5b__p5PfG1s6m-dnCc7Qd_GNdg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUZ9lfBeLQKO453_HDgk3wyhOpz7wdnroKSdlvmuJtLN9ZYZTJkrgLFws9TAPLSspjePkc9RIV5hrphvwH1ld6KMva6kD4F2lvCFww1YDaCN2oC5b__p5PfG1s6m-dnCc7Qd_GNdg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.gT6_JIvVqtA.es5.O/am=KBg/d=1/rs=AJlcJMwRpqh1JG3EKV2wxWctSdZmYHrOrA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5mDGnHc3ELH5296rxgaqWQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
content-security-policy
script-src 'report-sample' 'nonce-5mDGnHc3ELH5296rxgaqWQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0JBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDi23Ju3nU1gwrXlvxiVXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmBpaGRnoF5fIEBAHEFLmo"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
jquery-3.7.1.min.js
assets.bounceexchange.com/assets/bounce/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/jquery-3.7.1.min.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_9d211eb186177a1005c747735de6140a.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 21:03:24 GMT
content-encoding
br
ad-auction-allowed
true
age
198296
x-guploader-uploadid
AD-8ljtPzleVbvgA0SQvfCzrxTWELmfrBB1JcCt5_uaZTKXelEAAbrSLnehC9p33ormo60kIWTQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31010
last-modified
Fri, 13 Sep 2024 13:24:36 GMT
server
UploadServer
etag
W/"2c872dbe60f4ba70fb85356113d8b35e"
vary
Accept-Encoding
x-goog-generation
1726233876530721
x-goog-hash
crc32c=fsBEgw==, md5=LIctvmD0unD7hTVhE9izXg==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
87533
accept-ranges
none
content-type
text/javascript; charset=UTF-8
doq.htm
rt3010.infolinks.com/action/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt3010.infolinks.com/action/doq.htm?pcode=utf-8&r=17264597005311
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1944.014-4.010/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c1d7658e8d878bd510950e3f3a67f98261bfc05b0e5087c5c0aeef4579a4fa1

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 16 Sep 2024 04:08:20 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/html;charset=UTF-8
access-control-allow-origin
https://crooksandliars.com
p3p
CP="NON DSP NID OUR COR"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-language
de-DE
cf-ray
8c3dfea89f4a929c-FRA
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
delivery.js
assets.newsmaxwidget.com/master/ 		159 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.newsmaxwidget.com/master/delivery.js
Requested by
Host: static.newsmaxfeednetwork.com
URL: https://static.newsmaxfeednetwork.com/web-clients/bootloaders/TdUGmQOcTfm6Or8W2H9nVT/bootloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-18.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1760bb9355d5a32c6b3d48ecf53dcfedeca08516b0b921682e9d0ce55ce74b26

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 16:43:45 GMT
content-encoding
br
via
1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea8.cloudfront.net (CloudFront)
last-modified
Fri, 13 Sep 2024 16:40:01 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P2
age
52657
x-amz-server-side-encryption
AES256
etag
W/"b00e2c9578a737dff7b6f33e21f10832"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=60
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
uFqASil6puAGoLsfAJkgNAEvwmjEN9jFrvRKfWK0osIOifNb3_pFnA==
generic
trends.newsmaxwidget.com/event/ 		0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.newsmaxwidget.com/event/generic?t=e0BexIGnHI9%2BpNjG49wkYEyVM4y3BQNxwkTNY7a7dgvvBvz6%2FYgrimsvlkxxk7S%2BA%2FaojW3WOF3%2FGbHkr3qzjPKHxbgzvCAowRUaLS4dKWY%3D&e=adapty&s[ref]=https%3A%2F%2Fcrooksandliars.com%2F%2Fteam%2F%2Fjohn%2F-amato&s[hash]=TdUGmQOcTfm6Or8W2H9nVT
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com//team//john/-amato
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.72.195.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-195-79.eu-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-rc-region
eu-west-1c
date
Mon, 16 Sep 2024 04:08:20 GMT
strict-transport-security
max-age=931536000; includeSubDomains
x-envoy-upstream-service-time
5
server
envoy
content-length
0
vary
Origin
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ 		222 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.28.88.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-88-244.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:25:40 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=102126
accept-ranges
bytes
content-length
68444
expires
Tue, 17 Sep 2024 08:30:26 GMT
counter.js
soapps.net/live/loader/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://soapps.net/live/loader/counter.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/sites/all/themes/cl_theme21/public/resources/theme21.js?v=003b06a5e1bb72e0f970
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.160.11.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-160-11-30.compute-1.amazonaws.com
Software
/
Resource Hash
30bf607ef33c013829ed5a1d387208c951ea941767cb2a1df7a4e0b6aa1556ff
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Mon, 16 Sep 2024 04:08:21 GMT
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Encoding
gzip
Last-Modified
Wed, 03 Apr 2024 11:38:04 GMT
ETag
W/"660d3f9c-6001"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=300
Connection
keep-alive
favicon.ico
crooksandliars.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://crooksandliars.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
d4fd8064307c2928ab571b6bed4556949a9b873501b9fce4d0314524810db5cf

Request headers

Referer
https://crooksandliars.com//team//john/-amato
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
last-modified
Tue, 09 Nov 2021 02:27:36 GMT
server
nginx
etag
"6189dc98-47e"
content-type
image/x-icon
cache-control
max-age=315360000
accept-ranges
bytes
content-length
1150
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
in_search.js
resources.infolinks.com/js/1944.014-4.010/ 		235 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1944.014-4.010/in_search.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1944.014-4.010/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b251749e04ba1d0a4dcd53781ebf83415823829c9f36ee5102372f98ab40d8a2

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 11 Sep 2024 12:21:40 GMT
server
cloudflare
age
11600
etag
W/"3aaea-621d7083bd1c3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
8c3dfeaabf3965d4-FRA
expires
Wed, 16 Oct 2024 00:55:00 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		421 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1944.014-4.010/ice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f23d794de0666d3cc3f739695e8993baa22cc4f761f71cb5f88e42ce431cf3a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147237
x-xss-protection
0
expires
Mon, 16 Sep 2024 04:08:20 GMT
container-4.0.html
resources.infolinks.com/static/ Frame 5358 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/static/container-4.0.html
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1944.014-4.010/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://crooksandliars.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age
5603
cache-control
max-age=2592000
cf-cache-status
HIT
cf-ray
8c3dfeaacff6656b-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 16 Sep 2024 04:08:20 GMT
expires
Wed, 16 Oct 2024 02:34:57 GMT
last-modified
Mon, 18 Dec 2023 15:25:02 GMT
server
cloudflare
vary
Accept-Encoding
via
1.1 google
getads.htm
rt3010.infolinks.com/action/ 		572 B
538 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3010.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22news%22%2C%22scs%22%3A%22X-SS_687YI%22%7D%5D&rid=b248c2b8-757d-4a1d-8289-0a05ea894341&jsv=1944.014-4.010&sr=1600X1200&rts=1726459700939&cfv=-1&cb=getAdsResponse&os=Linux&ov=x86_64&br=Chrome&bv=128.0.0.0&dv=p&ce=t&purl=https%3A%2F%2Fcrooksandliars.com%2F%2Fteam%2F%2Fjohn%2F-amato&tzo=%2B0200&c=c&strg=true&sua=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D&rsd=vqgkwr5eA6gEKuaeVBxBJ6jX7H2hLQOdBs2aI-pPfiEmQ6mqCXrSfty4LgnG1VQRCw5ktJjDoV-lCrjPChKPv9S76tkljgNWS1PoctZNqxY4ioibURjs6NZz2gJ-5OX2kt7m75bg-LOvGWfJwDXoGdxRXGI7a0FQ&rsk=21&rcs=7Zn1crHEKq46S239Wfcx8Q&cuid=e42d9993-6226-4323-890b-e4bfd244e581&hbnr=false
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1944.014-4.010/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e13fa37c7fde570bff32dd3e9e2b835c5834ea6b7d2db8e5c9eb41520419c15

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Sep 2024 04:08:21 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-language
de-DE
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
8c3dfeaaef5365d4-FRA
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
ima_ppub_config
securepubads.g.doubleclick.net/pagead/ 		725 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fcrooksandliars.com%2F%2Fteam%2F%2Fjohn%2F-amato
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9c8d838d58c2d809550dedb481f8548a10ff3c2b7a379d25cd37cc935584e32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
179
x-xss-protection
0
expires
Mon, 16 Sep 2024 04:08:21 GMT
favicon.ico
crooksandliars.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://crooksandliars.com/favicon.ico?e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
d4fd8064307c2928ab571b6bed4556949a9b873501b9fce4d0314524810db5cf

Request headers

Referer
https://crooksandliars.com//team//john/-amato
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:21 GMT
last-modified
Tue, 09 Nov 2021 02:27:36 GMT
server
nginx
etag
"6189dc98-47e"
content-type
image/x-icon
cache-control
max-age=315360000
accept-ranges
bytes
content-length
1150
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
trends.newsmaxwidget.com/api/demand/ 		54 B
316 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.newsmaxwidget.com/api/demand/?w=167087&us_privacy=1---&wlw=newsmaxwidget.com
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.72.195.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-195-79.eu-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash
47b726fd18aa3355c7f0277952419c5e1b33d3347ee2e4eff5e9b9be73040549
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-rc-region
eu-west-1c
date
Mon, 16 Sep 2024 04:08:21 GMT
strict-transport-security
max-age=931536000; includeSubDomains
server
envoy
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
content-length
54
/
trends.newsmaxwidget.com/api/delivery/ 		18 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.newsmaxwidget.com/api/delivery/?is_blocked=undefined&w=167087&width=1600&us_privacy=1---&rev_allow_cookies=0&site_url=https%3A%2F%2Fcrooksandliars.com%2F%2Fteam%2F%2Fjohn%2F-amato&icr_url=&va=0&user_uuid=undefined&time=1726459701082&up=pc&bn=chrome&bv=128&widget_width=300&style_id=0&an=false&mr=false
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.72.195.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-195-79.eu-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash
fa48dd40b2dcee168d499fcb4b7332442d43fc2a5beb983cb48575a85b05cd9b
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-rc-region
eu-west-1c
date
Mon, 16 Sep 2024 04:08:21 GMT
strict-transport-security
max-age=931536000; includeSubDomains
content-encoding
gzip
server
envoy
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
84
impression
trends.newsmaxwidget.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.newsmaxwidget.com/event/impression
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.72.195.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-195-79.eu-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-rc-region
eu-west-1c
date
Mon, 16 Sep 2024 04:08:21 GMT
strict-transport-security
max-age=931536000; includeSubDomains
server
envoy
vary
Origin
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
defaultWidget~feedWidget.fc0759b5.delivery.js
assets.revcontent.com/master/ 		30 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/defaultWidget~feedWidget.fc0759b5.delivery.js
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-77.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c42fe8b25d562fb8a997b6b46e32c6d95d0c8d541e5a801b630b2f846fabf38

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 16:40:05 GMT
content-encoding
br
via
1.1 abf16b943a9b4039b87ccdb094d9303e.cloudfront.net (CloudFront)
last-modified
Fri, 13 Sep 2024 16:40:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
age
41297
x-amz-server-side-encryption
AES256
etag
W/"fd80945f9733ec4f10d317a3124a1d4e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=60
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
_IK75TG8QqBFL40tE5jXszMlvloPJ3XTk1lyJQqc28rack774KVeYA==
defaultWidget.fc0759b5.delivery.js
assets.revcontent.com/master/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/defaultWidget.fc0759b5.delivery.js
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-77.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8fa5deb87fcd2378185227321ae20ce283f190455da484428fe964250e7bce59

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 16:40:13 GMT
content-encoding
gzip
via
1.1 abf16b943a9b4039b87ccdb094d9303e.cloudfront.net (CloudFront)
last-modified
Fri, 13 Sep 2024 16:40:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
age
41297
x-amz-server-side-encryption
AES256
etag
W/"73256e1256a6260b764c62fe4a204400"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=60
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
wdFv1Dd0rQp8sLd8dtAsXUXgmo8djQbGUbvCGmvg9tlGuppWEy58vw==
/
img.revcontent.com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-81.fra56.r.cloudfront.net
Software
envoy /
Resource Hash
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Wed, 04 Oct 2023 06:35:00 GMT
via
1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
last-modified
Thu, 01 Jun 2023 15:43:57 GMT
server
envoy
x-amz-cf-pop
FRA56-P2
age
30058401
etag
"a798d6ed9b193888fbc8a4a5bd7b51c236f8aa33"
x-cache
Hit from cloudfront
content-type
image/png
x-envoy-upstream-service-time
60
alt-svc
h3=":443"; ma=86400
content-length
1351
x-amz-cf-id
j5fySpWSlW96sdddvnR0ROMz921y5C-ZiJ3C_dL91whM5lpHMXM1-A==
adview.htm
rt3010.infolinks.com/action/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt3010.infolinks.com/action/adview.htm?rid=b248c2b8-757d-4a1d-8289-0a05ea894341&bdc=1&midx=0&emd=NTd-bnVsbF9ibG9vbWluZ2RhbGVzXzcyOHg5MA&rts=1726459701247&prod_t=d&jsv=1944.014-4.010&skin=sidebar&theme=nologo&sdata=news&scs=X-SS_687YI&rsd=vqgkwr5eA6gEKuaeVBxBJ6jX7H2hLQOdBs2aI-pPfiEmQ6mqCXrSfty4LgnG1VQRCw5ktJjDoV-lCrjPChKPv9S76tkljgNWS1PoctZNqxY4ioibURjs6NZz2gJ-5OX2kt7m75bg-LOvGWfJwDXoGdxRXGI7a0FQ&rsk=21&rcs=7Zn1crHEKq46S239Wfcx8Q
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1944.014-4.010/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Sep 2024 04:08:21 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/html;charset=UTF-8
access-control-allow-origin
https://crooksandliars.com
p3p
CP="NON DSP NID OUR COR"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cf-ray
8c3dfeacd8c8929c-FRA
content-length
0
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
bloomingdales_728x90.jpg
resources.infolinks.com/static/brands/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.infolinks.com/static/brands/bloomingdales_728x90.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a688d9d2a0809d848b6879524e5048bb07a91c0c3199666713b2c10e281332bb

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:21 GMT
via
1.1 google
cf-cache-status
HIT
age
13167
cf-polished
qual=85, origFmt=jpeg, origSize=20330
content-disposition
inline; filename="bloomingdales_728x90.webp"
content-length
10300
cf-bgj
imgq:85,h2pri
last-modified
Mon, 20 Mar 2023 11:30:07 GMT
server
cloudflare
etag
"4f6a-5f7533fc23200"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8c3dfeacd89a65d4-FRA
expires
Wed, 16 Oct 2024 00:28:54 GMT
truncated
/ 		264 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0b65c00692ce0f52849d6ee9cf5678d4f0932099cdd577ed2ce18ab3d2d6d7f9

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
66e1acbe627a72-42893429.webp
images.newsmaxwidget.com/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_faces:auto/pg_1/https://media.newsmaxwidget.com/content/images/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.newsmaxwidget.com/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_faces:auto/pg_1/https://media.newsmaxwidget.com/content/images/66e1acbe627a72-42893429.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-103.fra56.r.cloudfront.net
Software
cloudflare /
Resource Hash
1e966b3a92ed853593dcb85ceafe15eb26fcfcc617e810071a8fae39262b04c4
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 12 Sep 2024 00:46:28 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
357713
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
11660
x-request-id
ffb2447cd4b1e4d59e163a057c707244
last-modified
Thu, 12 Sep 2024 00:42:20 GMT
server
cloudflare
etag
"a47c8e0ebd2960d26e31fcc15aa60a23"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
8c1be1719b9f5b53-IAD
timing-allow-origin
*
x-amz-cf-id
JgWJJoVfVISgwtAud0l0DQvZa11Gz7Qrah8Og0y_iktC20plGd4JUA==
6685d2a3986e22-71827927.png
images.newsmaxwidget.com/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_faces:auto/pg_1/https://media.newsmaxwidget.com/content/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.newsmaxwidget.com/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_faces:auto/pg_1/https://media.newsmaxwidget.com/content/images/6685d2a3986e22-71827927.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-103.fra56.r.cloudfront.net
Software
cloudflare /
Resource Hash
00c830df4c404e5066964b33b15c650db94c260b14070b16102a5cec56434e73
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Wed, 11 Sep 2024 05:39:53 GMT
x-content-type-options
nosniff
via
1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
426508
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
11070
x-request-id
bd57214c39a2ca9e09dd454461a8f037
last-modified
Mon, 02 Sep 2024 09:32:51 GMT
server
cloudflare
etag
"f072a756a4cd2544db888e95797f5053"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
8bdb85c4fe1d72e7-IAD
timing-allow-origin
*
x-amz-cf-id
bvn9AyOlt2X8eOlhz4vRMlOvvz1ctqtuAykgdzL-ySnJuOZdp8EiBw==
6685a8651515f0-96299796.png
images.newsmaxwidget.com/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_faces:auto/pg_1/https://media.newsmaxwidget.com/content/images/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.newsmaxwidget.com/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_faces:auto/pg_1/https://media.newsmaxwidget.com/content/images/6685a8651515f0-96299796.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-103.fra56.r.cloudfront.net
Software
cloudflare /
Resource Hash
15ec6e1dfd817eb5d24b6f08df735f9ad28313614eb9377d5a18c4d9d0934130
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Wed, 11 Sep 2024 12:00:26 GMT
x-content-type-options
nosniff
via
1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
493705
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
14634
x-request-id
377493c05a28074bfac9273a8a29c974
last-modified
Wed, 04 Sep 2024 07:28:11 GMT
server
cloudflare
etag
"37c998404e3f7b3a308ee9aebe0b0db8"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
8bddc5ee58db081e-IAD
timing-allow-origin
*
x-amz-cf-id
wRY_NrDuRxe2CNdD97wPAz36VsCGoIqt4KbB1O98J-NLq5pmb7Ck9Q==
6660e6813b8a15-45159596.jpg
images.newsmaxwidget.com/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_faces:auto/pg_1/https://media.newsmaxwidget.com/content/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.newsmaxwidget.com/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_faces:auto/pg_1/https://media.newsmaxwidget.com/content/images/6660e6813b8a15-45159596.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-103.fra56.r.cloudfront.net
Software
cloudflare /
Resource Hash
205473ccfbbc1032b7104ee7947496a94b2d46e7aac524cc0f14e552a735b897
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Sat, 14 Sep 2024 13:40:42 GMT
x-content-type-options
nosniff
via
1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
164440
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
7981
x-request-id
024d4922431fa10027932cb7b0de80e1
last-modified
Sat, 07 Sep 2024 00:50:44 GMT
server
cloudflare
etag
"fd95c14f117dd42a1343a23953d8390f"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
8bf6ea3ecd9605ab-IAD
timing-allow-origin
*
x-amz-cf-id
ie7GclwZ_hOfVA6FttMkA1fYcFuHA6VmbzbEO_2CdPDwPeKpewhX0A==
665f80ccc35732-82250873.png
images.newsmaxwidget.com/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_faces:auto/pg_1/https://media.newsmaxwidget.com/content/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.newsmaxwidget.com/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_faces:auto/pg_1/https://media.newsmaxwidget.com/content/images/665f80ccc35732-82250873.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-103.fra56.r.cloudfront.net
Software
cloudflare /
Resource Hash
21408c20e75e6a84b71c3f4cb787bc34dac7db28a34bbc34db24856141770e48
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 10:59:56 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
493705
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
10395
x-request-id
c2a0a3877b4ca5cd45a07ee9d8306b49
last-modified
Thu, 05 Sep 2024 22:09:50 GMT
server
cloudflare
etag
"b8de0f4320c2efabe038128ea6f33463"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
8c0ee9533b3b82ce-IAD
timing-allow-origin
*
x-amz-cf-id
LuN-EActm7_ILVUIuI5tXWf9BoCR1G1QsH_MfS09WBS-Rlj8gAPvdg==
6148819f62b599-77314740.webp
images.newsmaxwidget.com/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_faces:auto/pg_1/https://media.newsmaxwidget.com/content/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.newsmaxwidget.com/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_faces:auto/pg_1/https://media.newsmaxwidget.com/content/images/6148819f62b599-77314740.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-103.fra56.r.cloudfront.net
Software
Cloudinary /
Resource Hash
e1537781b8b50f875c8ac669a3821940f774591fabc69d5d661bcf46794163b4
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 11 Sep 2024 19:23:47 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
377074
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
15141
x-request-id
e6fcc1e4f04a40913cd7e010ddb80a86
last-modified
Tue, 03 Sep 2024 06:04:40 GMT
server
Cloudinary
etag
"824e7ac38cb6dfd21208aa948f7d3fcb"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
b_xC7VzFIL8-g-bQ64ORDA0QggkqK-tNlXvlK7PVrywP0npaPnXY9w==
61487c805108f6-82420623.webp
images.newsmaxwidget.com/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_faces:auto/pg_1/https://media.newsmaxwidget.com/content/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.newsmaxwidget.com/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_faces:auto/pg_1/https://media.newsmaxwidget.com/content/images/61487c805108f6-82420623.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-103.fra56.r.cloudfront.net
Software
cloudflare /
Resource Hash
cb2db6bf62235b0c4d4d1bf17a8d410a74c94b0cd178079f0b9e120580c0b324
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 11 Sep 2024 18:28:17 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
380404
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
10218
x-request-id
2337a46b0e6b1b8abfd6b735428407ee
last-modified
Thu, 05 Sep 2024 18:39:17 GMT
server
cloudflare
etag
"58ad4c4570bc5c73bc2982708223b73b"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
cf-ray
8c19b7797836884f-IAD
timing-allow-origin
*
x-amz-cf-id
4eJslfkI2lmU57DVWdu0m_JQE3NHEsqyQPekz_cS4S4GDlyWhbOz-g==
614883c3316a86-24453729.jpg
images.newsmaxwidget.com/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_faces:auto/pg_1/https://media.newsmaxwidget.com/content/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.newsmaxwidget.com/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_faces:auto/pg_1/https://media.newsmaxwidget.com/content/images/614883c3316a86-24453729.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-103.fra56.r.cloudfront.net
Software
Cloudinary /
Resource Hash
82ec937d9b257e7bb5a8fcb1eca9f9a587bc266d127b90ece2069d495c90dd53
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Tue, 10 Sep 2024 02:50:46 GMT
x-content-type-options
nosniff
via
1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
538199
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
10319
x-request-id
3f9c20dbed74c0fc5ae25f10db8c303a
last-modified
Mon, 02 Sep 2024 21:27:16 GMT
server
Cloudinary
etag
"44c73cc4fd45db2e2e87c503f8e8bfd8"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
unOKMrN0gRPD_crnH9ixJqfLIqAJ7DkAa3ZoUZF_AaQQ5KuWfdpXUA==
page-view
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/page-view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.80.185.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-185-164.eu-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://crooksandliars.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://crooksandliars.com
content-length
0
date
Mon, 16 Sep 2024 04:08:22 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
2
x-rc-region
eu-west-1c
widget-loaded
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.80.185.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-185-164.eu-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://crooksandliars.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://crooksandliars.com
content-length
0
date
Mon, 16 Sep 2024 04:08:22 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
2
x-rc-region
eu-west-1c
page-view
yeet.revcontent.com/yeet/events/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/page-view
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.80.185.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-185-164.eu-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

x-rc-region
eu-west-1c
access-control-allow-origin
https://crooksandliars.com
date
Mon, 16 Sep 2024 04:08:22 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
server
envoy
vary
Origin
widget-loaded
yeet.revcontent.com/yeet/events/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.80.185.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-185-164.eu-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

x-rc-region
eu-west-1c
access-control-allow-origin
https://crooksandliars.com
date
Mon, 16 Sep 2024 04:08:22 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
server
envoy
vary
Origin
dcl.htm
rt3010.infolinks.com/action/ 		0
60 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3010.infolinks.com/action/dcl.htm?rid=b248c2b8-757d-4a1d-8289-0a05ea894341&prod_t=d&sdata=news&bdc=1&midx=0&capara=%7B%22ve%22%3A%22mrc50%22%7D
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1944.014-4.010/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 16 Sep 2024 04:08:22 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
8c3dfeb31ca865d4-FRA
content-length
0
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
f4f0042d8db35ce5b40218cfab018f00fe99ed7
glisteningguide.com/submit/46303cd6532c9/ 		303 B
717 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glisteningguide.com/submit/46303cd6532c9/f4f0042d8db35ce5b40218cfab018f00fe99ed7
Requested by
Host: glisteningguide.com
URL: https://glisteningguide.com/v2svfVFmfR692y-_LnnShhl08-248o3qFh5AJHol-9kA088r9prIfWE8vFc-u44i_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:196f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
919114961308cc1eb0ab299a6b12e7a081f768c4ee721b7697d37176f9dc8b77
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 16 Sep 2024 04:08:25 GMT
strict-transport-security
max-age=15724800; preload
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
br
x-buildnumber
1433990761
alt-svc
h3=":443"; ma=86400
server
cloudflare
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
x-hostname
fen-hoothoot-europe-west1-ffgg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray
8c3dfec63c1f2bd5-FRA
expires
Mon, 16 Sep 2024 04:08:24 GMT
f4f0042d8db35ce5b40218cfab018f00fe99ed7
glisteningguide.com/47303cd6532c9/ 		9 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glisteningguide.com/47303cd6532c9/f4f0042d8db35ce5b40218cfab018f00fe99ed7
Requested by
Host: glisteningguide.com
URL: https://glisteningguide.com/v2svfVFmfR692y-_LnnShhl08-248o3qFh5AJHol-9kA088r9prIfWE8vFc-u44i_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:196f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6793799831f08ffd0abd52b98e9d82e9da95bf674353ede46e47b06aabab1980
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 16 Sep 2024 04:08:25 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=15724800; preload
cf-cache-status
DYNAMIC
x-buildnumber
1433990761
alt-svc
h3=":443"; ma=86400
content-length
3129
server
cloudflare
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
x-hostname
fen-hoothoot-europe-west1-ffgg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray
8c3dfec69c402bd5-FRA
expires
Mon, 16 Sep 2024 04:08:24 GMT
ModalEngage,Sticky2
glisteningguide.com/j/45303cd6532c9/f4f0042d8db35ce5b402198faf6d7/ 		273 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://glisteningguide.com/j/45303cd6532c9/f4f0042d8db35ce5b402198faf6d7/ModalEngage,Sticky2
Requested by
Host: glisteningguide.com
URL: https://glisteningguide.com/v2svfVFmfR692y-_LnnShhl08-248o3qFh5AJHol-9kA088r9prIfWE8vFc-u44i_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:196f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b2974d953db216b51153247652982f35928b68cff9fdccaff5608581ebc47bd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://crooksandliars.com/
Origin
https://crooksandliars.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:25 GMT
content-encoding
br
via
1.1 google
strict-transport-security
max-age=15724800; preload
cf-cache-status
MISS
x-buildnumber
1433990761
alt-svc
h3=":443"; ma=86400
server
cloudflare
x-datacenter
gce-europe-west1
etag
W/"558fb234ee1a4499141156a13562500f629ec1875cafb0bcbdf671147e1e6770"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language, Origin
access-control-allow-methods
POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
x-hostname
fen-hoothoot-europe-west1-ffgg
cache-control
private, must-revalidate, max-age=21600
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray
8c3dfec80ce92bd5-FRA
logo_full.png
crooksandliars.com/sites/all/themes/cl_theme21/public/static/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/sites/all/themes/cl_theme21/public/static/logo_full.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
e3bf4936fbf82a51c0dbd4b478287e19915d0c3dd2ef15d32042b360bd7365f6

Request headers

Referer
https://crooksandliars.com//team//john/-amato
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:19 GMT
last-modified
Tue, 09 Nov 2021 02:27:37 GMT
server
nginx
etag
"6189dc99-131c"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
4892
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		5 KB
803 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,300
Requested by
Host: glisteningguide.com
URL: https://glisteningguide.com/j/45303cd6532c9/f4f0042d8db35ce5b402198faf6d7/ModalEngage,Sticky2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a55be763be247c048127787ba0fa08aea64b25050248b4e0a6a236d2a7ac45a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 16 Sep 2024 04:08:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 16 Sep 2024 03:43:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 16 Sep 2024 04:08:25 GMT
MywwMTFkMzA4NmE2MTc
images.getadmiral.com/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.getadmiral.com/MywwMTFkMzA4NmE2MTc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1231 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
5074fade910f40c6d3d087a1ec63ff87eabf176ef237e406657ba7a3600412fc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 16 Sep 2024 04:08:25 GMT
strict-transport-security
max-age=15552000; preload
via
1.1 google
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
x-buildnumber
1366914779
content-length
9192
server
cloudflare
x-datacenter
gce-europe-west1
etag
"8d99e6dc"
x-buildname
dank
vary
Accept-Encoding
x-hostname
backend-europe-west1-spot-xqjm
content-type
image/png
cache-control
private, must-revalidate, max-age=3600
cf-ray
8c3dfec90ea74d54-FRA
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://crooksandliars.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 14 Sep 2024 01:33:44 GMT
x-content-type-options
nosniff
age
182081
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Sep 2025 01:33:44 GMT
f4f0042d8db35ce5b40218cfab018f00fe99ed7
glisteningguide.com/submit/46303cd6532c9/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
glisteningguide.com
URL
https://glisteningguide.com/submit/46303cd6532c9/f4f0042d8db35ce5b40218cfab018f00fe99ed7

Verdicts & Comments Add Verdict or Comment

173 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 function| admiral object| googletag object| dataLayer function| gtag object| ClLazyLoad object| Insticator function| OneSignal object| propertag object| AdmiralGrid object| ClSettings object| $jscomp function| $jscomp$lookupPolyfilledValue boolean| headerTagInjected object| federatedObj object| instBid object| InsticatorXmess object| FB object| InsticatorApp string| insticatorHeaderCodeVersion boolean| isPageviewSent object| insticatorCommentingUnitSettings object| settings object| confiant object| instBidChunk object| _pbjsGlobals object| regeneratorRuntime object| ADAGIO object| ggeac object| google_tag_data object| google_js_reporting_queue object| __buffer number| __oneSignalSdkLoadCount function| __jp0 object| __twttrll object| twttr object| __twttr object| google_tag_manager object| webpackChunk_cl_theme21 object| CLAdmiral object| CLAMItems object| AdManager object| CL function| showAdmiralLogin function| showAdmiralSubscribe object| __bt object| __bt_intrnl object| __bt_tag_d string| GoogleAnalyticsObject function| ga object| plausible object| _icesc number| infolinks_pid object| google_reactive_ads_global_state function| 4dm1r11545242527 object| properSpecialOps boolean| __bt_already_invoked object| gaplugins object| gaGlobal object| gaData boolean| IL_INIT object| $iceboot object| INFOLINKS function| onYouTubeIframeAPIReady object| ProperMedia object| _qevents function| _0x54c8 function| _0xa3f6 function| proper_log function| proper_debug_console function| proper_debug_overlay function| proper_display function| proper_render function| disableSlotRefresh function| logMatchingResponse function| properSpaNewPage function| properSpaNewSection function| properSpaNewPageView function| properSpaNewPageReset function| properInfNewPage function| properBuildSlots function| properDeleteSlot function| properDestroyDfpSlot function| proper_remnant function| runATS function| publisherAudiencesOptOut function| refreshAuctionAndSlotsByName function| UAParser object| TraceKit object| device string| nobidVersion object| nobid object| purpose4Rule string| proper_ad_page_uuid string| proper_ad_session_uuid object| bouncex object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NTYzMWY5NjZmY2NlZmVkZmxvYWRlcl9qcw== string| NTYzMWY5NjZmY2NlZmVkZmNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady function| _typeof function| _defineProperty function| quantserve function| __qc object| ezt object| webpackChunksmart_tag function| reload_campaigns function| setBounceCookie function| getBounceCookie function| setBounceVisitCookie function| getBounceVisitCookie function| clearBounceCookie number| $iceId string| nm_div object| nm_script function| jQuery object| wpJsonRciWidget object| ua_result object| revcontent function| renderRCWidget object| owpbjsChunk object| owpbjs object| PWT function| dspCriteoRTUSCallback function| dspCMCallback object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| __core-js_shared__ object| core object| InsticatorCommenting

17 Cookies

Domain/Path Name / Value
crooksandliars.com//team//john Name: logglytrackingsession
Value: 7a597c4d-1a94-48bc-8327-05feee86cd60
.onesignal.com/ Name: __cf_bm
Value: jG5d5eisD1EiOkpLfdKNpHW9lLmjQ1ttTneSLYeQTqw-1726459699-1.0.1.1-Kl6OQg0kS8yFw8rw5PVNl_OLFVq2uOSj1vnlNaatgUPiDyR.N9J6ZJrWmslssA0YugMx2mJUIPm2jGGYJFS_Dg
.crooksandliars.com/ Name: InstiSession
Value: eyJpZCI6IjIxNzI3ZTk2LTQ2MWEtNDM1ZS1iNDVhLWQ2YzIxZThmOTRhNiIsInJlZmVycmVyIjoiIiwiY2FtcGFpZ24iOnsic291cmNlIjpudWxsLCJtZWRpdW0iOm51bGwsImNhbXBhaWduIjpudWxsLCJ0ZXJtIjpudWxsLCJjb250ZW50IjpudWxsfX0=
crooksandliars.com/ Name: instiPubProvided
Value: c2a798b3-6a32-4652-a7ac-55d657aeb2ee
.crooksandliars.com/ Name: _pubcid
Value: c12dc7fc-ec56-4084-90c1-95f390270e4f
.crooksandliars.com/ Name: _pubcid_cst
Value: zix7LPQsHA%3D%3D
.crooksandliars.com/ Name: _gid
Value: GA1.2.1365662621.1726459700
.crooksandliars.com/ Name: _gat_gtag_UA_2640119_1
Value: 1
.crooksandliars.com/ Name: _ga_MBSB7S97P1
Value: GS1.1.1726459700.1.0.1726459700.60.0.0
.crooksandliars.com/ Name: _ga
Value: GA1.1.1893553979.1726459700
.crooksandliars.com/ Name: properSessionStorage
Value: eyJ1dWlkIjoiZThmZGE3ZTQtZDVmNi00MTZlLWExZmItY2YwNmRkZjkyOTkxIiwiZGVwdGgiOjEsInJlZmVycmVyIjoiIiwiZ2NsaWQiOiIiLCJmYmNsaWQiOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV90ZXJtIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fdGVtcGxhdGUiOiIiLCJ1dG1fcmVmZXJyZXIiOiIiLCJ1dG1fYWRzZXQiOiIiLCJ1dG1fc3ViaWQiOiIiLCJyZXZlbnVlIjowLCJkeW5hbWljX2Zsb29ycyI6e30sIm5vX2JpZF9jbnQiOnt9LCJhdWN0aW9uX2NvdW50IjowLCJsYXN0X3RocmVzaG9sZCI6MH0%3D
crooksandliars.com/ Name: plsVisitorGeo
Value: DE
crooksandliars.com/ Name: plsVisitorIp
Value: 45.141.152.72
crooksandliars.com/ Name: plsGeoObj
Value: {"ip":"45.141.152.72","country":"DE","region":"HE","city":"Frankfurt am Main","zip":"60326","location":"50.1049,8.6295"}
.infolinks.com/ Name: cuid
Value: e42d9993-6226-4323-890b-e4bfd244e581
crooksandliars.com/ Name: plsVisitorCity
Value: Hessen
crooksandliars.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770

2 Console Messages

Source Level URL
Text
network error URL: https://trends.newsmaxwidget.com/event/generic?t=e0BexIGnHI9%2BpNjG49wkYEyVM4y3BQNxwkTNY7a7dgvvBvz6%2FYgrimsvlkxxk7S%2BA%2FaojW3WOF3%2FGbHkr3qzjPKHxbgzvCAowRUaLS4dKWY%3D&e=adapty&s[ref]=https%3A%2F%2Fcrooksandliars.com%2F%2Fteam%2F%2Fjohn%2F-amato&s[hash]=TdUGmQOcTfm6Or8W2H9nVT
Message:
Failed to load resource: the server responded with a status of 400 ()
rendering warning URL: https://glisteningguide.com/j/45303cd6532c9/f4f0042d8db35ce5b402198faf6d7/ModalEngage,Sticky2(Line 1)
Message:
Specifying 'overflow: visible' on img, video and canvas tags may cause them to produce visual content outside of the element bounds. See https://github.com/WICG/view-transitions/blob/main/debugging_overflow_on_images.md for details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abcheck.proper.io
ad-delivery.net
ad.doubleclick.net
ads.pubmatic.com
api.btloader.com
assets.bounceexchange.com
assets.newsmaxwidget.com
assets.revcontent.com
auth.instiengage.com
bids.proper.io
btloader.com
cdn.confiant-integrations.net
cdn.onesignal.com
connect.facebook.net
crooksandliars.com
d3lcz8vpax4lo2.cloudfront.net
df80k0z3fi8zg.cloudfront.net
event.insticator.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
geoip.insticator.com
geoip.instiengage.com
glisteningguide.com
global.proper.io
images.getadmiral.com
images.newsmaxwidget.com
imasdk.googleapis.com
img.revcontent.com
onesignal.com
platform.twitter.com
region1.analytics.google.com
resources.infolinks.com
router.infolinks.com
rt3010.infolinks.com
rules.quantcount.com
secure.quantserve.com
securepubads.g.doubleclick.net
soapps.net
static.adsafeprotected.com
static.newsmaxfeednetwork.com
stats.g.doubleclick.net
tag.bounceexchange.com
tr.crooksandliars.com
trends.newsmaxwidget.com
www.crooksandliars.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
yeet.revcontent.com
glisteningguide.com
108.157.4.18
13.225.78.104
13.33.187.77
130.211.23.194
150.238.37.130
172.217.18.6
172.66.41.9
172.66.42.247
18.172.112.100
18.207.73.182
18.66.102.81
184.28.88.244
2001:4860:4802:32::36
2600:9000:206f:ac00:9:78a:e540:93a1
2600:9000:223c:9400:6:44e3:f8c0:93a1
2600:9000:223f:5200:8:48e:53c0:93a1
2600:9000:2644:9000:1c:386f:ec80:21
2600:9000:2724:1600:10:3422:3f00:21
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::ac43:293c
2606:4700:20::681a:346
2606:4700:4400::6812:2b5a
2606:4700::6811:6fdf
2606:4700::6812:1231
2606:4700::6812:196f
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:803::200e
2a00:1450:4001:806::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:811::2008
2a00:1450:4001:81d::200a
2a00:1450:4001:828::2002
2a00:1450:4001:829::200e
2a00:1450:4001:830::2003
2a00:1450:400c:c00::9d
2a03:2880:f084:105:face:b00c:0:3
34.120.253.250
34.98.72.95
44.196.238.254
44.240.96.48
52.222.214.103
52.5.165.213
54.160.11.30
54.72.195.79
99.80.185.164
004a8e6726c340c0fcea8a34ea5317d388772d237a718a9cc468598df63d1702
00c830df4c404e5066964b33b15c650db94c260b14070b16102a5cec56434e73
036be9796eef8ac45778fbc62ff46be10f3c6005fceb7c44ed49d0a8b4d62a02
036cc536d49295e353522a416481117c1ca225434bf41f877d6072dd5d0abced
04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce
0685687c82e970dc8176b9009f530d9de6aa9a1f39ace3634d216c578adaef23
0b65c00692ce0f52849d6ee9cf5678d4f0932099cdd577ed2ce18ab3d2d6d7f9
1310eac23d10ba13c1e7388c552fc52100d5892e65aec91ddde78d59f0eb299b
140bba341ba73adbe5d69dc1ca459c579d71fc6e436017f77c21c8c13c7458e8
15ec6e1dfd817eb5d24b6f08df735f9ad28313614eb9377d5a18c4d9d0934130
160cde24ba1ff1d2f48cb147e61a9835f9594092da1ea3cafed08e7c6aa43f41
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
1760bb9355d5a32c6b3d48ecf53dcfedeca08516b0b921682e9d0ce55ce74b26
19aa071845d2515d70a65288ab1531b2b59b4d398c73a16c3aa30ca9963f0848
1b2974d953db216b51153247652982f35928b68cff9fdccaff5608581ebc47bd
1c42fe8b25d562fb8a997b6b46e32c6d95d0c8d541e5a801b630b2f846fabf38
1cf75dc14a8eef40549a945c423a03fb9488250b4d9b0c6cc25ff0d4dbfbb86c
1e966b3a92ed853593dcb85ceafe15eb26fcfcc617e810071a8fae39262b04c4
2046683f261337ea3f4244fb5d27741b6a1d9e2313ee202bea1cdf0f374001dc
205473ccfbbc1032b7104ee7947496a94b2d46e7aac524cc0f14e552a735b897
21408c20e75e6a84b71c3f4cb787bc34dac7db28a34bbc34db24856141770e48
2541943eb1b759367d198f4b470134d85aadc1bf18a48da5e49de3c61b9a59ac
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28460b0249f720da5a2c3dc54e26ee895e6611c4ba71eca598e0e3124b9e866f
2aa7d34f035906f4d5039227e2d40c1d5d2863794f1e042a8a20e13a1b16dd30
2bb182e56056c786fad829d88c6218686e54b73f94bbaef51671ec03d96071ee
2d6a133b731b7012df588f194570780eaf10077357b41f7c6d419a8d48fd2261
2e2f8485434c1dc7ba8426b78bcdcce5d13462028693bc1b749957ef88909763
3055cc01a20f40cc3601b08d75b37cdec4dbd9b58669e8b597bc14ab4fca18b5
30bf607ef33c013829ed5a1d387208c951ea941767cb2a1df7a4e0b6aa1556ff
3682ce850eb37d9c7692129c5bb2df91e13d1dbb91cd6e3a6f0cf04f0c62c942
3a3782ed8869a7b7f49c5a2242ce3e433439f03cbab0cda66a8e0658e2daf546
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
47b726fd18aa3355c7f0277952419c5e1b33d3347ee2e4eff5e9b9be73040549
48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c
4f2626696382e9b963bbb2163ce47381c09359af9dea37965a9303b6ae1c1834
5074fade910f40c6d3d087a1ec63ff87eabf176ef237e406657ba7a3600412fc
5161cc95c861a52ca114dba71188bcb827f4f9afaf97f75db65e572cd649289b
5380dd60a797b5f7b20912834018f60e741fd7233bfb1b2fe5bf79737e4e0b2f
546e554a3c51ce180d022de9ff5506f14603b38d40ece9f2be43c88328358a52
56678e2cda023fa75db6f56ff4c468cfd2ffb4d1dff25e0d14f7992876f892e0
5c1d7658e8d878bd510950e3f3a67f98261bfc05b0e5087c5c0aeef4579a4fa1
5e13fa37c7fde570bff32dd3e9e2b835c5834ea6b7d2db8e5c9eb41520419c15
60d7e6cb14bb5060b93acdf8f70b09136bc3e4b90918c79385975ee931613e3b
621d43bfeb282fd0946d684636203e8aff3f0718fcc6f87a9ea88e95e34a60ff
6354deae735c3989483d185d09f73115648e1551d671dee0a947308b61623f17
6793799831f08ffd0abd52b98e9d82e9da95bf674353ede46e47b06aabab1980
6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e403e2d554aa481361609012af929dcbc5b8f4a531561905a743b548735ff1f
73d198eec600bf9510e50046186bc60fdef27ffff5b5d10e31854e0f0492c314
76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b
785d3e9ea187b7242e1a4365a48c3fd95dd7a469245d24c6769b8d46c4ef4b81
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7c21a6311bd9343da9c0cd779007eebbcff3d77cc9286125d5da26134bc0f32a
7d69760be287d1e9365ec5c512978eef33ff2134de1dd2bf425de5ccdd24b997
7d7af1f6c6027dcac278577529ae155182da451be8906544bb7ff680620749a1
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82ec937d9b257e7bb5a8fcb1eca9f9a587bc266d127b90ece2069d495c90dd53
83eab0690a46e6481bbad2e36f64118da3b167c77ba77598fddfa889dee018a5
89e7371a5e545fec5450e9a65ac95e2435f534cb5191c68a169f3b138d456030
8af15646b18da3c584568f9e606fdb0e47f172cc241edeec5f6334c5afd3e081
8c180d84a57f7e3bfec361c93d5334da2202bb7b3ceee66f0166957f6978931d
8fa5deb87fcd2378185227321ae20ce283f190455da484428fe964250e7bce59
919114961308cc1eb0ab299a6b12e7a081f768c4ee721b7697d37176f9dc8b77
91c714817155d5ba88496036401939bfb04ce0af83178e4a0a57fa48ee0603ca
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5
9e03460ddf51854065b5ed1042c94dbc35045da49373004a7e46abb5f746f35e
9efedf206218e4fb1cecd20e02aa0d7cfcb9c7402044bc1f8722d2fb95e425c6
a2431f9d129bc3eadcc0a6b829cbeeffcdbe4374b4d08317bbb51f1db5fa4ec3
a55be763be247c048127787ba0fa08aea64b25050248b4e0a6a236d2a7ac45a3
a688d9d2a0809d848b6879524e5048bb07a91c0c3199666713b2c10e281332bb
a89adf784f7d54cd1d3f7e34a7b3d200eaf57abcb3cd8f0e418a0462c7ecf19a
a8b68b46f44aac34f59d2926e8db6bdae4bc3b7fe3aad60948e97f428b087531
a9c8d838d58c2d809550dedb481f8548a10ff3c2b7a379d25cd37cc935584e32
adf4c837e06903430b427e34ed4aaf493adc435b331cf8003a201f71daa5e5a1
ae147bdedb062e34a025af585c79f80ebfe2b7e9ed99826f9192a78ddba677c3
b251749e04ba1d0a4dcd53781ebf83415823829c9f36ee5102372f98ab40d8a2
c2d224ef3dff232e7c5fc3ad39f3a3d837ba465995d5066885249c1d2a7cae68
c7d1bc31be2ab930e06dee9af49acf8225399148a37cca2e1aebdd20bdab3683
c7deaf679fcfc8dce963a1e993323007f774586737ba2cc2579e55f1fd02bb17
caf2f11a5ecde99dae998a54cf3be6c60478903612ae2cf76b395f7accd9d657
cb2db6bf62235b0c4d4d1bf17a8d410a74c94b0cd178079f0b9e120580c0b324
cc7655087d146682067e37c47b2bff72ee86f6ed7a3702291642b502c123dfd2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff8e4f68f855d1dbafcc5ed6c37805ec82116dd7fd625c85fcd3bd022008964
d4fd8064307c2928ab571b6bed4556949a9b873501b9fce4d0314524810db5cf
d72bb9bb78332c65fa76e41498792ef6a1b87f65fdd702e39758d6501d57a45c
d916dbd80771d9244ae09a56803a75407428c08a0eba3fa3410964abbf1d066a
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
de0e585989b9cb68e60604e8f06bd3e95216a0aff1b1867a72a4cc6b9e112a9a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
def2eceb21c23f209b291c6684ac128a16d630da31597a69e84c6cb73ca793d6
dfeb024869f39e050a86af6dc5e62f5acf773dc88c8a8a080ae0313cf68797ab
e054996061a5469a34aee45729b79d33ddbbfa6dbf28b58eefe1a851872fc02a
e1537781b8b50f875c8ac669a3821940f774591fabc69d5d661bcf46794163b4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bf4936fbf82a51c0dbd4b478287e19915d0c3dd2ef15d32042b360bd7365f6
ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef
ee3e4b488dcaceabab3b95b91d4066a2d2496ddbdbd3d0c0002231fac2d9d4fc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef68fe54ada8977621ed05518392a25094ac3f58a83fbf3a6d340bb94247696b
f2014f4c968c15546e5f734704f0cc98151f3de2eb9118a5930e326f8bbb7b21
f23d794de0666d3cc3f739695e8993baa22cc4f761f71cb5f88e42ce431cf3a7
f766489f29fd283b6ced293d10433d30f941dd81b298b6e603512d6c019390c5
fa48dd40b2dcee168d499fcb4b7332442d43fc2a5beb983cb48575a85b05cd9b
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
fd3090687e1d99f2bf2ec597b58d68f93ef721f6be2faf30f4dbbe76160781b6
fd3f30aace2746baa5c81ef4b2b93ae827c7a850ca6fee7b7632b084c7482f1e