urlscan.io logo urlscan.io
SecurityTrails logo

www.investigativepost.org Open in urlscan Pro
72.52.164.200  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://investigativepost.com/
Effective URL: https://www.investigativepost.org/
Submission: On July 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 5 countries across 21 domains to perform 78 HTTP transactions. The main IP is 72.52.164.200, located in United States and belongs to LIQUIDWEB, US. The main domain is www.investigativepost.org.
TLS certificate: Issued by R11 on June 16th 2024. Valid for: 3 months.
This is the only time www.investigativepost.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 15.197.225.128 16509 (AMAZON-02)
24 72.52.164.200 32244 (LIQUIDWEB)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 185.89.210.141 29990 (ASN-APPNEX)
2 18.172.112.107 16509 (AMAZON-02)
2 3.5.22.4 14618 (AMAZON-AES)
5 104.17.111.223 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 23.67.131.235 16625 (AKAMAI-AS)
1 18.66.102.53 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
6 172.217.16.142 15169 (GOOGLE)
1 13.32.27.21 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.227 15169 (GOOGLE)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 172.67.159.162 13335 (CLOUDFLAR...)
1 18.66.112.79 16509 (AMAZON-02)
3 141.94.254.117 16276 (OVH)
1 104.16.160.145 13335 (CLOUDFLAR...)
78 24
1    15.197.225.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com
investigativepost.com
24    72.52.164.200 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host.hostdogdimeservers.com
www.investigativepost.org
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:10::6814:24da (United States)

ASN13335 (CLOUDFLARENET, US)
widgets.givebutter.com
2    185.89.210.141 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
2    18.172.112.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-107.fra60.r.cloudfront.net
cdn-images.mailchimp.com
2    3.5.22.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3.us-east-1.amazonaws.com
s3.amazonaws.com
5    104.17.111.223 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
img.onesignal.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    23.67.131.235 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-67-131-235.deploy.static.akamaitechnologies.com
chimpstatic.com
1    18.66.102.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-53.fra56.r.cloudfront.net
static.hotjar.com
9    2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube-nocookie.com
6    172.217.16.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f14.1e100.net
www.youtube-nocookie.com
1    13.32.27.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net
script.hotjar.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
1    2a00:1450:400c:c1f::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net
www.google.de
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2606:4700:10::ac43:209f (United States)

ASN13335 (CLOUDFLARENET, US)
givebutter.com
1    172.67.159.162 (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.mrf.io
1    18.66.112.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-79.fra56.r.cloudfront.net
vc.hotjar.io
3    141.94.254.117 (France)

ASN16276 (OVH, FR)
PTR: haproxy07.cl13.ovh.mrf.io
events.newsroom.bi
1    104.16.160.145 (None, )

ASN13335 (CLOUDFLARENET, US)
onesignal.com
Apex Domain
Subdomains		 Transfer
24 investigativepost.org
www.investigativepost.org
2 MB
15 youtube-nocookie.com
www.youtube-nocookie.com — Cisco Umbrella Rank: 4316
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 5708
onesignal.com — Cisco Umbrella Rank: 1415
img.onesignal.com — Cisco Umbrella Rank: 8171
86 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
371 KB
3 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 7639
2 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1335
script.hotjar.com — Cisco Umbrella Rank: 2017
60 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
74 KB
2 amazonaws.com
s3.amazonaws.com
140 KB
2 mailchimp.com
cdn-images.mailchimp.com — Cisco Umbrella Rank: 14304
2 KB
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 764
2 KB
2 givebutter.com
widgets.givebutter.com — Cisco Umbrella Rank: 190725
givebutter.com — Cisco Umbrella Rank: 125596
330 KB
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 4716
232 B
1 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 10021
43 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3123
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
274 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6716
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
261 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3773
1 chimpstatic.com
chimpstatic.com — Cisco Umbrella Rank: 9111
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
1 investigativepost.com
investigativepost.com
321 B
78 21
Domain Requested by
24 www.investigativepost.org www.investigativepost.org
15 www.youtube-nocookie.com www.investigativepost.org
4 www.googletagmanager.com www.investigativepost.org
www.googletagmanager.com
3 events.newsroom.bi sdk.mrf.io
3 onesignal.com cdn.onesignal.com
2 connect.facebook.net www.investigativepost.org
connect.facebook.net
2 cdn.onesignal.com www.investigativepost.org
cdn.onesignal.com
2 s3.amazonaws.com www.investigativepost.org
2 cdn-images.mailchimp.com www.investigativepost.org
2 secure.adnxs.com 1 redirects www.investigativepost.org
1 img.onesignal.com www.investigativepost.org
1 vc.hotjar.io script.hotjar.com
1 sdk.mrf.io www.investigativepost.org
1 givebutter.com widgets.givebutter.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.facebook.com www.investigativepost.org
1 www.google.de www.investigativepost.org
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com www.investigativepost.org
1 chimpstatic.com www.investigativepost.org
1 widgets.givebutter.com www.investigativepost.org
1 fonts.googleapis.com www.investigativepost.org
1 investigativepost.com 1 redirects
78 25

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.youtube.com
www.instagram.com
Subject Issuer Validity Valid
*.investigativepost.org
R11		 2024-06-16 -
2024-09-14		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
widgets.givebutter.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
cdn-images.mailchimp.com
Amazon RSA 2048 M02		 2024-06-24 -
2025-07-22		 a year crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2024-05-25 -
2025-05-02		 a year crt.sh
onesignal.com
GTS CA 1P5		 2024-05-31 -
2024-08-29		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-29 -
2024-07-28		 3 months crt.sh
wildcardsan.us15.list-manage.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-06-28 -
2025-06-28		 a year crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
*.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.google.de
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
givebutter.com
E6		 2024-07-06 -
2024-10-04		 3 months crt.sh
sdk.mrf.io
E1		 2024-05-25 -
2024-08-23		 3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M02		 2024-02-07 -
2025-03-08		 a year crt.sh
ssl03.cert.cl13.k8s.mrf.io
E6		 2024-06-18 -
2024-09-16		 3 months crt.sh

This page contains 21 frames:

Primary Page: https://www.investigativepost.org/
Frame ID: 2016F949809A62FF843BB05C7C40B2DD
Requests: 58 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/fXZoDfS7M1c?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Frame ID: 5636DFDB39651FB49006D0B24F10AA15
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/lnrMw0s2ZdE?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Frame ID: A0E63FD62DD8EDC2DC2CDFC1F2F833F3
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/-iGmU478R3g?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Frame ID: 0E7A26F999CCBA341AF4DAF5A46E8D89
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/fXZoDfS7M1c?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Frame ID: 3002EAE69D34FC9DCEA2C3730F2EC728
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/lnrMw0s2ZdE?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Frame ID: F4572AB246EE6CB4FB94A08D49D27A23
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/-iGmU478R3g?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Frame ID: 467CC5A0223E1269538DD76A4D97ADEF
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/iak2wDalRho?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Frame ID: 6CE9A85AC7D0033C95CD723A4F529BC9
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/IHq-PdFMPUE?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Frame ID: FA57B69828E8C8956729EF202BFC97AE
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/fXZoDfS7M1c?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Frame ID: 97EAC3607FCD83786C0236AD2A42A894
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/lnrMw0s2ZdE?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Frame ID: 3B46E1E060118C70B72BB4658A6273E5
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/-iGmU478R3g?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Frame ID: 773CA84BC018F0E22396C71F7350AB71
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/iak2wDalRho?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Frame ID: 488CBFBDBE7B585D8351CD50AE3CFCF7
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/IHq-PdFMPUE?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Frame ID: 160F682DA4F4AB45E116B34525478472
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/fXZoDfS7M1c?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Frame ID: 5376F8E8087E6D6075CDD3DD84432715
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/lnrMw0s2ZdE?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Frame ID: C2AE5EBAFFFA0A76B416E86C955E62A0
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/-iGmU478R3g?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Frame ID: 9A84B7400C9F870A4088BE5C34A0034C
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/-iGmU478R3g?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Frame ID: EC8864E499EC3A636B1DE5027F20680D
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/iak2wDalRho?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Frame ID: 66DB3A18461C30DB1879E21F46E3B6B3
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/IHq-PdFMPUE?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Frame ID: 91396E45D4EA06E06DADC0C9A65F0517
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/_LJi6xb7icE?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&autoplay=0
Frame ID: 493821CC6EA809E6AA99482F54AC9C96
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Investigative Post - Jim Heaney Editor & Executive Director, Buffalo & WNY Investigative Reporting Center : Investigative Post

Page URL History Show full URLs

  1. https://investigativepost.com/ HTTP 301
    http://www.investigativepost.org/ HTTP 307
    https://www.investigativepost.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • s3\.amazonaws\.com/downloads\.mailchimp\.com/js/mc-validate\.js
  • cdn-images\.mailchimp\.com/[^>]*\.css
  • chimpstatic\.com/mcjs-connected
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com

Page Statistics

78
Requests

91 %
HTTPS

38 %
IPv6

21
Domains

25
Subdomains

24
IPs

5
Countries

3477 kB
Transfer

5958 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://investigativepost.com/ HTTP 301
    http://www.investigativepost.org/ HTTP 307
    https://www.investigativepost.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://secure.adnxs.com/seg?member_id=14146&add_code=&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fmember_id%3D14146%26add_code%3D%26t%3D1
Request Chain 60
  • https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=318683177615939&ev=PageView&dl=https%3A%2F%2Fwww.investigativepost.org%2F&rl=&if=false&ts=1721525671562&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1721525671559.370255409113158218&cs_est=true&ler=empty&cdl=API_unavailable&it=1721525671384&coo=false&rqm=FGET HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D318683177615939%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Fwww.investigativepost.org%252F%26rl%26if%3Dfalse%26ts%3D1721525671562%26sw%3D1600%26sh%3D1200%26v%3D2.9.162%26r%3Dstable%26ec%3D0%26o%3D4126%26fbp%3Dfb.1.1721525671559.370255409113158218%26cs_est%3Dtrue%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1721525671384%26coo%3Dfalse%26rqm%3DFGET

78 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.investigativepost.org/
Redirect Chain
  • https://investigativepost.com/
  • http://www.investigativepost.org/
  • https://www.investigativepost.org/
78 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
ed8d8cdc08cfd23e4b0229b664de02aac709770bef075528902c64aef81d2ab6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
16560
content-type
text/html; charset=UTF-8
date
Sun, 21 Jul 2024 01:34:30 GMT
expires
Mon, 29 Oct 1923 20:30:00 GMT
last-modified
Sun, 21 Jul 2024 00:50:29 GMT
pragma
no-cache
referrer-policy
no-referrer
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
User-Agent,Accept-Encoding
x-content-type-options
nosniff
x-frame-options
sameorigin
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block

Redirect headers

Location
https://www.investigativepost.org/
Non-Authoritative-Reason
HttpsUpgrades
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Source+Serif+Pro:ital,wght@0,400;0,700;1,400&display=swap
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae8e5a7a6a539aef99394e63436fe6bc13418f92047f757b667f7f4ec7add844
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 21 Jul 2024 01:34:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 21 Jul 2024 01:34:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 21 Jul 2024 01:34:30 GMT
4e65h.css
www.investigativepost.org/wp-content/cache/wpfc-minified/ee53vvfl/ 		764 B
408 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.investigativepost.org/wp-content/cache/wpfc-minified/ee53vvfl/4e65h.css
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
70aad76ee6355f9960fac56851e1986dca70a50c1468229ffc5ad4c232fabfd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 21 Jul 2024 01:34:30 GMT
x-permitted-cross-domain-policies
none
content-length
345
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 12 Mar 2024 17:01:51 GMT
server
Apache
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
expires
max-age=A10368000, public
4e65g.css
www.investigativepost.org/wp-content/cache/wpfc-minified/12gs92ip/ 		107 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.investigativepost.org/wp-content/cache/wpfc-minified/12gs92ip/4e65g.css
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
8ea6992a69a092e9ef8e2acfef3cc3042c51234e560af5b5faf0f9282260e7ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 21 Jul 2024 01:34:30 GMT
x-permitted-cross-domain-policies
none
content-length
14457
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 12 Mar 2024 17:01:50 GMT
server
Apache
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
expires
max-age=A10368000, public
4e65g.css
www.investigativepost.org/wp-content/cache/wpfc-minified/33crgzy1/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.investigativepost.org/wp-content/cache/wpfc-minified/33crgzy1/4e65g.css
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
534a913039d46018814e8de168eef7c676fa6f49981a6bdba43db65c4d54667a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 21 Jul 2024 01:34:30 GMT
x-permitted-cross-domain-policies
none
content-length
1037
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 12 Mar 2024 17:01:50 GMT
server
Apache
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
expires
max-age=A10368000, public
4e65h.js
www.investigativepost.org/wp-content/cache/wpfc-minified/err23nwe/ 		383 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.investigativepost.org/wp-content/cache/wpfc-minified/err23nwe/4e65h.js
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
8c4ad2663bdc21c51dc27f198c5e15ec17cd9533a1ecee730647ceb73d4ff3bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Tue, 12 Mar 2024 17:01:51 GMT
x-permitted-cross-domain-policies
none
date
Sun, 21 Jul 2024 01:34:30 GMT
server
Apache
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
x-xss-protection
1; mode=block
expires
max-age=A10368000, public
js
www.googletagmanager.com/gtag/ 		305 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=GT-TQSC4FR
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
65fd587cb7e1739786169f34370a6cc28055b24d7aa29f5d3bbc7e368f805269
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 01:34:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103605
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 21 Jul 2024 01:34:31 GMT
latest.umd.cjs
widgets.givebutter.com/ 		329 KB
330 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.givebutter.com/latest.umd.cjs?acct=quEm2xccccrRp5Wd&p=wordpress
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:24da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9f58f97fe02dd7d38ea19f9165864ada6f4f929e6c39d13c9a8630d31f5125f

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 01:34:31 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 09 Jul 2024 17:06:08 GMT
server
cloudflare
etag
"04e852039a2e891532965301e665031d"
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8a6772f58cfe1e52-FRA
content-length
337027
4e65g.css
www.investigativepost.org/wp-content/cache/wpfc-minified/sug04v3/ 		299 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.investigativepost.org/wp-content/cache/wpfc-minified/sug04v3/4e65g.css
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
410f93ed697c705b2e74d43f77d721906602629d310e29248bdd018f299ced97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 21 Jul 2024 01:34:30 GMT
x-permitted-cross-domain-policies
none
content-length
50540
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 12 Mar 2024 17:01:50 GMT
server
Apache
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
expires
max-age=A10368000, public
investigative-post-logo-w-1.png
www.investigativepost.org/wp-content/uploads/2022/09/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.investigativepost.org/wp-content/uploads/2022/09/investigative-post-logo-w-1.png
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
22e23f380bbe5cc16ff8778e46406ad4380fde378fe70f20a8c0f43bfd2c64d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 21 Jul 2024 01:34:30 GMT
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Thu, 14 Dec 2023 22:32:25 GMT
x-permitted-cross-domain-policies
none
server
Apache
x-frame-options
sameorigin
vary
User-Agent
content-type
image/png
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
22057
x-xss-protection
1; mode=block
expires
max-age=A10368000, public
Urban-Affairs.jpg
www.investigativepost.org/wp-content/uploads/2022/08/ 		255 KB
256 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.investigativepost.org/wp-content/uploads/2022/08/Urban-Affairs.jpg
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
0222cfa0b9ade89be954ac5298b0ec90c7b02406952418b673061387ab1f3520
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 21 Jul 2024 01:34:30 GMT
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Thu, 14 Dec 2023 22:29:30 GMT
x-permitted-cross-domain-policies
none
server
Apache
x-frame-options
sameorigin
vary
User-Agent
content-type
image/jpeg
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
261570
x-xss-protection
1; mode=block
expires
max-age=A10368000, public
Economy.jpg
www.investigativepost.org/wp-content/uploads/2022/07/ 		369 KB
369 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.investigativepost.org/wp-content/uploads/2022/07/Economy.jpg
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
c80c3bafc87630abfec18f3b4c29131e0b759b4aa772c0e0a902397a79970631
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 21 Jul 2024 01:34:30 GMT
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Thu, 14 Dec 2023 22:32:51 GMT
x-permitted-cross-domain-policies
none
server
Apache
x-frame-options
sameorigin
vary
User-Agent
content-type
image/jpeg
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
378079
x-xss-protection
1; mode=block
expires
max-age=A10368000, public
Bills-Stadium.jpg
www.investigativepost.org/wp-content/uploads/2022/07/ 		392 KB
392 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.investigativepost.org/wp-content/uploads/2022/07/Bills-Stadium.jpg
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
787a4e34016fc54f36ddbca24149ed0cf0f7fc1393ca7cf23b555a818dd0a3a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 21 Jul 2024 01:34:30 GMT
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Thu, 14 Dec 2023 22:32:59 GMT
x-permitted-cross-domain-policies
none
server
Apache
x-frame-options
sameorigin
vary
User-Agent
content-type
image/jpeg
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
401400
x-xss-protection
1; mode=block
expires
max-age=A10368000, public
City-Hall.jpg
www.investigativepost.org/wp-content/uploads/2022/08/ 		354 KB
355 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.investigativepost.org/wp-content/uploads/2022/08/City-Hall.jpg
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
590f1b6e85d0d999a3134674324732b9998521cecca09146cad0ff09147f767e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 21 Jul 2024 01:34:31 GMT
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Thu, 14 Dec 2023 22:29:28 GMT
x-permitted-cross-domain-policies
none
server
Apache
x-frame-options
sameorigin
vary
User-Agent
content-type
image/jpeg
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
362842
x-xss-protection
1; mode=block
expires
max-age=A10368000, public
Environment.jpg
www.investigativepost.org/wp-content/uploads/2022/07/ 		149 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.investigativepost.org/wp-content/uploads/2022/07/Environment.jpg
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
7f41df1f90b44d28185b69f70e170effff109bb3d8d4f616fc3d1965e81f8b0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 21 Jul 2024 01:34:31 GMT
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Thu, 14 Dec 2023 22:32:40 GMT
x-permitted-cross-domain-policies
none
server
Apache
x-frame-options
sameorigin
vary
User-Agent
content-type
image/jpeg
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
152820
x-xss-protection
1; mode=block
expires
max-age=A10368000, public
Politics.jpg
www.investigativepost.org/wp-content/uploads/2022/07/ 		209 KB
209 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.investigativepost.org/wp-content/uploads/2022/07/Politics.jpg
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
6931faf23e96176b1e6ae246cfd1f3d0c621e95cb6a1ef44d36ef99a771b5bac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 21 Jul 2024 01:34:31 GMT
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Thu, 14 Dec 2023 22:32:47 GMT
x-permitted-cross-domain-policies
none
server
Apache
x-frame-options
sameorigin
vary
User-Agent
content-type
image/jpeg
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
214229
x-xss-protection
1; mode=block
expires
max-age=A10368000, public
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?member_id=14146&add_code=&t=1
  • https://secure.adnxs.com/bounce?%2Fseg%3Fmember_id%3D14146%26add_code%3D%26t%3D1
0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fmember_id%3D14146%26add_code%3D%26t%3D1
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jul 2024 01:34:31 GMT
an-x-request-uuid
ca1ce9bd-a61b-4f93-b5f8-498263b59cca
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.22; 217.114.218.22; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Jul 2024 01:34:31 GMT
an-x-request-uuid
ca16af83-ca39-4a33-83dc-6da1189cdc08
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://secure.adnxs.com/bounce?%2Fseg%3Fmember_id%3D14146%26add_code%3D%26t%3D1
x-proxy-origin
217.114.218.22; 217.114.218.22; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
classic-061523.css
cdn-images.mailchimp.com/embedcode/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-images.mailchimp.com/embedcode/classic-061523.css
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-107.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5883e7efce2f2f635eabad6906850ac83ac2236f675bc969ff508c2ad2c6e041

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
TLAqQVoBq2Hb5kr9KSEXmPqr6DohswZo
content-encoding
gzip
via
1.1 fd9d525f4633063393693172d96013ca.cloudfront.net (CloudFront)
date
Sat, 20 Jul 2024 03:50:28 GMT
last-modified
Tue, 21 Nov 2023 20:06:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P8
age
78244
x-amz-server-side-encryption
AES256
etag
W/"0d26555d70e62981c5039c0b5d571de9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
QlUABRTrNOPnD2PuWNarVdFJesQJ-FAfPkIzQhM-U1uJPg5J0UamfQ==
mc-validate.js
s3.amazonaws.com/downloads.mailchimp.com/js/ 		140 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/downloads.mailchimp.com/js/mc-validate.js
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.5.22.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3.us-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 21 Jul 2024 01:34:32 GMT
Last-Modified
Mon, 20 Aug 2018 17:42:38 GMT
Server
AmazonS3
x-amz-request-id
JNX4KY0RWVZ22GNR
ETag
"6465dd4a8331265e6629cd069e03504c"
Content-Type
application/javascript
Cache-Control
public,max-age=2592000
Accept-Ranges
bytes
Content-Length
143249
x-amz-id-2
Dnacf52fYHR/ZNWtAl4ddFM3bZedNPmy4SNnyypTQ9G7jmgh+Aa2B7wPjVbaUGP6TfoB/sc74dk1PWQwwJV93BREESLjP1eKdbAP8Khclw8=
4e65g.css
www.investigativepost.org/wp-content/cache/wpfc-minified/d32r3qh7/ 		21 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.investigativepost.org/wp-content/cache/wpfc-minified/d32r3qh7/4e65g.css
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
c28cd2f4b5010793b7e54f25f95261198bd995db864d202fd40c3dc6ae3302d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 21 Jul 2024 01:34:31 GMT
x-permitted-cross-domain-policies
none
content-length
3473
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 12 Mar 2024 17:01:50 GMT
server
Apache
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
expires
max-age=A10368000, public
main.js
www.investigativepost.org/wp-content/plugins/advanced-responsive-video-embedder/build/ 		1 KB
592 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.investigativepost.org/wp-content/plugins/advanced-responsive-video-embedder/build/main.js?ver=65e39613de04e27403b1
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
5e0029ae2ede39230437136bb172fb8946f5b8c931c049485472d3a6fe490bd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 21 Jul 2024 01:34:31 GMT
x-permitted-cross-domain-policies
none
content-length
529
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 12 Mar 2024 17:01:22 GMT
server
Apache
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
expires
max-age=A10368000, public
polls-js.js
www.investigativepost.org/wp-content/plugins/wp-polls/ 		3 KB
711 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.investigativepost.org/wp-content/plugins/wp-polls/polls-js.js?ver=2.77.2
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
03d87f337bb68d971d9fdb8ed746c0ab6f4008e6060e63ed67057f444a05a6a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 21 Jul 2024 01:34:31 GMT
x-permitted-cross-domain-policies
none
content-length
648
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 14 Dec 2023 21:44:06 GMT
server
Apache
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
expires
max-age=A10368000, public
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=1.0.0
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 01:34:31 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1881
etag
W/"a87c48d211877c49b878679b2e3cdab8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8a6772f57bf81e55-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Jul 2024 01:34:31 GMT
jsPopup.min.js
www.investigativepost.org/wp-content/plugins/popup-box-pro/public/assets/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.investigativepost.org/wp-content/plugins/popup-box-pro/public/assets/js/jsPopup.min.js?ver=2.2
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
82a6ce5be6e364cf4a82ec7be0e67028a3bed0c01c08ee2d1ddf2e4788d30514
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 21 Jul 2024 01:34:31 GMT
x-permitted-cross-domain-policies
none
content-length
2079
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 14 Dec 2023 21:44:05 GMT
server
Apache
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
expires
max-age=A10368000, public
gtm.js
www.googletagmanager.com/ 		191 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WKW3HQJ
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c55bbb4b62795b35be7e169d7b69ffd770c9f89c56faeaf7add371f283d0b901
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 01:34:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69684
x-xss-protection
0
last-modified
Sun, 21 Jul 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 21 Jul 2024 01:34:31 GMT
fbevents.js
connect.facebook.net/en_US/ 		224 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 21 Jul 2024 01:34:31 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58677
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=12, mss=1297, tbw=2769, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
lwHRxg+LpYXiyca6ivPUD+FWAc5WUE3zrclubzJ6czDXA8VnRpR7kRpGMyKdHD+qFKX1t5IzLzqmwe/2O1vHnQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
9140aac1148b142fefbe4933d.js
chimpstatic.com/mcjs-connected/js/users/2a06c22600092f2a2d0dc9a65/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chimpstatic.com/mcjs-connected/js/users/2a06c22600092f2a2d0dc9a65/9140aac1148b142fefbe4933d.js
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.67.131.235 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-131-235.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
9e7eb0c036a4aa626811ae4868c6398a8253d4daaaf679da8f5cbb4b32aecbbe

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency
402, 104
Date
Sun, 21 Jul 2024 01:34:31 GMT
Content-Encoding
gzip
x-amz-request-id
N9EQ1NFN7956189S
X-EdgeConnect-MidMile-RTT
1, 0
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
653
x-amz-id-2
4sMEeuo0g48xzrx6E598Q1Xu+gnQYGDy5ks3px/7nJmTyJ7ZjcINGPvm/lNIw5qIExbbP2vaoyY=
Last-Modified
Thu, 21 Dec 2023 21:29:57 GMT
Server
AmazonS3
ETag
"4b60d3ea13c42468679685c32a1680ac"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=501
Accept-Ranges
bytes
Expires
Sun, 21 Jul 2024 01:42:52 GMT
hotjar-3643723.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3643723.js?sv=5
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-53.fra56.r.cloudfront.net
Software
/
Resource Hash
2b219faa00db8c6a5cfeb0cb9fff4c2102f535b9db149973d751df50239bf214
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 01:34:31 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/81a2fffbdb46fae335a3e328daaeddad
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
sgagCqD_Waf8GVb4E3sLqS1yGm9721uPML4DehDwlgw-6FC9aTCkmw==
fXZoDfS7M1c
www.youtube-nocookie.com/embed/ Frame 5636 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/fXZoDfS7M1c?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jul 2024 01:34:31 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
lnrMw0s2ZdE
www.youtube-nocookie.com/embed/ Frame A0E6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/lnrMw0s2ZdE?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jul 2024 01:34:31 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
-iGmU478R3g
www.youtube-nocookie.com/embed/ Frame 0E7A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/-iGmU478R3g?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jul 2024 01:34:31 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
Georgia.ttf
www.investigativepost.org/wp-content/themes/html5blank/fonts/ 		151 KB
96 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.investigativepost.org/wp-content/themes/html5blank/fonts/Georgia.ttf
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/wp-content/cache/wpfc-minified/sug04v3/4e65g.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
a7cd40982d435cfaa9f6871d64b28b0c47961f4a053ba315434b93378cce6981
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.investigativepost.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Thu, 14 Dec 2023 21:44:06 GMT
x-permitted-cross-domain-policies
none
date
Sun, 21 Jul 2024 01:34:31 GMT
server
Apache
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
x-font/ttf
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
x-xss-protection
1; mode=block
expires
max-age=A10368000, public
gnuolanebk-regular.ttf
www.investigativepost.org/wp-content/themes/html5blank/fonts/ 		56 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.investigativepost.org/wp-content/themes/html5blank/fonts/gnuolanebk-regular.ttf
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/wp-content/cache/wpfc-minified/sug04v3/4e65g.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
e4427366f345127f5d52ccce36f0e8291bd2fc8127ca449c94a94569880489aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.investigativepost.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 21 Jul 2024 01:34:31 GMT
x-permitted-cross-domain-policies
none
content-length
26137
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 14 Dec 2023 21:44:06 GMT
server
Apache
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
x-font/ttf
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
expires
max-age=A10368000, public
fa-brands-400.woff2
www.investigativepost.org/wp-content/themes/html5blank/node_modules/fortawesome/fontawesome-free/webfonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.investigativepost.org/wp-content/themes/html5blank/node_modules/fortawesome/fontawesome-free/webfonts/fa-brands-400.woff2
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/wp-content/cache/wpfc-minified/sug04v3/4e65g.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.investigativepost.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 21 Jul 2024 01:34:31 GMT
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
x-permitted-cross-domain-policies
none
server
Apache
x-frame-options
sameorigin
content-type
application/font-woff2
cache-control
max-age=10368000
accept-ranges
bytes
content-length
76736
x-xss-protection
1; mode=block
expires
max-age=A10368000, public
fa-solid-900.woff2
www.investigativepost.org/wp-content/themes/html5blank/node_modules/fortawesome/fontawesome-free/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.investigativepost.org/wp-content/themes/html5blank/node_modules/fortawesome/fontawesome-free/webfonts/fa-solid-900.woff2
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/wp-content/cache/wpfc-minified/sug04v3/4e65g.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.investigativepost.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 21 Jul 2024 01:34:31 GMT
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
x-permitted-cross-domain-policies
none
server
Apache
x-frame-options
sameorigin
content-type
application/font-woff2
cache-control
max-age=10368000
accept-ranges
bytes
content-length
78268
x-xss-protection
1; mode=block
expires
max-age=A10368000, public
fXZoDfS7M1c
www.youtube-nocookie.com/embed/ Frame 3002 		0
0
lnrMw0s2ZdE
www.youtube-nocookie.com/embed/ Frame F457 		0
0
-iGmU478R3g
www.youtube-nocookie.com/embed/ Frame 467C 		0
0
iak2wDalRho
www.youtube-nocookie.com/embed/ Frame 6CE9 		0
0
IHq-PdFMPUE
www.youtube-nocookie.com/embed/ Frame FA57 		0
0
fXZoDfS7M1c
www.youtube-nocookie.com/embed/ Frame 97EA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/fXZoDfS7M1c?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/wp-content/cache/wpfc-minified/err23nwe/4e65h.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jul 2024 01:34:31 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
lnrMw0s2ZdE
www.youtube-nocookie.com/embed/ Frame 3B46 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/lnrMw0s2ZdE?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/wp-content/cache/wpfc-minified/err23nwe/4e65h.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f14.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jul 2024 01:34:31 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
-iGmU478R3g
www.youtube-nocookie.com/embed/ Frame 773C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/-iGmU478R3g?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/wp-content/cache/wpfc-minified/err23nwe/4e65h.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jul 2024 01:34:31 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
iak2wDalRho
www.youtube-nocookie.com/embed/ Frame 488C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/iak2wDalRho?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/wp-content/cache/wpfc-minified/err23nwe/4e65h.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jul 2024 01:34:31 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
IHq-PdFMPUE
www.youtube-nocookie.com/embed/ Frame 160F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/IHq-PdFMPUE?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/wp-content/cache/wpfc-minified/err23nwe/4e65h.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jul 2024 01:34:31 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
fXZoDfS7M1c
www.youtube-nocookie.com/embed/ Frame 5376 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/fXZoDfS7M1c?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/wp-content/cache/wpfc-minified/err23nwe/4e65h.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f14.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jul 2024 01:34:31 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
lnrMw0s2ZdE
www.youtube-nocookie.com/embed/ Frame C2AE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/lnrMw0s2ZdE?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/wp-content/cache/wpfc-minified/err23nwe/4e65h.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f14.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jul 2024 01:34:31 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
-iGmU478R3g
www.youtube-nocookie.com/embed/ Frame 9A84 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/-iGmU478R3g?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/wp-content/cache/wpfc-minified/err23nwe/4e65h.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f14.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jul 2024 01:34:31 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
-iGmU478R3g
www.youtube-nocookie.com/embed/ Frame EC88 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/-iGmU478R3g?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/wp-content/cache/wpfc-minified/err23nwe/4e65h.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f14.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jul 2024 01:34:31 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
iak2wDalRho
www.youtube-nocookie.com/embed/ Frame 66DB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/iak2wDalRho?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/wp-content/cache/wpfc-minified/err23nwe/4e65h.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f14.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jul 2024 01:34:31 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
IHq-PdFMPUE
www.youtube-nocookie.com/embed/ Frame 9139 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/IHq-PdFMPUE?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/wp-content/cache/wpfc-minified/err23nwe/4e65h.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jul 2024 01:34:31 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
_LJi6xb7icE
www.youtube-nocookie.com/embed/ Frame 4938 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/_LJi6xb7icE?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&autoplay=0
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jul 2024 01:34:31 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
318683177615939
connect.facebook.net/signals/config/ 		68 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/318683177615939?v=2.9.162&r=stable&domain=www.investigativepost.org&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ea2e4907062ac6bc822669fed6938ea9fe77d6526b82e01c36995e493b94988a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 21 Jul 2024 01:34:31 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=53, mss=1297, tbw=64184, tp=-1, tpl=-1, uplat=67, ullat=0
pragma
public
x-fb-debug
76ov0STwB823cNxKBYDHV1K3ylgFxBGnoWp1HXaYOA6ETwSfQ+Pw0K0MJ+0i4DRnsYCrWF+X2/+XwYUVheeVIw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		299 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9Z1F1NQ70H&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKW3HQJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7e02e6853ba51eba5d12b7b04208d030a1d115b96679ac3f03dc0f528ee09278
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 01:34:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102119
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 21 Jul 2024 01:34:31 GMT
js
www.googletagmanager.com/gtag/ 		305 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=GT-TQSC4FR&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKW3HQJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ed9b9674d936f33fdae89cf25c9688790b4a0c4b8f98493fde00e3e1c247696f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 01:34:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103574
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 21 Jul 2024 01:34:31 GMT
modules.e4b2dc39f985f11fb1e4.js
script.hotjar.com/ 		223 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3643723.js?sv=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
/
Resource Hash
619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 01 Jul 2024 08:11:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
1704204
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56291
last-modified
Mon, 01 Jul 2024 08:10:34 GMT
etag
"ca025d2d8ae4b3dc51e058b782590501"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
2wg66AZB-JihuP2TPShgDeNmFpG0p3-sIx_cCamQDlTxF0sUAudjWA==
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-TV3TKKV95J&gtm=45Pe47h0v9129998068za200zb9104842212&_p=1721525670371&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&gdid=dZTNiMT&cid=1196296088.1721525671&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721525671&sct=1&seg=0&dl=https%3A%2F%2Fwww.investigativepost.org%2F&dt=Investigative%20Post%20-%20Jim%20Heaney%20Editor%20%26%20Executive%20Director%2C%20Buffalo%20%26%20WNY%20Investigative%20Reporting%20Center%20%3A%20Investigative%20Post&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3228&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-TQSC4FR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jul 2024 01:34:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.investigativepost.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
261 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TV3TKKV95J&cid=1196296088.1721525671&gtm=45Pe47h0v9129998068za200zb9104842212&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-TQSC4FR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1f::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jul 2024 01:34:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.investigativepost.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TV3TKKV95J&cid=1196296088.1721525671&gtm=45Pe47h0v9129998068za200zb9104842212&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&z=1457396934
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jul 2024 01:34:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1C366C_3_0.ttf
www.investigativepost.org/wp-content/themes/html5blank/fonts/ 		56 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.investigativepost.org/wp-content/themes/html5blank/fonts/1C366C_3_0.ttf
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/wp-content/cache/wpfc-minified/sug04v3/4e65g.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
22f936869af8fadef2cc307c3f906ce0fe0b1d781a95d04f9fbfc14502c19b6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.investigativepost.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 21 Jul 2024 01:34:31 GMT
x-permitted-cross-domain-policies
none
content-length
33055
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 14 Dec 2023 21:44:06 GMT
server
Apache
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
x-font/ttf
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
expires
max-age=A10368000, public
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=318683177615939&ev=PageView&dl=https%3A%2F%2Fwww.investigativepost.org%2F&rl=&if=false&ts=1721525671562&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1721525671559.370255409113158218&cs_est=true&ler=empty&cdl=API_unavailable&it=1721525671384&coo=false&rqm=GET
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=10, mss=1297, tbw=2795, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 21 Jul 2024 01:34:31 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/login/
Redirect Chain
  • https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=318683177615939&ev=PageView&dl=https%3A%2F%2Fwww.investigativepost.org%2F&rl=&if=false&ts=1721525671562&sw=1600&sh=1200&v=2.9.162...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D318683177615939%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Fwww.investiga...
0
0
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-9Z1F1NQ70H&gtm=45je47h0v9105065447z89104842212za200zb9104842212&_p=1721525670371&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1196296088.1721525671&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721525671&sct=1&seg=0&dl=https%3A%2F%2Fwww.investigativepost.org%2F&dt=Investigative%20Post%20-%20Jim%20Heaney%20Editor%20%26%20Executive%20Director%2C%20Buffalo%20%26%20WNY%20Investigative%20Reporting%20Center%20%3A%20Investigative%20Post&en=page_view&_fv=1&_ss=1&tfd=3510&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9Z1F1NQ70H&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jul 2024 01:34:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.investigativepost.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
givebutter.com/elements/api/v2/quEm2xccccrRp5Wd/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://givebutter.com/elements/api/v2/quEm2xccccrRp5Wd/ping
Requested by
Host: widgets.givebutter.com
URL: https://widgets.givebutter.com/latest.umd.cjs?acct=quEm2xccccrRp5Wd&p=wordpress
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:209f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 01:34:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff, nosniff
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
content-security-policy
base-uri 'self'
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
cross-origin-opener-policy
unsafe-none
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
sameorigin
access-control-allow-origin
https://www.investigativepost.org
cache-control
max-age=80727, must-revalidate, public
access-control-allow-credentials
true
permissions-policy
accelerometer=(self), autoplay=*, camera=(self), cross-origin-isolated=(self), display-capture=(self), encrypted-media=(self), fullscreen=*, geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self "https://js.stripe.com" "https://pay.google.com"), picture-in-picture=*, publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=*, usb=(self), xr-spatial-tracking=(self)
x-server
prod-app-13
cf-ray
8a6772f98d5865ae-FRA
classic-061523.css
cdn-images.mailchimp.com/embedcode/ 		5 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-images.mailchimp.com/embedcode/classic-061523.css
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-107.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5883e7efce2f2f635eabad6906850ac83ac2236f675bc969ff508c2ad2c6e041

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
TLAqQVoBq2Hb5kr9KSEXmPqr6DohswZo
content-encoding
gzip
via
1.1 fd9d525f4633063393693172d96013ca.cloudfront.net (CloudFront)
date
Sat, 20 Jul 2024 03:50:28 GMT
last-modified
Tue, 21 Nov 2023 20:06:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P8
age
78244
x-amz-server-side-encryption
AES256
etag
W/"0d26555d70e62981c5039c0b5d571de9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
QlUABRTrNOPnD2PuWNarVdFJesQJ-FAfPkIzQhM-U1uJPg5J0UamfQ==
mc-validate.js
s3.amazonaws.com/downloads.mailchimp.com/js/ 		140 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/downloads.mailchimp.com/js/mc-validate.js
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.5.22.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3.us-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 21 Jul 2024 01:34:32 GMT
Last-Modified
Mon, 20 Aug 2018 17:42:38 GMT
Server
AmazonS3
x-amz-request-id
JNX4KY0RWVZ22GNR
ETag
"6465dd4a8331265e6629cd069e03504c"
Content-Type
application/javascript
Cache-Control
public,max-age=2592000
Accept-Ranges
bytes
Content-Length
143249
x-amz-id-2
Dnacf52fYHR/ZNWtAl4ddFM3bZedNPmy4SNnyypTQ9G7jmgh+Aa2B7wPjVbaUGP6TfoB/sc74dk1PWQwwJV93BREESLjP1eKdbAP8Khclw8=
marfeel-sdk.js
sdk.mrf.io/statics/ 		159 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=4946
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ac67b05556fbdc65aa3608d870760f070d76d103eda40726b16d79844389728

Request headers

Referer
Origin
https://www.investigativepost.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-response-time
5ms
date
Sun, 21 Jul 2024 01:34:33 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Sat, 20 Jul 2024 05:43:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1800
x-envoy-upstream-service-time
16
accept-ranges
bytes
cf-ray
8a6773027eaf2bf5-FRA
alt-svc
h3=":443"; ma=86400
content-length
43772
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=1.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 01:34:33 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
443
etag
W/"e3be409ac3c100e2a5d3f264ec260551"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8a6773023b8c1e55-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Wed, 24 Jul 2024 01:34:33 GMT
3643723
vc.hotjar.io/sessions/ 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/3643723?s=0.25&r=0.19845424349536178
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-79.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 21 Jul 2024 01:34:33 GMT
cache-control
no-store
via
1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
7VgAQ8p9Qq-4GVk-AB_c-SNB_DCka5HyG30bimxGZXgSUoLQjzgxsg==
x-cache
Miss from cloudfront
web
onesignal.com/api/v1/sync/d407f0df-cb7c-4199-bb7c-6b040c2a15c9/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/d407f0df-cb7c-4199-bb7c-6b040c2a15c9/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a45c9bb5ddabc1414fd90305de874c493fe17c8b232da80d7d6dae16cda57616
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 01:34:33 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
EXPIRED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
6aa6fcfc-7fb2-479c-b90a-696a694c1fc4
x-runtime
0.031612
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"a45c9bb5ddabc1414fd90305de874c49"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
8a677302ec121e55-FRA
access-control-allow-headers
SDK-Version
expires
Sun, 21 Jul 2024 02:34:33 GMT
ingest.php
events.newsroom.bi/ 		50 B
861 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=4946
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
141.94.254.117 , France, ASN16276 (OVH, FR),
Reverse DNS
haproxy07.cl13.ovh.mrf.io
Software
istio-envoy /
Resource Hash
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 21 Jul 2024 01:34:33 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.investigativepost.org
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
66
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 01:34:33 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2390
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
8a677304bd261e55-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Tue, 20 Aug 2024 01:34:33 GMT
rfv.php
events.newsroom.bi/data/ 		27 B
480 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/data/rfv.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=4946
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
141.94.254.117 , France, ASN16276 (OVH, FR),
Reverse DNS
haproxy07.cl13.ovh.mrf.io
Software
istio-envoy /
Resource Hash
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarydNqH5VQIuiormXS2

Response headers

date
Sun, 21 Jul 2024 01:34:33 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.investigativepost.org
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
42
icon
onesignal.com/api/v1/apps/d407f0df-cb7c-4199-bb7c-6b040c2a15c9/ 		254 B
798 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/d407f0df-cb7c-4199-bb7c-6b040c2a15c9/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
022f14fe4050150847bd3a5fb1f9ff550dc7877bed7458a9131921a73dc08361
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 01:34:34 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
57a69fd8-ec2f-4235-bb10-b8c73e71fba9
x-runtime
0.015278
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"022f14fe4050150847bd3a5fb1f9ff55"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept, Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
8a6773075dea6933-FRA
access-control-allow-headers
SDK-Version
BUSfwvANTiKa2FJmhhGq_ipostnews.jpg
img.onesignal.com/permanent/7d848b58-a3e2-4842-9bd3-0318adeda1e2/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/permanent/7d848b58-a3e2-4842-9bd3-0318adeda1e2/BUSfwvANTiKa2FJmhhGq_ipostnews.jpg
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81e2333dd5c4a425493b9d01609aff49b4f0cf7edb0c1934553b90922a3ca940
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-goog-encryption-kms-key-name
projects/core-infra-onesignal/locations/europe-west4/keyRings/keyring-kms-onesignal/cryptoKeys/img-persistence-bucket-onesignal/cryptoKeyVersions/1
date
Sun, 21 Jul 2024 01:34:34 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
REVALIDATED
cf-polished
degrade=85, origSize=6330, status=vary_header_present
x-guploader-uploadid
ACJd0NqBX5KGC7gKbaMDPEebqA9EjUHe98BY0Ax0dU3ws54Uyi7GySlbF82xA3fJIEA4AirzAiCsIe6rqA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
2141
pragma
no-cache
cf-bgj
imgq:85,h2pri
last-modified
Thu, 28 Sep 2023 18:42:11 GMT
server
cloudflare
etag
"-CP+wgdT6zYEDEAE="
vary
Origin, Accept-Encoding
x-goog-generation
1695926531938431
content-type
image/jpeg
x-goog-hash
crc32c=+7MBYg==, md5=rVImKsG05Wa/OEz1jFXDrg==
cache-control
public, max-age=2678400
x-goog-stored-content-length
6330
accept-ranges
bytes
cf-ray
8a677307cf011e55-FRA
expires
Wed, 21 Aug 2024 01:34:34 GMT
ingest.php
events.newsroom.bi/ 		2 B
789 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=4946
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
141.94.254.117 , France, ASN16276 (OVH, FR),
Reverse DNS
haproxy07.cl13.ovh.mrf.io
Software
istio-envoy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 21 Jul 2024 01:34:35 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.investigativepost.org
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
2
favicon5.ico
www.investigativepost.org/wp/wp-content/uploads/2012/01/ 		49 KB
50 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.investigativepost.org/wp/wp-content/uploads/2012/01/favicon5.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
72d682e3ce5ce506deffe0ba98f77af717f993ac1a467c6406441c671c81810c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 21 Jul 2024 01:34:35 GMT
referrer-policy
no-referrer
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
server
Apache
x-frame-options
sameorigin
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
link
<https://www.investigativepost.org/wp-json/>; rel="https://api.w.org/"
x-xss-protection
1; mode=block
expires
Wed, 11 Jan 1984 05:00:00 GMT
favicon.png
www.investigativepost.org/wp-content/themes/html5blank/img/icons/ 		49 KB
49 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.investigativepost.org/wp-content/themes/html5blank/img/icons/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
640fb297b968cd0a00a5422770723700c1cc247a0301028ff32034eea2f003ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 21 Jul 2024 01:34:36 GMT
referrer-policy
no-referrer
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
server
Apache
x-frame-options
sameorigin
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
link
<https://www.investigativepost.org/wp-json/>; rel="https://api.w.org/"
x-xss-protection
1; mode=block
expires
Wed, 11 Jan 1984 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.youtube-nocookie.com
URL
https://www.youtube-nocookie.com/embed/fXZoDfS7M1c?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Domain
www.youtube-nocookie.com
URL
https://www.youtube-nocookie.com/embed/lnrMw0s2ZdE?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Domain
www.youtube-nocookie.com
URL
https://www.youtube-nocookie.com/embed/-iGmU478R3g?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Domain
www.youtube-nocookie.com
URL
https://www.youtube-nocookie.com/embed/iak2wDalRho?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Domain
www.youtube-nocookie.com
URL
https://www.youtube-nocookie.com/embed/IHq-PdFMPUE?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Domain
www.facebook.com
URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D318683177615939%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Fwww.investigativepost.org%252F%26rl%26if%3Dfalse%26ts%3D1721525671562%26sw%3D1600%26sh%3D1200%26v%3D2.9.162%26r%3Dstable%26ec%3D0%26o%3D4126%26fbp%3Dfb.1.1721525671559.370255409113158218%26cs_est%3Dtrue%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1721525671384%26coo%3Dfalse%26rqm%3DFGET

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| dataLayer object| _gsScope number| uidEvent object| bootstrap function| jQuery function| ScrollMagic object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| TweenMax function| TimelineLite function| TimelineMax function| BezierPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup function| gtag function| fbq function| _fbq function| powerpress_pinw function| hj object| _hjSettings string| ajaxurl string| views_url function| documentInitOneSignal function| OneSignal object| google_tag_manager object| google_tag_data object| hjSiteSettings function| hjBootstrap object| hjLazyModules object| hjBootstrapCalled function| onYouTubeIframeAPIReady object| gaGlobal object| _sentryDebugIds string| _sentryDebugIdIdentifier object| SENTRY_RELEASE object| gbWidgets object| litPropertyMetadata object| reactiveElementVersions object| litHtmlVersions object| litElementVersions function| iFrameResize function| iframeChildListener object| $mcSite object| mc function| $mcj object| fnames object| ftypes object| pollsL10n function| poll_vote function| poll_process function| poll_result function| poll_booth function| poll_process_success object| PopupBox_2 object| marfeel number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 object| webpackChunk_marfeel_marfeel_sdk object| tp object| __mrfCompass object| googletag

16 Cookies

Domain/Path Name / Value
.onesignal.com/ Name: __cf_bm
Value: ga1VWzQr3FPXRSDP_MmuAGqN.8DBTCi94nz8bgqPJHc-1721525671-1.0.1.1-o7wdSI.gnB8ThVzIE5g3SlgNKMeAPLttCTlyylAjKOoJpQxLN2wP2XVXVy91MpGEvA_yeQNoKMDm6rZCabZdDA
.adnxs.com/ Name: XANDR_PANID
Value: PyzOcrzR-dAq2dPaaRmjO6ZK80htYoaqLugnUZI8oZRxWdkkD5pwDOuaMs0eQdIGowvU6-Gbc3iJHSODNQxj3EeI1sFswtZugcSr_GOEUeA.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 1345450330654193676
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2E>?lBjQc!]tbP6j2F-XstGt!@Dp<$v/hV
.investigativepost.org/ Name: _ga_TV3TKKV95J
Value: GS1.1.1721525671.1.0.1721525671.60.0.0
.investigativepost.org/ Name: _ga
Value: GA1.1.1196296088.1721525671
.investigativepost.org/ Name: _fbp
Value: fb.1.1721525671559.370255409113158218
.givebutter.com/ Name: __cf_bm
Value: qny49oV8SDgc5qlF3xoDsSEcDgaVmZFlq3z0yYDeeFc-1721525671-1.0.1.1-LavgZnMN907RUmtcu84om5o.iG.qFC8kwV6qBsZMGS.Xz5Clg5QSupE7RLGPM.QhC.V6Qyl_.KDkUlNSsz3Fkg
.investigativepost.org/ Name: _ga_9Z1F1NQ70H
Value: GS1.1.1721525671.1.0.1721525671.0.0.0
.investigativepost.org/ Name: _hjSessionUser_3643723
Value: eyJpZCI6ImE0MTY1ZmU5LTUyMTktNWUxMy04YzA4LTJmMmVkYTc2MDIyZSIsImNyZWF0ZWQiOjE3MjE1MjU2NzMzMDQsImV4aXN0aW5nIjpmYWxzZX0=
.investigativepost.org/ Name: _hjSession_3643723
Value: eyJpZCI6IjBhMzkyNzVkLTM1MmQtNDBjYi05YmZiLWM2YzM5ZTI5NTk2NCIsImMiOjE3MjE1MjU2NzMzMDgsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.investigativepost.org/ Name: ___nrbic
Value: %7B%22isNewUser%22%3Atrue%2C%22previousVisit%22%3A1721525673%2C%22currentVisitStarted%22%3A1721525673%2C%22sessionId%22%3A%22b3dcf003-91b3-444c-9729-2d68fa43be82%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//www.investigativepost.org/%22%2C%22referrer%22%3A%22%22%7D
.investigativepost.org/ Name: ___nrbi
Value: %7B%22firstVisit%22%3A1721525673%2C%22userId%22%3A%2212a04549-28e4-47fa-9b52-5e3ca8c74a2e%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1721525673%2C%22timesVisited%22%3A1%7D
.investigativepost.org/ Name: compass_uid
Value: 12a04549-28e4-47fa-9b52-5e3ca8c74a2e
www.investigativepost.org/ Name: PHPSESSID
Value: 5abdd9dc4c30d202e582cac7fb283c7d

3 Console Messages

Source Level URL
Text
other warning URL: https://www.investigativepost.org/
Message:
The keyword 'push-button' used on the 'appearance' property was deprecated and has now been removed. It will no longer have any effect.
network error URL: https://www.investigativepost.org/wp/wp-content/uploads/2012/01/favicon5.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.investigativepost.org/wp-content/themes/html5blank/img/icons/favicon.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-images.mailchimp.com
cdn.onesignal.com
chimpstatic.com
connect.facebook.net
events.newsroom.bi
fonts.googleapis.com
givebutter.com
img.onesignal.com
investigativepost.com
onesignal.com
region1.analytics.google.com
region1.google-analytics.com
s3.amazonaws.com
script.hotjar.com
sdk.mrf.io
secure.adnxs.com
static.hotjar.com
stats.g.doubleclick.net
vc.hotjar.io
widgets.givebutter.com
www.facebook.com
www.google.de
www.googletagmanager.com
www.investigativepost.org
www.youtube-nocookie.com
www.facebook.com
www.youtube-nocookie.com
104.16.160.145
104.17.111.223
13.32.27.21
141.94.254.117
142.250.185.227
15.197.225.128
172.217.16.142
172.67.159.162
18.172.112.107
18.66.102.53
18.66.112.79
185.89.210.141
2001:4860:4802:32::36
23.67.131.235
2606:4700:10::6814:24da
2606:4700:10::ac43:209f
2a00:1450:4001:80e::200a
2a00:1450:4001:81d::200e
2a00:1450:4001:82b::2008
2a00:1450:400c:c1f::9d
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.5.22.4
72.52.164.200
0222cfa0b9ade89be954ac5298b0ec90c7b02406952418b673061387ab1f3520
022f14fe4050150847bd3a5fb1f9ff550dc7877bed7458a9131921a73dc08361
03d87f337bb68d971d9fdb8ed746c0ab6f4008e6060e63ed67057f444a05a6a6
1ac67b05556fbdc65aa3608d870760f070d76d103eda40726b16d79844389728
22e23f380bbe5cc16ff8778e46406ad4380fde378fe70f20a8c0f43bfd2c64d3
22f936869af8fadef2cc307c3f906ce0fe0b1d781a95d04f9fbfc14502c19b6b
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63
2b219faa00db8c6a5cfeb0cb9fff4c2102f535b9db149973d751df50239bf214
410f93ed697c705b2e74d43f77d721906602629d310e29248bdd018f299ced97
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
534a913039d46018814e8de168eef7c676fa6f49981a6bdba43db65c4d54667a
5883e7efce2f2f635eabad6906850ac83ac2236f675bc969ff508c2ad2c6e041
590f1b6e85d0d999a3134674324732b9998521cecca09146cad0ff09147f767e
5e0029ae2ede39230437136bb172fb8946f5b8c931c049485472d3a6fe490bd6
619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0
640fb297b968cd0a00a5422770723700c1cc247a0301028ff32034eea2f003ef
65fd587cb7e1739786169f34370a6cc28055b24d7aa29f5d3bbc7e368f805269
6931faf23e96176b1e6ae246cfd1f3d0c621e95cb6a1ef44d36ef99a771b5bac
70aad76ee6355f9960fac56851e1986dca70a50c1468229ffc5ad4c232fabfd4
72d682e3ce5ce506deffe0ba98f77af717f993ac1a467c6406441c671c81810c
787a4e34016fc54f36ddbca24149ed0cf0f7fc1393ca7cf23b555a818dd0a3a4
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7
7e02e6853ba51eba5d12b7b04208d030a1d115b96679ac3f03dc0f528ee09278
7f41df1f90b44d28185b69f70e170effff109bb3d8d4f616fc3d1965e81f8b0d
81e2333dd5c4a425493b9d01609aff49b4f0cf7edb0c1934553b90922a3ca940
82a6ce5be6e364cf4a82ec7be0e67028a3bed0c01c08ee2d1ddf2e4788d30514
8c4ad2663bdc21c51dc27f198c5e15ec17cd9533a1ecee730647ceb73d4ff3bf
8ea6992a69a092e9ef8e2acfef3cc3042c51234e560af5b5faf0f9282260e7ef
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
9e7eb0c036a4aa626811ae4868c6398a8253d4daaaf679da8f5cbb4b32aecbbe
a45c9bb5ddabc1414fd90305de874c493fe17c8b232da80d7d6dae16cda57616
a7cd40982d435cfaa9f6871d64b28b0c47961f4a053ba315434b93378cce6981
ae8e5a7a6a539aef99394e63436fe6bc13418f92047f757b667f7f4ec7add844
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857
c28cd2f4b5010793b7e54f25f95261198bd995db864d202fd40c3dc6ae3302d6
c55bbb4b62795b35be7e169d7b69ffd770c9f89c56faeaf7add371f283d0b901
c80c3bafc87630abfec18f3b4c29131e0b759b4aa772c0e0a902397a79970631
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4427366f345127f5d52ccce36f0e8291bd2fc8127ca449c94a94569880489aa
e9f58f97fe02dd7d38ea19f9165864ada6f4f929e6c39d13c9a8630d31f5125f
ea2e4907062ac6bc822669fed6938ea9fe77d6526b82e01c36995e493b94988a
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
ed8d8cdc08cfd23e4b0229b664de02aac709770bef075528902c64aef81d2ab6
ed9b9674d936f33fdae89cf25c9688790b4a0c4b8f98493fde00e3e1c247696f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629