urlscan.io logo urlscan.io
SecurityTrails logo

crooksandliars.com Open in urlscan Pro
150.238.37.130  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Effective URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Submission: On January 10 via manual from IE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 186 IPs in 15 countries across 152 domains to perform 982 HTTP transactions. The main IP is 150.238.37.130, located in United States and belongs to SOFTLAYER, US. The main domain is crooksandliars.com. The Cisco Umbrella rank of the primary domain is 236370.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 19th 2021. Valid for: a year.
This is the only time crooksandliars.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 24 150.238.37.130 36351 (SOFTLAYER)
5 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
15 2a00:1450:400... 15169 (GOOGLE)
8 104.19.133.78 13335 (CLOUDFLAR...)
1 15 2606:4700:303... 13335 (CLOUDFLAR...)
14 54.235.119.75 14618 (AMAZON-AES)
1 54.224.99.233 14618 (AMAZON-AES)
4 2a03:2880:f01... 32934 (FACEBOOK)
45 2606:2800:234... 15133 (EDGECAST)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 14 151.101.194.137 54113 (FASTLY)
4 35.190.74.49 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
6 150.238.37.138 36351 (SOFTLAYER)
23 18.189.50.229 16509 (AMAZON-02)
14 2a00:1450:400... 15169 (GOOGLE)
11 2600:9000:223... 16509 (AMAZON-02)
2 104.20.229.67 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
31 142.250.184.194 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
22 172.66.42.247 13335 (CLOUDFLAR...)
1 34.120.253.250 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
2 4 2620:116:800d... 16509 (AMAZON-02)
11 151.139.128.11 20446 (HIGHWINDS3)
9 52.210.237.91 16509 (AMAZON-02)
1 5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2600:9000:223... 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
3 34.98.72.95 15169 (GOOGLE)
10 13 3.123.179.172 16509 (AMAZON-02)
2 54.149.4.149 16509 (AMAZON-02)
7 10 3.126.56.137 16509 (AMAZON-02)
3 54.36.109.183 16276 (OVH)
1 54.70.210.121 16509 (AMAZON-02)
1 34.120.133.55 15169 (GOOGLE)
2 34.210.253.33 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
3 52.2.181.133 14618 (AMAZON-AES)
1 3.234.103.215 14618 (AMAZON-AES)
1 2600:9000:225... 16509 (AMAZON-02)
6 184.30.20.198 16625 (AKAMAI-AS)
4 151.101.129.194 54113 (FASTLY)
1 52.222.214.123 16509 (AMAZON-02)
1 178.250.0.165 44788 (ASN-CRITE...)
5 13 37.252.173.38 29990 (ASN-APPNEX)
1 52.29.163.83 16509 (AMAZON-02)
3 54.80.147.122 14618 (AMAZON-AES)
1 18.66.97.124 16509 (AMAZON-02)
8 18.66.109.174 16509 (AMAZON-02)
2 3.120.57.46 16509 (AMAZON-02)
10 34.149.20.76 15169 (GOOGLE)
4 8 216.52.2.39 30282 (AS-INAPCD...)
4 34.98.64.218 15169 (GOOGLE)
2 34 2.18.234.21 16625 (AKAMAI-AS)
4 18.157.246.64 16509 (AMAZON-02)
2 2602:803:c003... 26667 (RUBICONPR...)
2 213.19.147.42 3356 (LEVEL3)
7 151.101.66.137 54113 (FASTLY)
11 2a00:1450:400... 15169 (GOOGLE)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
2 178.250.2.146 44788 (ASN-CRITE...)
1 18.66.112.41 16509 (AMAZON-02)
1 18.66.112.29 16509 (AMAZON-02)
3 193.122.128.135 31898 (ORACLE-BM...)
8 2606:4700:10:... 13335 (CLOUDFLAR...)
6 51.89.9.253 16276 (OVH)
3 104.16.68.69 13335 (CLOUDFLAR...)
1 2 147.75.61.140 54825 (PACKET)
20 54.77.47.243 16509 (AMAZON-02)
1 178.162.133.150 60781 (LEASEWEB-...)
1 184.31.84.150 16625 (AKAMAI-AS)
7 104.244.42.8 13414 (TWITTER)
2 2a00:1450:400... 15169 (GOOGLE)
2 13.32.99.88 16509 (AMAZON-02)
1 104.111.219.144 16625 (AKAMAI-AS)
2 46.105.202.126 16276 (OVH)
12 52.72.173.84 14618 (AMAZON-AES)
9 2a00:1450:400... 15169 (GOOGLE)
5 67.202.105.32 32748 (STEADFAST)
5 5 185.64.190.79 62713 (AS-PUBMATIC)
3 7 198.47.127.20 62713 (AS-PUBMATIC)
6 6 213.19.147.45 3356 (LEVEL3)
6 14 52.223.40.198 16509 (AMAZON-02)
3 3 70.42.32.63 22075 (AS-OUTBRAIN)
3 178.162.133.149 60781 (LEASEWEB-...)
1 176.34.73.162 16509 (AMAZON-02)
1 174.137.133.49 27257 (WEBAIR-IN...)
3 3 34.254.166.91 16509 (AMAZON-02)
3 3 3.123.178.108 16509 (AMAZON-02)
2 38.27.122.101 174 (COGENT-174)
10 25 216.58.212.130 15169 (GOOGLE)
1 22 185.64.190.80 62713 (AS-PUBMATIC)
4 4 198.8.71.129 54312 (ROCKETFUEL)
6 67.202.105.21 32748 (STEADFAST)
23 34.117.4.53 15169 (GOOGLE)
6 2600:9000:236... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 13.32.99.35 16509 (AMAZON-02)
12 37.157.6.246 198622 (ADFORM)
2 185.170.61.205 27381 (CASALE-MEDIA)
6 2a00:1450:400... 15169 (GOOGLE)
3 18.159.247.85 16509 (AMAZON-02)
2 4 35.207.10.239 15169 (GOOGLE)
1 1 154.59.122.79 174 (COGENT-174)
3 6 209.54.180.3 16509 (AMAZON-02)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
2 3 52.210.109.111 16509 (AMAZON-02)
1 52.24.171.117 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
9 37.157.6.235 198622 (ADFORM)
2 6 52.30.14.23 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
26 2.18.235.40 16625 (AKAMAI-AS)
1 185.170.63.49 27381 (CASALE-MEDIA)
7 2a00:1450:400... 15169 (GOOGLE)
1 4 198.47.127.19 3257 (GTT-BACKB...)
2 5 37.157.3.28 198622 (ADFORM)
2 2 213.155.156.184 1299 (TWELVE99 ...)
1 178.250.0.163 44788 (ASN-CRITE...)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
5 9 151.101.66.49 54113 (FASTLY)
1 1 34.205.3.24 14618 (AMAZON-AES)
4 4 52.49.138.193 16509 (AMAZON-02)
1 185.86.138.144 201081 (SMARTADSE...)
1 1 23.88.75.187 24940 (HETZNER-AS)
1 1 94.23.73.243 16276 (OVH)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2a04:4e42:200... 54113 (FASTLY)
1 151.101.129.44 54113 (FASTLY)
2 63.251.232.165 29791 (VOXEL-DOT...)
1 195.5.165.20 44968 (IPROM-AS)
8 8 185.29.132.241 30419 (MEDIAMATH...)
1 1 141.94.170.77 16276 (OVH)
1 20 2606:4700:10:... 13335 (CLOUDFLAR...)
2 4 169.50.137.182 36351 (SOFTLAYER)
2 4 2a05:d018:d29... 16509 (AMAZON-02)
2 2 2001:678:cb4:... 56396 (AMOBEE)
1 3 2a02:fa8:8806... 41041 (VCLK-EU-SE)
3 4 66.155.71.150 13768 (COGECO-PEER1)
1 1 159.65.197.210 14061 (DIGITALOC...)
1 1 34.102.253.54 15169 (GOOGLE)
2 4 185.33.221.89 29990 (ASN-APPNEX)
2 199.212.255.247 25948 (FHMNET)
2 2606:4700:303... 13335 (CLOUDFLAR...)
38 2600:9000:225... 16509 (AMAZON-02)
4 18.195.155.181 16509 (AMAZON-02)
8 8 185.184.8.65 204995 (RTB-HOUSE...)
1 5 46.249.52.248 50673 (SERVERIUS-AS)
10 104.109.78.125 16625 (AKAMAI-AS)
2 151.101.65.108 54113 (FASTLY)
2 35.244.159.8 15169 (GOOGLE)
1 152.199.22.191 15133 (EDGECAST)
3 3 2.19.35.65 16625 (AKAMAI-AS)
2 104.17.120.107 13335 (CLOUDFLAR...)
2 2 34.199.172.6 14618 (AMAZON-AES)
1 1 74.214.196.131 19189 (PULSEPOINT)
2 2 8.2.111.137 46636 (NATCOWEB)
2 2 18.194.172.208 16509 (AMAZON-02)
1 34.200.142.247 14618 (AMAZON-AES)
2 2 51.178.20.139 16276 (OVH)
1 1 66.155.71.149 13768 (COGECO-PEER1)
3 5.178.65.253 50673 (SERVERIUS-AS)
2 35.227.252.103 15169 (GOOGLE)
4 8 3.225.222.206 14618 (AMAZON-AES)
1 3 168.119.146.39 24940 (HETZNER-AS)
1 2 18.213.10.151 14618 (AMAZON-AES)
3 2606:2800:134... 15133 (EDGECAST)
1 8.43.72.97 26667 (RUBICONPR...)
2 104.16.200.58 13335 (CLOUDFLAR...)
1 205.234.175.175 23352 (SERVERCEN...)
1 35.244.174.68 15169 (GOOGLE)
4 4 8.39.36.142 26667 (RUBICONPR...)
1 7 8.39.36.141 26667 (RUBICONPR...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 185.86.137.107 201081 (SMARTADSE...)
2 6 76.223.111.18 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
3 3 18.194.149.16 16509 (AMAZON-02)
2 2 52.213.153.198 16509 (AMAZON-02)
1 1 52.0.35.69 14618 (AMAZON-AES)
1 184.72.220.63 14618 (AMAZON-AES)
1 18.66.97.109 16509 (AMAZON-02)
7 2606:2800:134... 15133 (EDGECAST)
1 69.173.144.165 26667 (RUBICONPR...)
3 4 35.227.248.159 15169 (GOOGLE)
1 2600:1f18:659... 14618 (AMAZON-AES)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
1 34.254.143.3 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
2 2 35.201.81.244 15169 (GOOGLE)
1 89.163.159.102 24961 (MYLOC-AS ...)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 18.170.15.31 16509 (AMAZON-02)
1 34.98.67.61 15169 (GOOGLE)
2 35.164.220.10 16509 (AMAZON-02)
1 1 2.18.233.201 16625 (AKAMAI-AS)
1 1 52.200.32.220 14618 (AMAZON-AES)
1 2 52.94.223.167 16509 (AMAZON-02)
1 2 104.111.215.191 16625 (AKAMAI-AS)
1 1 176.34.153.222 16509 (AMAZON-02)
2 38.91.45.7 398989 (DEEPINTENT)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.229 62713 (AS-PUBMATIC)
1 2 77.243.60.138 42697 (NETIC-AS)
1 192.132.33.46 18568 (BIDTELLECT)
2 3 104.111.242.53 16625 (AKAMAI-AS)
1 1 52.22.106.223 14618 (AMAZON-AES)
1 1 34.102.163.6 15169 (GOOGLE)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
7 52.70.120.137 14618 (AMAZON-AES)
1 51.158.28.83 12876 (Online SAS)
9 185.64.189.112 62713 (AS-PUBMATIC)
2 2606:4700::68... 13335 (CLOUDFLAR...)
20 2606:2800:233... 15133 (EDGECAST)
6 104.19.136.78 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 52.57.150.20 16509 (AMAZON-02)
2 75.2.13.80 16509 (AMAZON-02)
982 186
24    150.238.37.130 (United States)

ASN36351 (SOFTLAYER, US)
PTR: sam.crooksandliars.com
crooksandliars.com
blueamerica.crooksandliars.com
5    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
15    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
8    104.19.133.78 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
15    2606:4700:3035::ac43:b142 (United States)

ASN13335 (CLOUDFLARENET, US)
comments.yappaapp.com
embed.yappaapp.com
conversations.yappaapp.com
14    54.235.119.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-119-75.compute-1.amazonaws.com
soapps.net
1    54.224.99.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-224-99-233.compute-1.amazonaws.com
static.newsmaxfeednetwork.com
4    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
45    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
3    2606:4700::6811:4f22 (United States)

ASN13335 (CLOUDFLARENET, US)
global.proper.io
eb.proper.io
14    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
cd.connatix.com
cds.connatix.com
img.connatix.com
4    35.190.74.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.74.190.35.bc.googleusercontent.com
glisteningguide.com
1    2600:9000:223f:5200:1c:386f:ec80:21 (United States)

ASN16509 (AMAZON-02, US)
d3lcz8vpax4lo2.cloudfront.net
6    150.238.37.138 (United States)

ASN36351 (SOFTLAYER, US)
PTR: dean.crooksandliars.com
embed.crooksandliars.com
media.crooksandliars.com
23    18.189.50.229 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-189-50-229.us-east-2.compute.amazonaws.com
capi.connatix.com
14    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
11    2600:9000:223c:c000:6:6801:f140:93a1 (United States)

ASN16509 (AMAZON-02, US)
prod-static.yappaapp.com
2    104.20.229.67 (None, )

ASN13335 (CLOUDFLARENET, US)
statcounter.com
c.statcounter.com
9    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
31    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
partner.googleadservices.com
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
15    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
22    172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)
resources.infolinks.com
router.infolinks.com
rt3042.infolinks.com
1    34.120.253.250 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 250.253.120.34.bc.googleusercontent.com
tag.bounceexchange.com
4    2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
11    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
assets.newsmaxwidget.com
assets.revcontent.com
images.newsmaxwidget.com
9    52.210.237.91 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-237-91.eu-west-1.compute.amazonaws.com
trends.newsmaxwidget.com
5    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    2600:9000:223d:3800:9:78a:e540:93a1 (United States)

ASN16509 (AMAZON-02, US)
product.instiengage.com
auth.instiengage.com
1    2600:9000:223f:ba00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
3    34.98.72.95 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 95.72.98.34.bc.googleusercontent.com
assets.bounceexchange.com
13    3.123.179.172 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-179-172.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    54.149.4.149 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-4-149.us-west-2.compute.amazonaws.com
usync.proper.io
10    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    54.36.109.183 (France)

ASN16276 (OVH, FR)
PTR: p08.id5-sync.com
id5-sync.com
1    54.70.210.121 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-70-210-121.us-west-2.compute.amazonaws.com
id.sharedid.org
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
2    34.210.253.33 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-210-253-33.us-west-2.compute.amazonaws.com
bids.proper.io
1    2600:9000:223f:6600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
3    52.2.181.133 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-181-133.compute-1.amazonaws.com
geoip.insticator.com
event.insticator.com
1    3.234.103.215 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-103-215.compute-1.amazonaws.com
b2c.insticator.com
1    2600:9000:2251:3e00:10:3422:3f00:21 (United States)

ASN16509 (AMAZON-02, US)
df80k0z3fi8zg.cloudfront.net
6    184.30.20.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-198.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    151.101.129.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
1    52.222.214.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-123.fra56.r.cloudfront.net
get.s-onetag.com
1    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
13    37.252.173.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    52.29.163.83 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-163-83.eu-central-1.compute.amazonaws.com
tlx.3lift.com
3    54.80.147.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-147-122.compute-1.amazonaws.com
mantodea.mantisadnetwork.com
ecs.mantisadnetwork.com
1    18.66.97.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-124.fra56.r.cloudfront.net
hb.undertone.com
8    18.66.109.174 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-109-174.fra56.r.cloudfront.net
c.amazon-adsystem.com
2    3.120.57.46 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-57-46.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
10    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
8    216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
4    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
propermedia-d.openx.net
insticator-d.openx.net
u.openx.net
us-u.openx.net
34    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
as-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
js-sec.indexww.com
dsum.casalemedia.com
ssum.casalemedia.com
4    18.157.246.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-246-64.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
2    2602:803:c003:200::61 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    213.19.147.42 (United Kingdom)

ASN3356 (LEVEL3, US)
tag.1rx.io
7    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
vid.connatix.com
ins.connatix.com
11    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    18.66.112.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-41.fra56.r.cloudfront.net
onetag-geo.s-onetag.com
1    18.66.112.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-29.fra56.r.cloudfront.net
signal-beacon.s-onetag.com
3    193.122.128.135 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
insticator.technoratimedia.com
sync.technoratimedia.com
8    2606:4700:10::6816:b7 (United States)

ASN13335 (CLOUDFLARENET, US)
ex.ingage.tech
6    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
3    104.16.68.69 (None, )

ASN13335 (CLOUDFLARENET, US)
dmx.districtm.io
cdn.districtm.io
2    147.75.61.140 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
20    54.77.47.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
1    178.162.133.150 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
1    184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
7    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
2    2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    13.32.99.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-88.fra60.r.cloudfront.net
ats.rlcdn.com
1    104.111.219.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-219-144.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
2    46.105.202.126 (France)

ASN16276 (OVH, FR)
cdn.id5-sync.com
12    52.72.173.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-173-84.compute-1.amazonaws.com
eua.instiengage.com
event.instiengage.com
geoip.instiengage.com
cms.instiengage.com
9    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    67.202.105.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net
de.tynt.com
5    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
7    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
6    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
14    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    70.42.32.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
3    178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
1    176.34.73.162 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-73-162.eu-west-1.compute.amazonaws.com
s.cpx.to
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
3    34.254.166.91 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-166-91.eu-west-1.compute.amazonaws.com
ad.360yield.com
3    3.123.178.108 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-178-108.eu-central-1.compute.amazonaws.com
pixel.advertising.com
2    38.27.122.101 (United States)

ASN174 (COGENT-174, US)
match.bnmla.com
25    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net
cm.g.doubleclick.net
22    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
4    198.8.71.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
6    67.202.105.21 (United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
23    34.117.4.53 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 53.4.117.34.bc.googleusercontent.com
api.bounceexchange.com
events.bouncex.net
6    2600:9000:236e:3400:1a:5302:20c0:21 (United States)

ASN16509 (AMAZON-02, US)
dh014lg6uwepv.cloudfront.net
2    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com
2    13.32.99.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-35.fra60.r.cloudfront.net
geo.privacymanager.io
12    37.157.6.246 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
2    185.170.61.205 (Canada)

ASN27381 (CASALE-MEDIA, CA)
a5264.casalemedia.com
6    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    18.159.247.85 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-247-85.eu-central-1.compute.amazonaws.com
protected-by.clarium.io
4    35.207.10.239 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 239.10.207.35.bc.googleusercontent.com
ssp.behave.com
1    154.59.122.79 (United States)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
6    209.54.180.3 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
3    52.210.109.111 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-109-111.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    52.24.171.117 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-24-171-117.us-west-2.compute.amazonaws.com
dmp.brand-display.com
5    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
17    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
9    37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
6    52.30.14.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
bcp.crwdcntrl.net
sync.crwdcntrl.net
4    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
26    2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
1    185.170.63.49 (Canada)

ASN27381 (CASALE-MEDIA, CA)
a4337.casalemedia.com
7    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
5    37.157.3.28 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
2    213.155.156.184 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-184.teliacarrier-cust.com
d5p.de17a.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
9    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    34.205.3.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-3-24.compute-1.amazonaws.com
sync.srv.stackadapt.com
4    52.49.138.193 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-138-193.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    185.86.138.144 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    23.88.75.187 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.187.75.88.23.clients.your-server.de
csync.loopme.me
1    94.23.73.243 (Lisbon, Portugal)

ASN16276 (OVH, FR)
PTR: ip243.ip-94-23-73.eu
green.erne.co
2    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
match.taboola.com
2    63.251.232.165 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
8    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    141.94.170.77 (France)

ASN16276 (OVH, FR)
PTR: pikafka-6.cloudy.ovh
pixel.onaudience.com
20    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
4    169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
4    2a05:d018:d29:3602:74fc:7750:9e36:ae36 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
3    2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
casale-match.dotomi.com
dclk-match.dotomi.com
4    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.102.253.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
4    185.33.221.89 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
2    199.212.255.247 (Canada)

ASN25948 (FHMNET, CA)
node221.impressionssl.adshop.infolinks.com
2    2606:4700:3031::ac43:d645 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
38    2600:9000:225e:1200:17:5bae:c7c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.instiengage.com
4    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
8    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
5    46.249.52.248 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
sync.e-planning.net
u-ams02.e-planning.net
10    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
1    152.199.22.191 (United States)

ASN15133 (EDGECAST, US)
ad-cdn.technoratimedia.com
3    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    104.17.120.107 (None, )

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
2    34.199.172.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-172-6.compute-1.amazonaws.com
sync.ipredictive.com
1    74.214.196.131 (Sunnyvale, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    8.2.111.137 (United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    18.194.172.208 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-172-208.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
1    34.200.142.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-142-247.compute-1.amazonaws.com
b2c.instiengage.com
2    51.178.20.139 (France)

ASN16276 (OVH, FR)
PTR: ns31193669.ip-51-178-20.eu
gu.dyntrk.com
1    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
3    5.178.65.253 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net
s.e-planning.net
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
8    3.225.222.206 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-222-206.compute-1.amazonaws.com
a.audrte.com
3    168.119.146.39 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.39.146.119.168.clients.your-server.de
sync.richaudience.com
2    18.213.10.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-10-151.compute-1.amazonaws.com
um2.eqads.com
3    2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)
cdn.syndication.twimg.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
2    104.16.200.58 (None, )

ASN13335 (CLOUDFLARENET, US)
pixel.yabidos.com
1    205.234.175.175 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
4    8.39.36.142 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
7    8.39.36.141 (Los Angeles, United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    185.86.137.107 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
6    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    2600:9000:223c:7400:1f:2473:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.undertone.com
3    18.194.149.16 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-149-16.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    52.213.153.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-153-198.eu-west-1.compute.amazonaws.com
d.adroll.com
1    52.0.35.69 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-35-69.compute-1.amazonaws.com
nep.advangelists.com
1    184.72.220.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-72-220-63.compute-1.amazonaws.com
rtb.adentifi.com
1    18.66.97.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-109.fra56.r.cloudfront.net
tags.crwdcntrl.net
7    2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)
pbs.twimg.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
4    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
1    2600:1f18:6593:f602:8bd3:480b:a39:d536 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
2    2a05:d018:24:b002:6973:f435:affb:5901 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
1    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loadeu.exelator.com
1    151.1.205.165 (Milan, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
2    35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 244.81.201.35.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    89.163.159.102 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    18.170.15.31 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-170-15-31.eu-west-2.compute.amazonaws.com
aa.agkn.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    35.164.220.10 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-164-220-10.us-west-2.compute.amazonaws.com
beacon.krxd.net
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    52.200.32.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-32-220.compute-1.amazonaws.com
usermatch.krxd.net
2    52.94.223.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    176.34.153.222 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-153-222.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
2    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    185.64.189.229 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
3    104.111.242.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com
px.owneriq.net
1    52.22.106.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-106-223.compute-1.amazonaws.com
sync.extend.tv
1    34.102.163.6 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
7    52.70.120.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-120-137.compute-1.amazonaws.com
usr.undertone.com
1    51.158.28.83 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-158-28-83.rev.poneytelecom.eu
js.cookieless-data.com
9    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    2606:4700::6810:76c3 (United States)

ASN13335 (CLOUDFLARENET, US)
pre.glotgrx.com
20    2606:2800:233:1ab3:789:1032:20e3:21 (United States)

ASN15133 (EDGECAST, US)
video.twimg.com
6    104.19.136.78 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
1    2606:4700:3034::6815:4466 (United States)

ASN13335 (CLOUDFLARENET, US)
images.getadmiral.com
2    52.57.150.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
ps.eyeota.net
2    75.2.13.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0cb5afe0ce76779e.awsglobalaccelerator.com
connect-metrics-collector.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
Apex Domain
Subdomains		 Transfer
65 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 175
cm.g.doubleclick.net — Cisco Umbrella Rank: 169
pubads.g.doubleclick.net — Cisco Umbrella Rank: 490
272 KB
55 instiengage.com
product.instiengage.com — Cisco Umbrella Rank: 19487
auth.instiengage.com — Cisco Umbrella Rank: 16562
eua.instiengage.com — Cisco Umbrella Rank: 19399
event.instiengage.com — Cisco Umbrella Rank: 22565
geoip.instiengage.com — Cisco Umbrella Rank: 24198
static.instiengage.com — Cisco Umbrella Rank: 20288
b2c.instiengage.com — Cisco Umbrella Rank: 28677
cms.instiengage.com — Cisco Umbrella Rank: 28839
2 MB
54 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 446
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 448 Failed
image8.pubmatic.com — Cisco Umbrella Rank: 542
image4.pubmatic.com — Cisco Umbrella Rank: 741
image2.pubmatic.com — Cisco Umbrella Rank: 862
image6.pubmatic.com — Cisco Umbrella Rank: 531
simage2.pubmatic.com — Cisco Umbrella Rank: 481
simage4.pubmatic.com — Cisco Umbrella Rank: 967
aud.pubmatic.com — Cisco Umbrella Rank: 3421
175 KB
52 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 546
syndication.twitter.com — Cisco Umbrella Rank: 767
1 MB
44 connatix.com
cd.connatix.com — Cisco Umbrella Rank: 2965
cds.connatix.com — Cisco Umbrella Rank: 3049
capi.connatix.com — Cisco Umbrella Rank: 2534
vid.connatix.com — Cisco Umbrella Rank: 3514
img.connatix.com — Cisco Umbrella Rank: 3559
ins.connatix.com — Cisco Umbrella Rank: 12435
1 MB
35 casalemedia.com
as-sec.casalemedia.com — Cisco Umbrella Rank: 1062
htlb.casalemedia.com — Cisco Umbrella Rank: 437
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 456
a5264.casalemedia.com — Cisco Umbrella Rank: 599991
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496
a4337.casalemedia.com — Cisco Umbrella Rank: 277266
dsum.casalemedia.com — Cisco Umbrella Rank: 1048
ssum.casalemedia.com — Cisco Umbrella Rank: 1052
46 KB
34 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 94
d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 127
508 KB
30 twimg.com
cdn.syndication.twimg.com — Cisco Umbrella Rank: 1340
pbs.twimg.com — Cisco Umbrella Rank: 691
video.twimg.com — Cisco Umbrella Rank: 1544
1 MB
30 crooksandliars.com
crooksandliars.com — Cisco Umbrella Rank: 236370
embed.crooksandliars.com — Cisco Umbrella Rank: 723908
blueamerica.crooksandliars.com — Cisco Umbrella Rank: 726523
media.crooksandliars.com — Cisco Umbrella Rank: 721444 Failed
741 KB
28 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 442
eus.rubiconproject.com — Cisco Umbrella Rank: 503
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 906
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 922
token.rubiconproject.com — Cisco Umbrella Rank: 583
pixel.rubiconproject.com — Cisco Umbrella Rank: 270
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2071
61 KB
26 moatads.com
z.moatads.com — Cisco Umbrella Rank: 348
px.moatads.com — Cisco Umbrella Rank: 393
108 KB
26 adform.net
track.adform.net — Cisco Umbrella Rank: 3624
s1.adform.net — Cisco Umbrella Rank: 7427
c1.adform.net — Cisco Umbrella Rank: 524
dmp.adform.net — Cisco Umbrella Rank: 1949
255 KB
26 yappaapp.com
comments.yappaapp.com — Cisco Umbrella Rank: 71967
embed.yappaapp.com — Cisco Umbrella Rank: 74720
prod-static.yappaapp.com — Cisco Umbrella Rank: 73521
conversations.yappaapp.com — Cisco Umbrella Rank: 83617
486 KB
24 infolinks.com
resources.infolinks.com — Cisco Umbrella Rank: 7224
router.infolinks.com — Cisco Umbrella Rank: 2418
rt3042.infolinks.com — Cisco Umbrella Rank: 97981
node221.impressionssl.adshop.infolinks.com — Cisco Umbrella Rank: 299106
524 KB
22 bouncex.net
events.bouncex.net — Cisco Umbrella Rank: 1769
2 KB
20 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1092
mwzeom.zeotap.com — Cisco Umbrella Rank: 1443
6 KB
20 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1427
rtb.gumgum.com — Cisco Umbrella Rank: 995
12 KB
20 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 427
fonts.googleapis.com — Cisco Umbrella Rank: 37
2 MB
20 google.com
adservice.google.com — Cisco Umbrella Rank: 69
www.google.com — Cisco Umbrella Rank: 8
3 KB
19 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
secure.adnxs.com — Cisco Umbrella Rank: 351
acdn.adnxs.com — Cisco Umbrella Rank: 534
34 KB
18 newsmaxwidget.com
assets.newsmaxwidget.com — Cisco Umbrella Rank: 42263
trends.newsmaxwidget.com — Cisco Umbrella Rank: 40972
images.newsmaxwidget.com — Cisco Umbrella Rank: 49372
128 KB
16 33across.com
ssc.33across.com — Cisco Umbrella Rank: 1506
ssc-cms.33across.com — Cisco Umbrella Rank: 826
2 KB
16 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 272
s.amazon-adsystem.com — Cisco Umbrella Rank: 263
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1384
88 KB
16 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 249
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 404
ads.yahoo.com — Cisco Umbrella Rank: 722
cms.analytics.yahoo.com — Cisco Umbrella Rank: 775
8 KB
14 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 295
5 KB
14 soapps.net
soapps.net — Cisco Umbrella Rank: 24217
1 MB
14 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 7907
c.mgid.com — Cisco Umbrella Rank: 5816
cdn.mgid.com — Cisco Umbrella Rank: 10239
servicer.mgid.com — Cisco Umbrella Rank: 8010
s-img.mgid.com — Cisco Umbrella Rank: 6938
cm.mgid.com — Cisco Umbrella Rank: 1447
176 KB
13 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 254
5 KB
12 google.de
adservice.google.de — Cisco Umbrella Rank: 8579
www.google.de — Cisco Umbrella Rank: 6151
2 KB
11 gstatic.com
www.gstatic.com
fonts.gstatic.com
369 KB
9 e-planning.net
sync.e-planning.net — Cisco Umbrella Rank: 4327
u-ams02.e-planning.net — Cisco Umbrella Rank: 47537
s.e-planning.net — Cisco Umbrella Rank: 4980
i.e-planning.net — Cisco Umbrella Rank: 124557
18 KB
9 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 372
pixel.mathtag.com — Cisco Umbrella Rank: 1039
5 KB
9 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 491
2 KB
9 undertone.com
hb.undertone.com — Cisco Umbrella Rank: 3552
cdn.undertone.com — Cisco Umbrella Rank: 6180
usr.undertone.com — Cisco Umbrella Rank: 3511
5 KB
9 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
59 KB
8 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2824
6 KB
8 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 666
3 KB
8 ingage.tech
ex.ingage.tech — Cisco Umbrella Rank: 13176
1 KB
8 openx.net
propermedia-d.openx.net — Cisco Umbrella Rank: 12288
insticator-d.openx.net — Cisco Umbrella Rank: 14111
u.openx.net — Cisco Umbrella Rank: 639
rtb.openx.net — Cisco Umbrella Rank: 1154
us-u.openx.net — Cisco Umbrella Rank: 316
1 KB
8 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 609
4 KB
8 cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
df80k0z3fi8zg.cloudfront.net
dh014lg6uwepv.cloudfront.net
115 KB
7 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1697
tags.crwdcntrl.net — Cisco Umbrella Rank: 1395
bcp.crwdcntrl.net — Cisco Umbrella Rank: 538
sync.crwdcntrl.net — Cisco Umbrella Rank: 641
15 KB
7 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 569
eb2.3lift.com — Cisco Umbrella Rank: 355
3 KB
7 proper.io
global.proper.io — Cisco Umbrella Rank: 10106
usync.proper.io — Cisco Umbrella Rank: 4893
bids.proper.io — Cisco Umbrella Rank: 10647
eb.proper.io — Cisco Umbrella Rank: 11601
113 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 151
221 KB
6 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 888
4 KB
6 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1243
sync.1rx.io — Cisco Umbrella Rank: 464
3 KB
6 emxdgt.com
hb.emxdgt.com — Cisco Umbrella Rank: 1720
cs.emxdgt.com — Cisco Umbrella Rank: 809
321 B
6 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 693
gum.criteo.com — Cisco Umbrella Rank: 339
mug.criteo.com — Cisco Umbrella Rank: 3226
dis.criteo.com — Cisco Umbrella Rank: 574
2 KB
5 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 547
pixel.sitescout.com — Cisco Umbrella Rank: 2742
1 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 347
103 KB
5 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1127
1 KB
5 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 3312
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 3801
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 3921
connect-metrics-collector.s-onetag.com — Cisco Umbrella Rank: 2789
signal-metrics-collector-beta.s-onetag.com — Cisco Umbrella Rank: 2717
17 KB
5 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 545
cdn.id5-sync.com — Cisco Umbrella Rank: 1650
23 KB
5 bounceexchange.com
tag.bounceexchange.com — Cisco Umbrella Rank: 2086
assets.bounceexchange.com — Cisco Umbrella Rank: 1909
api.bounceexchange.com — Cisco Umbrella Rank: 2686
213 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
209 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 369
2 KB
4 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 631
2 KB
4 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 450
2 KB
4 behave.com
ssp.behave.com — Cisco Umbrella Rank: 2614
2 KB
4 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 606
3 KB
4 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1599
sync.go.sonobi.com — Cisco Umbrella Rank: 832
2 KB
4 technoratimedia.com
insticator.technoratimedia.com — Cisco Umbrella Rank: 15767
ad-cdn.technoratimedia.com — Cisco Umbrella Rank: 3937
sync.technoratimedia.com — Cisco Umbrella Rank: 989
7 KB
4 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1222
461 B
4 fastly.net
confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1481
202 KB
4 insticator.com
geoip.insticator.com — Cisco Umbrella Rank: 17251
b2c.insticator.com — Cisco Umbrella Rank: 14412
event.insticator.com — Cisco Umbrella Rank: 13913
3 KB
4 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 730
ats.rlcdn.com — Cisco Umbrella Rank: 1401
id.rlcdn.com — Cisco Umbrella Rank: 656
75 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 864
pixel.quantserve.com — Cisco Umbrella Rank: 380
11 KB
4 glisteningguide.com
glisteningguide.com — Cisco Umbrella Rank: 449679
50 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
196 KB
4 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 2844
onesignal.com — Cisco Umbrella Rank: 1221
82 KB
3 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 770
1 KB
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 356
usermatch.krxd.net — Cisco Umbrella Rank: 896
942 B
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 712
2 KB
3 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1830
743 B
3 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 586
2 KB
3 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2366
casale-match.dotomi.com — Cisco Umbrella Rank: 2138
dclk-match.dotomi.com — Cisco Umbrella Rank: 2256
393 B
3 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 523
match.taboola.com — Cisco Umbrella Rank: 1738
730 B
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 184
2 KB
3 ad4m.at
ad4m.at — Cisco Umbrella Rank: 1612
910 B
3 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1757
1 KB
3 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 293
1 KB
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 620
844 B
3 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 533
877 B
3 districtm.io
dmx.districtm.io — Cisco Umbrella Rank: 1247
cdn.districtm.io — Cisco Umbrella Rank: 1795
321 B
3 mantisadnetwork.com
mantodea.mantisadnetwork.com — Cisco Umbrella Rank: 10765
ecs.mantisadnetwork.com — Cisco Umbrella Rank: 19753
973 B
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 769
2 KB
2 glotgrx.com
pre.glotgrx.com — Cisco Umbrella Rank: 5876
392 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1012
1 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 2978
1 KB
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 771
83 B
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 402
650 B
2 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 25120
674 B
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 982
791 B
2 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1320
223 B
2 yabidos.com
pixel.yabidos.com — Cisco Umbrella Rank: 6044
25 KB
2 eqads.com
um2.eqads.com — Cisco Umbrella Rank: 2594
563 B
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1014
850 B
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 1984
1 KB
2 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1882
1 KB
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 894
950 B
2 brealtime.com
biddr.brealtime.com — Cisco Umbrella Rank: 2291
2 KB
2 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 844
85 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 649
943 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1205
816 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 678
s.tribalfusion.com — Cisco Umbrella Rank: 1925
1 KB
2 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 532
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1138
238 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1537
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4740
637 B
2 revcontent.com
assets.revcontent.com — Cisco Umbrella Rank: 5320
14 KB
2 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1551
1 KB
2 bnmla.com
match.bnmla.com — Cisco Umbrella Rank: 1270
228 B
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 734
1010 B
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 245
33 KB
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1027
603 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 88
425 B
2 statcounter.com
statcounter.com — Cisco Umbrella Rank: 6784
c.statcounter.com — Cisco Umbrella Rank: 7189
14 KB
1 getadmiral.com
images.getadmiral.com — Cisco Umbrella Rank: 82560
10 KB
1 cookieless-data.com
js.cookieless-data.com — Cisco Umbrella Rank: 4716
535 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 239
593 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 433
705 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 1683
218 B
1 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 1445
546 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 644
380 B
1 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 155882
215 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 739
324 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 371
382 B
1 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 19774
334 B
1 bemail.it
bn01.er.bemail.it — Cisco Umbrella Rank: 119601
659 B
1 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 7330
324 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 8893
411 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 910
88 B
1 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 1719
232 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 528
374 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 2661
466 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2042
534 B
1 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 1264
400 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 4437
279 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 11486
324 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 877
218 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 763
646 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1461
261 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 916
529 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 3230
233 B
1 cpx.to
s.cpx.to — Cisco Umbrella Rank: 1805
944 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 2516
17 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 822
2 KB
1 sharedid.org
id.sharedid.org — Cisco Umbrella Rank: 4035
216 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 526
481 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 745
647 B
1 newsmaxfeednetwork.com
static.newsmaxfeednetwork.com — Cisco Umbrella Rank: 40835
2 KB
0 adotmob.com Failed
sync.adotmob.com Failed
982 152
Domain Requested by
45 platform.twitter.com crooksandliars.com
platform.twitter.com
38 static.instiengage.com crooksandliars.com
soapps.net
25 px.moatads.com crooksandliars.com
25 cm.g.doubleclick.net 10 redirects ssum-sec.casalemedia.com
df80k0z3fi8zg.cloudfront.net
crooksandliars.com
d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com
eb2.3lift.com
bcp.crwdcntrl.net
23 capi.connatix.com crooksandliars.com
cd.connatix.com
22 events.bouncex.net crooksandliars.com
21 crooksandliars.com 1 redirects crooksandliars.com
20 video.twimg.com platform.twitter.com
18 securepubads.g.doubleclick.net global.proper.io
securepubads.g.doubleclick.net
crooksandliars.com
www.googletagservices.com
17 tpc.googlesyndication.com crooksandliars.com
googleads.g.doubleclick.net
d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com
16 mwzeom.zeotap.com ads.pubmatic.com
spl.zeotap.com
sync.e-planning.net
16 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
um2.eqads.com
ssum.casalemedia.com
15 simage2.pubmatic.com ads.pubmatic.com
15 router.infolinks.com resources.infolinks.com
router.infolinks.com
ssum-sec.casalemedia.com
15 adservice.google.com pagead2.googlesyndication.com
imasdk.googleapis.com
securepubads.g.doubleclick.net
15 pagead2.googlesyndication.com crooksandliars.com
pagead2.googlesyndication.com
srcdoc
www.googletagservices.com
d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com
14 rtb.gumgum.com ads.pubmatic.com
df80k0z3fi8zg.cloudfront.net
crooksandliars.com
14 match.adsrvr.org 6 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
df80k0z3fi8zg.cloudfront.net
eb2.3lift.com
bcp.crwdcntrl.net
14 soapps.net crooksandliars.com
soapps.net
d3lcz8vpax4lo2.cloudfront.net
13 ib.adnxs.com 5 redirects global.proper.io
df80k0z3fi8zg.cloudfront.net
acdn.adnxs.com
spl.zeotap.com
13 x.bidswitch.net 10 redirects crooksandliars.com
ssum.casalemedia.com
eb2.3lift.com
12 pubads.g.doubleclick.net imasdk.googleapis.com
12 track.adform.net crooksandliars.com
d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com
s1.adform.net
11 imasdk.googleapis.com cd.connatix.com
embed.crooksandliars.com
imasdk.googleapis.com
resources.infolinks.com
11 prod-static.yappaapp.com comments.yappaapp.com
prod-static.yappaapp.com
conversations.yappaapp.com
10 eus.rubiconproject.com df80k0z3fi8zg.cloudfront.net
global.proper.io
eus.rubiconproject.com
sync.e-planning.net
cdn.undertone.com
10 conversations.yappaapp.com comments.yappaapp.com
conversations.yappaapp.com
10 ssc.33across.com global.proper.io
df80k0z3fi8zg.cloudfront.net
10 ups.analytics.yahoo.com 7 redirects ssum-sec.casalemedia.com
ssum.casalemedia.com
9 sync-tm.everesttech.net 5 redirects df80k0z3fi8zg.cloudfront.net
ssum-sec.casalemedia.com
9 s1.adform.net crooksandliars.com
d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com
9 fonts.googleapis.com embed.crooksandliars.com
googleads.g.doubleclick.net
client
soapps.net
9 hbopenbid.pubmatic.com global.proper.io
api.bounceexchange.com
9 trends.newsmaxwidget.com crooksandliars.com
assets.newsmaxwidget.com
9 adservice.google.de pagead2.googlesyndication.com
imasdk.googleapis.com
securepubads.g.doubleclick.net
9 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
conversations.yappaapp.com
8 a.audrte.com 4 redirects sync.e-planning.net
ads.pubmatic.com
a.audrte.com
crooksandliars.com
8 creativecdn.com 8 redirects
8 event.instiengage.com product.instiengage.com
soapps.net
8 sync.mathtag.com 8 redirects
8 images.newsmaxwidget.com crooksandliars.com
8 ex.ingage.tech df80k0z3fi8zg.cloudfront.net
crooksandliars.com
ssum-sec.casalemedia.com
sync.e-planning.net
8 img.connatix.com crooksandliars.com
8 ap.lijit.com 4 redirects global.proper.io
df80k0z3fi8zg.cloudfront.net
8 c.amazon-adsystem.com global.proper.io
srcdoc
c.amazon-adsystem.com
7 usr.undertone.com cdn.undertone.com
7 pbs.twimg.com crooksandliars.com
platform.twitter.com
7 pixel.rubiconproject.com 1 redirects crooksandliars.com
cdn.undertone.com
eus.rubiconproject.com
7 fonts.gstatic.com fonts.googleapis.com
soapps.net
7 image2.pubmatic.com 1 redirects ads.pubmatic.com
7 syndication.twitter.com platform.twitter.com
crooksandliars.com
7 as-sec.casalemedia.com global.proper.io
api.bounceexchange.com
6 s-img.mgid.com crooksandliars.com
6 eb2.3lift.com 2 redirects global.proper.io
eb2.3lift.com
6 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
ssum.casalemedia.com
eb2.3lift.com
6 www.googletagservices.com crooksandliars.com
googleads.g.doubleclick.net
d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com
6 dh014lg6uwepv.cloudfront.net crooksandliars.com
6 ssc-cms.33across.com router.infolinks.com
df80k0z3fi8zg.cloudfront.net
6 ssum-sec.casalemedia.com 1 redirects router.infolinks.com
df80k0z3fi8zg.cloudfront.net
d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com
js-sec.indexww.com
cdn.undertone.com
6 g2.gumgum.com df80k0z3fi8zg.cloudfront.net
6 onetag-sys.com df80k0z3fi8zg.cloudfront.net
router.infolinks.com
crooksandliars.com
sync.e-planning.net
6 vid.connatix.com cd.connatix.com
6 ads.pubmatic.com d3lcz8vpax4lo2.cloudfront.net
assets.newsmaxwidget.com
assets.bounceexchange.com
ads.pubmatic.com
global.proper.io
sync.e-planning.net
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
crooksandliars.com
5 cdn.ampproject.org confiant-integrations.global.ssl.fastly.net
5 image4.pubmatic.com 3 redirects ads.pubmatic.com
5 image8.pubmatic.com 5 redirects
5 de.tynt.com router.infolinks.com
global.proper.io
5 www.google.com 1 redirects crooksandliars.com
d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com
5 embed.crooksandliars.com crooksandliars.com
embed.crooksandliars.com
5 www.googletagmanager.com crooksandliars.com
www.googletagmanager.com
embed.crooksandliars.com
conversations.yappaapp.com
4 pixel.tapad.com 3 redirects spl.zeotap.com
4 token.rubiconproject.com 4 redirects
4 cs.emxdgt.com df80k0z3fi8zg.cloudfront.net
4 secure.adnxs.com 2 redirects ssum-sec.casalemedia.com
acdn.adnxs.com
4 pixel-sync.sitescout.com 3 redirects bcp.crwdcntrl.net
4 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
4 um.simpli.fi 2 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
4 spl.zeotap.com 1 redirects sync.e-planning.net
spl.zeotap.com
4 match.prod.bidr.io 4 redirects
4 image6.pubmatic.com 1 redirects ads.pubmatic.com
spl.zeotap.com
4 www.gstatic.com googleads.g.doubleclick.net
4 ssp.behave.com 2 redirects crooksandliars.com
api.bounceexchange.com
4 p.rfihub.com 4 redirects
4 sync.1rx.io 4 redirects
4 btlr.sharethrough.com global.proper.io
4 confiant-integrations.global.ssl.fastly.net d3lcz8vpax4lo2.cloudfront.net
confiant-integrations.global.ssl.fastly.net
crooksandliars.com
4 stats.g.doubleclick.net www.google-analytics.com
4 resources.infolinks.com crooksandliars.com
resources.infolinks.com
4 glisteningguide.com crooksandliars.com
glisteningguide.com
4 cds.connatix.com crooksandliars.com
cd.connatix.com
4 connect.facebook.net crooksandliars.com
connect.facebook.net
3 px.owneriq.net 2 redirects ssum.casalemedia.com
3 bcp.crwdcntrl.net 2 redirects tags.crwdcntrl.net
3 pm.w55c.net 3 redirects
3 cdn.syndication.twimg.com platform.twitter.com
3 sync.richaudience.com 1 redirects sync.e-planning.net
spl.zeotap.com
3 s.e-planning.net sync.e-planning.net
3 u-ams02.e-planning.net sync.e-planning.net
ssum.casalemedia.com
3 secure-assets.rubiconproject.com 3 redirects
3 js-sec.indexww.com df80k0z3fi8zg.cloudfront.net
ssum-sec.casalemedia.com
3 c1.adform.net 1 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
3 dpm.demdex.net 2 redirects ssum-sec.casalemedia.com
3 ad4m.at ssum-sec.casalemedia.com
ads.pubmatic.com
3 protected-by.clarium.io crooksandliars.com
d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com
3 pixel.advertising.com 3 redirects
3 ad.360yield.com 3 redirects
3 sync.go.sonobi.com router.infolinks.com
crooksandliars.com
d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com
3 b1sync.zemanta.com 3 redirects
3 u.openx.net router.infolinks.com
df80k0z3fi8zg.cloudfront.net
global.proper.io
3 rt3042.infolinks.com resources.infolinks.com
crooksandliars.com
3 pixel.quantserve.com 2 redirects crooksandliars.com
3 id5-sync.com global.proper.io
ads.pubmatic.com
crooksandliars.com
3 assets.bounceexchange.com tag.bounceexchange.com
assets.bounceexchange.com
3 www.google.de crooksandliars.com
3 blueamerica.crooksandliars.com crooksandliars.com
3 comments.yappaapp.com 1 redirects conversations.yappaapp.com
2 sync.crwdcntrl.net bcp.crwdcntrl.net
2 ps.eyeota.net crooksandliars.com
2 cm.mgid.com jsc.mgid.com
2 pre.glotgrx.com crooksandliars.com
2 cdn.mgid.com crooksandliars.com
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 match.deepintent.com ads.pubmatic.com
ssum.casalemedia.com
2 tags.bluekai.com 1 redirects bcp.crwdcntrl.net
2 aax-eu.amazon-adsystem.com 1 redirects sync.e-planning.net
2 beacon.krxd.net spl.zeotap.com
sync.e-planning.net
2 idsync.frontend.weborama.fr 2 redirects
2 sync.tidaltv.com 2 redirects
2 dmp.adform.net 1 redirects spl.zeotap.com
2 d.adroll.com 2 redirects
2 pixel.yabidos.com mantodea.mantisadnetwork.com
pixel.yabidos.com
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 simage4.pubmatic.com ads.pubmatic.com
2 rtb.openx.net sync.e-planning.net
d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com
2 gu.dyntrk.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 cs.admanmedia.com 2 redirects
2 sync.ipredictive.com 2 redirects
2 biddr.brealtime.com df80k0z3fi8zg.cloudfront.net
global.proper.io
2 acdn.adnxs.com df80k0z3fi8zg.cloudfront.net
global.proper.io
2 sync.e-planning.net 1 redirects df80k0z3fi8zg.cloudfront.net
2 use.fontawesome.com client
use.fontawesome.com
2 node221.impressionssl.adshop.infolinks.com crooksandliars.com
2 ad.turn.com 2 redirects
2 cm.adgrx.com ads.pubmatic.com
ssum-sec.casalemedia.com
2 trc.taboola.com 1 redirects spl.zeotap.com
2 dsp.adfarm1.adition.com 2 redirects
2 d5p.de17a.com 2 redirects
2 a5264.casalemedia.com crooksandliars.com
2 assets.revcontent.com assets.newsmaxwidget.com
2 geo.privacymanager.io ats.rlcdn.com
2 d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com securepubads.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
2 match.bnmla.com router.infolinks.com
ads.pubmatic.com
2 sync.targeting.unrulymedia.com 2 redirects
2 event.insticator.com d3lcz8vpax4lo2.cloudfront.net
2 eua.instiengage.com auth.instiengage.com
2 cdn.id5-sync.com crooksandliars.com
2 ats.rlcdn.com crooksandliars.com
2 s0.2mdn.net imasdk.googleapis.com
2 prebid.a-mo.net 1 redirects df80k0z3fi8zg.cloudfront.net
2 dmx.districtm.io df80k0z3fi8zg.cloudfront.net
2 insticator.technoratimedia.com df80k0z3fi8zg.cloudfront.net
2 mug.criteo.com crooksandliars.com
2 gum.criteo.com 1 redirects
2 tag.1rx.io global.proper.io
df80k0z3fi8zg.cloudfront.net
2 fastlane.rubiconproject.com global.proper.io
df80k0z3fi8zg.cloudfront.net
2 hb.emxdgt.com global.proper.io
df80k0z3fi8zg.cloudfront.net
2 mantodea.mantisadnetwork.com global.proper.io
2 auth.instiengage.com d3lcz8vpax4lo2.cloudfront.net
auth.instiengage.com
2 bids.proper.io global.proper.io
2 usync.proper.io crooksandliars.com
2 product.instiengage.com soapps.net
d3lcz8vpax4lo2.cloudfront.net
2 www.facebook.com crooksandliars.com
2 onesignal.com cdn.onesignal.com
2 cd.connatix.com 2 redirects
2 global.proper.io crooksandliars.com
global.proper.io
2 embed.yappaapp.com crooksandliars.com
comments.yappaapp.com
2 jsc.mgid.com crooksandliars.com
jsc.mgid.com
2 cdn.onesignal.com crooksandliars.com
cdn.onesignal.com
1 signal-metrics-collector-beta.s-onetag.com signal-beacon.s-onetag.com
1 connect-metrics-collector.s-onetag.com get.s-onetag.com
1 images.getadmiral.com crooksandliars.com
1 servicer.mgid.com jsc.mgid.com
1 js.cookieless-data.com s.e-planning.net
1 us-u.openx.net cdn.undertone.com
1 c.bing.com eb2.3lift.com
1 px.ads.linkedin.com eb2.3lift.com
1 ad.mrtnsvr.com 1 redirects
1 sync.extend.tv 1 redirects
1 bttrack.com ssum.casalemedia.com
1 aud.pubmatic.com ads.pubmatic.com
1 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 1 redirects
1 usermatch.krxd.net 1 redirects
1 pixel.mathtag.com 1 redirects
1 odr.mookie1.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 c.mgid.com jsc.mgid.com
1 tags.crwdcntrl.net s.e-planning.net
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 nep.advangelists.com 1 redirects
1 cdn.undertone.com global.proper.io
1 cms.instiengage.com product.instiengage.com
1 ssbsync.smartadserver.com d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com
1 dclk-match.dotomi.com d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com
1 ads.yahoo.com crooksandliars.com
1 id.rlcdn.com crooksandliars.com
1 i.e-planning.net sync.e-planning.net
1 ssum.casalemedia.com sync.e-planning.net
1 ecs.mantisadnetwork.com mantodea.mantisadnetwork.com
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 pixel.sitescout.com 1 redirects
1 b2c.instiengage.com product.instiengage.com
1 sync.technoratimedia.com crooksandliars.com
1 bh.contextweb.com 1 redirects
1 cdn.districtm.io df80k0z3fi8zg.cloudfront.net
1 ad-cdn.technoratimedia.com df80k0z3fi8zg.cloudfront.net
1 geoip.instiengage.com product.instiengage.com
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 pixel.onaudience.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 match.taboola.com ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 green.erne.co 1 redirects
1 csync.loopme.me 1 redirects
1 rtb-csync.smartadserver.com ads.pubmatic.com
1 sync.srv.stackadapt.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 media.crooksandliars.com crooksandliars.com
1 a4337.casalemedia.com d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com
1 z.moatads.com assets.newsmaxwidget.com
1 id.crwdcntrl.net ads.pubmatic.com
1 dmp.brand-display.com ssum-sec.casalemedia.com
1 ums.acuityplatform.com 1 redirects
1 api.bounceexchange.com assets.bounceexchange.com
1 dsp.adkernel.com router.infolinks.com
1 s.cpx.to router.infolinks.com
1 eb.proper.io global.proper.io
1 secure.cdn.fastclick.net crooksandliars.com
1 ins.connatix.com cd.connatix.com
1 htlb.casalemedia.com df80k0z3fi8zg.cloudfront.net
1 apex.go.sonobi.com df80k0z3fi8zg.cloudfront.net
1 insticator-d.openx.net df80k0z3fi8zg.cloudfront.net
1 signal-beacon.s-onetag.com get.s-onetag.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 propermedia-d.openx.net global.proper.io
1 hb.undertone.com global.proper.io
1 tlx.3lift.com global.proper.io
1 bidder.criteo.com global.proper.io
1 get.s-onetag.com d3lcz8vpax4lo2.cloudfront.net
1 df80k0z3fi8zg.cloudfront.net d3lcz8vpax4lo2.cloudfront.net
1 b2c.insticator.com d3lcz8vpax4lo2.cloudfront.net
1 geoip.insticator.com d3lcz8vpax4lo2.cloudfront.net
1 rules.quantcount.com secure.quantserve.com
1 api.rlcdn.com global.proper.io
1 id.sharedid.org global.proper.io
1 static.adsafeprotected.com crooksandliars.com
1 assets.newsmaxwidget.com static.newsmaxfeednetwork.com
1 secure.quantserve.com global.proper.io
1 tag.bounceexchange.com crooksandliars.com
1 c.statcounter.com statcounter.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 statcounter.com crooksandliars.com
1 d3lcz8vpax4lo2.cloudfront.net crooksandliars.com
1 static.newsmaxfeednetwork.com crooksandliars.com
0 sync.adotmob.com Failed ssum-sec.casalemedia.com
982 278
Subject Issuer Validity Valid
*.crooksandliars.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-19 -
2023-01-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-04 -
2022-07-03		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.soapps.net
Sectigo RSA Organization Validation Secure Server CA		 2020-01-21 -
2022-01-20		 2 years crt.sh
newsmaxfeednetwork.com
Amazon		 2021-08-25 -
2022-09-23		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-01-17		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
proper.io
Cloudflare Inc ECC CA-3		 2021-06-07 -
2022-06-06		 a year crt.sh
glisteningguide.com
R3		 2022-01-04 -
2022-04-04		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.connatix.com
Amazon		 2022-01-04 -
2023-02-02		 a year crt.sh
*.yappaapp.com
Amazon		 2021-10-02 -
2022-10-31		 a year crt.sh
us-dallas.statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2021-11-06 -
2022-12-06		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
tag.bounceexchange.com
R3		 2021-11-23 -
2022-02-21		 3 months crt.sh
yappaapp.com
Cloudflare Inc ECC CA-3		 2021-06-07 -
2022-06-06		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
assets.newsmaxwidget.com
R3		 2021-11-22 -
2022-02-20		 3 months crt.sh
newsmaxwidget.com
Amazon		 2021-09-07 -
2022-10-06		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.instiengage.com
Sectigo RSA Organization Validation Secure Server CA		 2021-05-28 -
2022-05-28		 a year crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
assets.bounceexchange.com
GTS CA 1D4		 2021-12-21 -
2022-03-21		 3 months crt.sh
*.id5-sync.com
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
id.sharedid.org
Amazon		 2021-12-09 -
2023-01-06		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.proper.io
Sectigo RSA Domain Validation Secure Server CA		 2020-12-20 -
2022-01-20		 a year crt.sh
*.insticator.com
Sectigo RSA Organization Validation Secure Server CA		 2021-08-11 -
2022-08-25		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
*.s-onetag.com
Amazon		 2022-01-04 -
2023-02-01		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.mantisadnetwork.com
Amazon		 2021-10-14 -
2022-11-11		 a year crt.sh
*.undertone.com
Amazon		 2021-10-04 -
2022-11-01		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.emxdgt.com
Amazon		 2021-07-02 -
2022-07-31		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2021-11-26 -
2022-02-24		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-17 -
2022-10-05		 a year crt.sh
*.ingage.tech
Sectigo RSA Organization Validation Secure Server CA		 2021-07-15 -
2022-07-18		 a year crt.sh
onetag-sys.com
R3		 2021-11-02 -
2022-01-31		 3 months crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
*.a-mo.net
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-06 -
2023-01-05		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2021-03-11 -
2022-03-15		 a year crt.sh
cdn.id5-sync.com
R3		 2021-11-24 -
2022-02-22		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G2		 2021-12-30 -
2023-01-31		 a year crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2		 2021-01-06 -
2022-02-07		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.wunderkind.co
R3		 2021-12-16 -
2022-03-16		 3 months crt.sh
*.privacymanager.io
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
assets.revcontent.com
R3		 2021-11-10 -
2022-02-08		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2021-01-13 -
2022-02-14		 a year crt.sh
protected-by.clarium.io
Gandi Standard SSL CA 2		 2020-04-03 -
2022-04-26		 2 years crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.knorex.com
Amazon		 2021-08-26 -
2022-09-24		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh
images.crserving.com
R3		 2021-11-13 -
2022-02-11		 3 months crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.iprom.net
R3		 2021-12-29 -
2022-03-29		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2022-02-16		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
node221.impressionssl.adshop.infolinks.com
R3		 2021-10-25 -
2022-01-23		 3 months crt.sh
*.e-planning.net
R3		 2021-12-30 -
2022-03-30		 3 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2020-01-22 -
2022-03-22		 2 years crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.audrte.com
Amazon		 2021-01-26 -
2022-02-24		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-17 -
2022-02-09		 6 months crt.sh
um3.eqads.com
Amazon		 2021-06-26 -
2022-07-25		 a year crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2021-02-03 -
2022-03-06		 a year crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-29 -
2022-12-30		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-06-07		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-13 -
2022-10-14		 a year crt.sh
*.theadex.com
AlphaSSL CA - SHA256 - G2		 2021-10-01 -
2022-11-02		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-17 -
2022-03-16		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-12-06 -
2022-06-06		 6 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh
js.cookieless-data.com
R3		 2021-12-08 -
2022-03-08		 3 months crt.sh
ssp.behave.com
Sectigo RSA Domain Validation Secure Server CA		 2021-01-27 -
2022-02-22		 a year crt.sh
getadmiral.com
Cloudflare Inc ECC CA-3		 2021-05-13 -
2022-05-12		 a year crt.sh
*.eyeota.net
R3		 2021-10-26 -
2022-01-24		 3 months crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-11-24 -
2022-04-26		 5 months crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh

This page contains 135 frames:

Primary Page: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Frame ID: 1DF46C297F6C10E398241BA2BE37450E
Requests: 347 HTTP requests in this frame

Frame: https://cds.connatix.com/p/144775/connatix.player.dc.js
Frame ID: 3C9BF825C7085CDAE36F981EFBEAD87E
Requests: 27 HTTP requests in this frame

Frame: https://embed.crooksandliars.com/embed/dZAeyHMz
Frame ID: 49FBB41B6E3FB8A3ED37B108503DCE03
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20190131/zrt_lookup.html
Frame ID: BDAD5CD2B1AD48ED999D4E5E56B04A48
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5155643920455169&output=html&adk=1812271804&adf=3025194257&lmt=1641828954&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641828954868&bpp=3&bdt=300&idt=129&shv=r20220104&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=835347225140&frm=20&pv=2&ga_vid=228879631.1641828955&ga_sid=1641828955&ga_hid=671282525&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2410621596312829&pem=731&tmod=299&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=149
Frame ID: F53ACA32DD988560658BE310E4E960ED
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fcrooksandliars.com
Frame ID: 425E9F658902E2174863C435B394A726
Requests: 2 HTTP requests in this frame

Frame: https://b2c.insticator.com/v3/pages/usertracking
Frame ID: 664963996F26883E050431256CC433BA
Requests: 1 HTTP requests in this frame

Frame: https://auth.instiengage.com/auth/index.html
Frame ID: 0257F212EE2F399CB5E05774AA1F2214
Requests: 3 HTTP requests in this frame

Frame: https://conversations.yappaapp.com/?url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&content-id=&disable-ads=false&enable-auth-token-exchange=false&widget-type=undefined
Frame ID: 0CA79AE58F95844FAE4DFF82CC137116
Requests: 25 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 6A5AF49AA95CEB31F1426DB669BA201E
Requests: 10 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Frame ID: 8F9E9E7679FC0038CBCB9F5F6F9E7A17
Requests: 1 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3325427&wsid=0&pdom=crooksandliars.com&purl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his
Frame ID: D7C89A088E06FF5750F7DBD76F28C468
Requests: 18 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 818E07FD27CA5F5A52A3828C76AF054E
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Frame ID: A65752FDDE3E54746B5EF5D75903B53C
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Frame ID: 9C9BCE0E8F8EDD3662099F8B3664CDB9
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Frame ID: 89895DB655FF13F9BDB667FC0ADB1BB6
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 3F4D1CF0C4F823C9189BDB37930F8C8E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E14ED8485E5A21BCEA98C8008DE4A2E4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 3FD79771B443A32A88EAAC66CA987130
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Frame ID: 5F3BBFC524E04C4EBD1B84E0DE63DD74
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Frame ID: B0DE45E73EC28C10F7BF5A1B9DE6ACE6
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Frame ID: EC1E454840F6944423DA95CCA020C11A
Requests: 3 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Frame ID: A4B5248EF575890FCB77C9788EA1358E
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Frame ID: 6062220BFF421DE0CF0E0B9732CAF659
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Frame ID: 27895635A4F7C6DBD1741F49B5F0EAF9
Requests: 1 HTTP requests in this frame

Frame: https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F204DFC89AE3BE7B5D944A50961421B1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 55E1B30D2661E1E5D26B91DB7803B1AF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: B0E93B75CA3F8ACF5DB44BDDB91E5664
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: ADF4D3451B6BF7DDEA537152D8C1BC38
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUMWFFn3CeuUY7HL-Kf7EshQUGnBMPJpXKf4Bob94EEFg2WTknW8C3lwdukz7TwHJwnP6bT605Uyc5rV5NTiPX2SX9UJsP-KE0Xwb69E9CDV1lNOiJLoKIMmDxubOHwk-9CXxQqslJW9fgYKF8VAoFb4G3xFLHeS1Zz96b6oigUcP4VR6c6-A4yviiV41y5KPBJtsZPwvkPpAWt7bxefZt74-aMzKq11H9xev8t8RWbtWrMEQxqcqjz_p3uv7lX4qTFCqKNuPzwCzd8w_TXeOr6nBw8WKqFiYKkCHnxGNA-e_cmHBjFj7NuAan_aXt0RLLeFGcio5_Dk1ls40ZHhac8g&sig=Cg0ArKJSzIb95FnCL06VEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: BF178381B11780F91A98FC110A3711FD
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Frame ID: F7FCD250204B65E4B09EA0C82F6E2454
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2EE30D2B2AF5BA3C3BCBD4A4D3DCC29F
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXH4aoLLRe7HW_M2w73V7aUWCGxcnB-PoeDr4_Pd9F7EYl6gmVVA5EBnjlrxzSBDMECPVmO8avOqbB0yvfPdmDeCBSQo9_FzX50GOVVHgRlFxgquktKzcR4G23nQG_Vx3QdaC8dAOkQYHDZPW8cJL4uPbCGbpCRnBTgfgBgCUe0taeEkuKQi6x2Uijc15YZA_23WryROqTn7Z9WoJCqtP3kxnaWk6xsCYWPp_HofWRxOmO9_m97Q9Hqcjrgjl1NIPl4KdGebWZqik0-FKS8WuBwkB77iq3uuDYPDfWnF4XH7ks-msvUq3GV3jAuxqdj1vAPcBq6E__rucqMjB2FQ8SW_QTOSQ&sig=Cg0ArKJSzLh-G_A8sKzGEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 67767CC3C77ACD57700A6BA6437E67D7
Requests: 13 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479540381872271362&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Frame ID: D222388ED1533FB12C7465E89BE6482A
Requests: 33 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479530205513351170&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Frame ID: AFD7D7CCB05C3D41569D2375824B5D44
Requests: 14 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-2&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479436233357119489&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Frame ID: A41EF8D659901B019F6C26A4B2DA9152
Requests: 31 HTTP requests in this frame

Frame: https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F209CC289302BF628D7B406213357388
Requests: 17 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Frame ID: 57C093C1D9ED3CD68152535AF43957D8
Requests: 22 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBGjbIIJOsrhg8sR0CY4z0pnk5cMrSVjTRyqIAK3OK9ZVRKcWiexLZKPM1B2nB2_f0qOhSgTYqRtMksTl0ujciLhTfR4DZi1cZplG6QjYEgNFO3NgKOyYObEkrmobCH8zLOj1lvgWA4Ljdlw4mYHrFQMCJLjedThqqCUl383kvxr-hvAfO0gAfazcGQWYBFDeHjqUIoBqLDVWbvHRL_QGvoenlQ4Ue4mvGoMlTo4iSqD7y4p8VeH2NaB18wpvyyqrqsJRNE9GvJCc1nGLqsqqXDAa6tw1jniJbv7BOKSzVNS-vtygoWt8-yYMsSC5SarRMYxe5JgY60g&sig=Cg0ArKJSzBsCwfPe07VcEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C076291D93DA20B7221765950CB59FA3
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: AA621F6F0717EEBAA856F6D79D851077
Requests: 12 HTTP requests in this frame

Frame: https://product.instiengage.com/ceu-code/d47cea7d-c40d-45b2-a173-70bcd6633df5.js
Frame ID: D788D302498B4F889BE4FC2DC9A75927
Requests: 18 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=E684F5E9-3B0B-4B8B-B14B-8556B772469D
Frame ID: 01D2446CFF160D71A49E752A103E8F18
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4697919638350014267
Frame ID: 2127F1AAC0E40F25BDA193BC82C17A11
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 4CDAA9DC2D684406F9CF1BC7ADE57F8F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7051601680259414171
Frame ID: A359DDBD023962C167609F2DEA059CD3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YdxSXgAElBbmSAAm&gdpr=0&gdpr_consent=&_test=YdxSXgAElBbmSAAm
Frame ID: 4978E9FE0B30A11821847670D1D38297
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3fMiE1AvSWZy7lUS9PyGn8EbDis
Frame ID: 694DF043EEDAEA9DE0C247ECFF6EAB3A
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAF_dE7DuKUAAEFooMAXfw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Frame ID: 84F0FBFF9CCB97F7482E52A116483541
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 8C45971AD302E74429629B6AEF130D50
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=mtoD5EyevcP1gN00aHF9YISn
Frame ID: E0CF56F3669F931184D321D727F93B44
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: F289B6D4FB4D7E64EFAE1B7E5F5C22FB
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=d597ba91-ae8e-4b9c-8974-0a6aae682d94-tuct8d5d7de&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: C525223933CC390D5FB3ED940CAC116C
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: DD16DD4E076ACF28AAFF7E9376F63D7D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e72ddd07-3f01-4cbe-916a-c61e06ab6cd8-003
Frame ID: DAA40DE2BA85BD3739D8FB68BC673FD5
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: EB87B267666AD0E056B357691559507D
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: FC752687822E0D421A09577D0CF8AE02
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 0655B849AE072A308DBF8BB18CB70102
Requests: 7 HTTP requests in this frame

Frame: https://soapps.net/live/comments/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&extPageId=173440&contentId=68acbe83-2c92-47e9-b8ad-be33fc593fd4&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=886de358-7f35-4af0-b0c5-495d4ba57907
Frame ID: 97A0F4B60648E04642FC58ADF4C8463F
Requests: 45 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 565A0ED268C9E2F3ADD84A8D0E632827
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=
Frame ID: A4321CAC2AA02A486A03E98E3C36B132
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406715
Frame ID: 51E054C3E47875295CAF0DD164286C09
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=geJsLSnkhaNu0i8XlHkg&pi=gumgum&tc=1
Frame ID: B216097022A694B00AB6D7EE772BBDA9
Requests: 1 HTTP requests in this frame

Frame: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D%24UID
Frame ID: 956D0F0267B5457BDB988E4F16B20F2B
Requests: 13 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: 35F6B3D48AFD1AA1E5DF5293205EAAA6
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1641828956308
Frame ID: 1A161ABD1F92360B696624F18DC6EFDA
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
Frame ID: 305900B982560999CBD4C1739DACEDB9
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5649f68000b2f63&gdpr_consent=%7C0cf87ec8-f669-4bc0-9e9d-61689914b320&gdpr=0
Frame ID: 274AE05CD7E31FBD623678F7528A61E7
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=ee3861dc-525e-4500-ba51-154383c5c538&gdpr=1&gdpr_consent=
Frame ID: 46F23475B5221C30DD426DADD3984B2E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A7984A7033776E19D1488105B12BD5F9
Requests: 10 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=baGR9kdWur64rQaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: DF1952A3F566894AE2CAA0082491F174
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 119ED2C0D7588E637D81570E2A98B45A
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: 9F47B0A32B7C83CED02E09B5D9DA772F
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=a7MD9EdWur64rQaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 98F70A88553D05C3CE0AFAFE0F412391
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D
Frame ID: EBD8638CA390BAD37894FA3902695748
Requests: 9 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: E90F464264CDA8E89DAC6A98E2F058B5
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=
Frame ID: D667174219C624D9E3CD997CC63761BC
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=ee3861dc-525e-4500-ba51-154383c5c538&gdpr=1&gdpr_consent=
Frame ID: 59C019EAF04471556CEE7A108A4CBB6F
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
Frame ID: EEDC0EFDFBAB54771D0CF891D31BEB8E
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: 8B50F4360AA0E25D4208FDEE993CCE42
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bi21t-dWur64rQaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 9C97C3591D8B53CCB07AB7E752DD7F02
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=geJsLSnkhaNu0i8XlHkg&pi=gumgum&tc=1
Frame ID: 7FA33DE8D16A9039A0DCAA317DE41663
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=
Frame ID: 8F8C3ACFEE936A367D57F16E64C3D693
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=ee3861dc-525e-4500-ba51-154383c5c538&gdpr=1&gdpr_consent=
Frame ID: 2DABE5E0232E0663BD4B7B1545028C6F
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=
Frame ID: FA241CA8FD5C5F38B3FDAE1550F74760
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 95B2C22275CBE62C81168323F6688084
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E5FC47437F6B019E87E35B2089DF90CD
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=ee3861dc-525e-4500-ba51-154383c5c538&gdpr=1&gdpr_consent=
Frame ID: 208405E86DB21785299BFBD52DDBA3CE
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bfg5H-dWur64rQaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 47C4FFC89ED94F8E8F15861292DD4CAC
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
Frame ID: AE7777FB6E5E4993DFCA2038A107C4E2
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=geJsLSnkhaNu0i8XlHkg&pi=gumgum&tc=1
Frame ID: BF8E0C7C0ABA499E5052C3452CA76370
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=geJsLSnkhaNu0i8XlHkg&pi=gumgum&tc=1
Frame ID: D71A0C421D3E5D489C466C29B8009392
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: BA954348B612F5887EA5454143CB8961
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: D9B38E5E5143ACD8D2596A541D7CEAC1
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: D564ABFBD833D39ED053F58EC2F2D4C1
Requests: 1 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.43.4
Frame ID: B05AC31E41446166DB8A35749DF05EE6
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Frame ID: FE734625F9B99856AD6DA64B1ED527D5
Requests: 3 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps?m=xch&rt=html&id=0010b00001rrPUnAAM&ru=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2F33across%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D33XUSERID33X
Frame ID: 34B0F3A59310E70B764BEA134EC8AD17
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 7E9513F45ED0777C770D5DBC610C8F23
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 23868945D41C4FDF52F1C237ED80B909
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/r8nbwAJIoZCxWYvDNzL2FR480laaoV7LX6_itKNPK9o.js
Frame ID: 67F1D41C2FD46C6072973B2345D30BCA
Requests: 1 HTTP requests in this frame

Frame: https://b2c.instiengage.com/v3/pages/usertracking
Frame ID: 92429F786A7810CF287AF46372F7BE6C
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=187482&us_privacy=&gdpr_consent=&gdpr=1
Frame ID: ABEDEAF328A6FE51E42808EECDC5F546
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9419FE630798049DF33794A9B1EBAB0D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/r8nbwAJIoZCxWYvDNzL2FR480laaoV7LX6_itKNPK9o.js
Frame ID: 8A125535B4CFDCA85E7B3F5EB9FB9258
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: AC6509F2E4F68C3CC54713FAF5A04EF7
Requests: 2 HTTP requests in this frame

Frame: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1641828955263&secure=true&version=9&mobile=false&title=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his
Frame ID: 6BB4843CABF9A62323C5BB3F370E7681
Requests: 6 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 605EC8F1807496A5DC21525AAE6698E2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 3B2670117D9E9ECC9A34B22F1D554089
Requests: 8 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C3FA3407175794791888AF9B228E448C
Requests: 2 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 4ADF959DF8A3F7A51B058D93231952DD
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 149283308CC4F9F616D5A5A0864003CF
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dd952d2dc72c9603b%26uid%3D
Frame ID: 020F300BD52188BB15ABBD45C1DD8B18
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://crooksandliars.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 6F77F3DE7CDAEDC374BC2F96D0501D07
Requests: 10 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd952d2dc72c9603b%26uid%3D
Frame ID: 89B69F1A16563EA6CDD9B31FDA759387
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/a54faea9d0608df9/navegg_2022_01.html
Frame ID: 7F0E96679768AF0D2E8DF4E9AE616CB0
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 0A02A16F62FED6D8A485391D7D91BC55
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361&cmp=0
Frame ID: 24DC7398E47FEC1A51885F01DCCDC56A
Requests: 30 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 7C3819CBC24E1103EC96C8F95FCCD2F3
Requests: 11 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: BD2EE97A311E7FB14F6935EAF13346C5
Requests: 11 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 746A2B93975BF3EE414E053EC80E1271
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=cz9gnCic0r6OzzaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 93B41FA452362157F3523CC92FD2B958
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=ch-UKEic0r6OzzaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 9B36078EFAB1922D48A8616CE50E8AA6
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 0BF6CDEEC298B7280F4325B79785D17D
Requests: 2 HTTP requests in this frame

Frame: https://ex.ingage.tech/v1/sync/eplanning/0cf87ec8-f669-4bc0-9e9d-61689914b320?uid=ACzM3Tf-N0gXLkvK
Frame ID: 7DCEFB6F0DCA1A725D692BDE8388A623
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: F77968CEAAEC9C37F5A80A926EE00BB8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:HDIcC3QZ1N6WIi5&gdpr=0&gdpr_consent=
Frame ID: 6D1853E7A2DD9319E1091DF3638A1175
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 9B89A4AB26223BB556A40CD3CE5CA3F6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:28A9F7F7046F40DD8AD113074412F1AD
Frame ID: 5655DB9DC9561CEC6FF2EEAADB2EEE0A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 4CC75D7206F10401B4BC89CC402BBCD8
Requests: 3 HTTP requests in this frame

Frame: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&noAccelerate=true&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=8de1105c-5af0-404b-8cd1-59428832380c
Frame ID: 133DDB13E2347BC8C6279D90FEF0FCBB
Requests: 23 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=cDxT_cic0r6OzzaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: E15B7E74CFF31F7BCA64A9D0E6746F42
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=cxk7hYic0r6OzzaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 8E179BDE804B6C2809B17F05C13B835D
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13412165
Frame ID: CFE86D04900F08C57ED63D7C100948E9
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1641828964475167048474
Frame ID: B0D96CFF79E228E4546CC29B223C888E
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=15238/rand=645709340/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20crooksandliars.com/rt=ifr
Frame ID: 3061862F15FE240FF23C8A2F81C4E8F6
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bannon’s AntiVax 'Correspondent' Blames COVID On Biden, BLM, Antifa | Crooks and Liars

Page URL History Show full URLs

  1. http://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his HTTP 301
    https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:link|style)[^>]+"/sites/(?:default|all)/(?:themes|modules)/
Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Page Statistics

982
Requests

88 %
HTTPS

24 %
IPv6

152
Domains

278
Subdomains

186
IPs

15
Countries

14725 kB
Transfer

40082 kB
Size

213
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his HTTP 301
    https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://comments.yappaapp.com/embed/yappa-comments.js HTTP 301
  • https://embed.yappaapp.com/yappa-comments.js
Request Chain 22
  • https://cd.connatix.com/connatix.playspace.js HTTP 302
  • https://cds.connatix.com/p/144775/connatix.playspace.dc.js
Request Chain 27
  • https://cd.connatix.com/connatix.player.js HTTP 302
  • https://cds.connatix.com/p/144775/connatix.player.dc.js
Request Chain 80
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D524a21c7-7a2e-45fe-ab5f-2e2e1aa6dc54%26uid%3D%24%7BBSW_UUID%7D?&callback=window.proper_40a28e0d_3eb0ed54_1 HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D524a21c7-7a2e-45fe-ab5f-2e2e1aa6dc54%26uid%3D%24%7BBSW_UUID%7D?&callback=window.proper_40a28e0d_3eb0ed54_1 HTTP 302
  • https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=524a21c7-7a2e-45fe-ab5f-2e2e1aa6dc54&uid=d0773446-703e-4748-9935-7778e55be987
Request Chain 81
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_39155b29_4b28ae57_2 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_39155b29_4b28ae57_2&verify=true HTTP 302
  • https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-nIqaC_JE2uHOcqtTwZjkOJCzLXwPa0Ku~A
Request Chain 132
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcrooksandliars.com%2F&domain=crooksandliars.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=j-u_13xPdlJqTXI4YlR2YTRRL3VUUzZWVElZcElPR2ROMEozcVpVV0lrUjJyYmlYSjlMNmE4OEdUS0swMGRabGZCRHlHekl6RUh0NitlNE9XQ0dCeDlVblhDUm1sK1F0MGtxUDluNTVmZjhiVE5zMHpibTlGTDZLdmlaZXp4dEx3Mm5KbVk1RzY4ZDN5U1NWYlQ0VjBXVTF6R1QzcTROMzJ4UGxwS1dKMnVhRFZRKzF0ZGFlYy9jd1ppU3hlZlhDbFliNnBUcEZycHVscjIwckdsejhwUE1mSHE4ditCeW1RT3phK0FGVkM0N3pKcTdBPXw&cppv=2
Request Chain 237
  • https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Request Chain 239
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1 HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3DE684F5E9-3B0B-4B8B-B14B-8556B772469D HTTP 302
  • https://router.infolinks.com/dyn/pbm-usync?uid=E684F5E9-3B0B-4B8B-B14B-8556B772469D
Request Chain 240
  • https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP 302
  • https://router.infolinks.com/dyn/apn-usync?user_id=1899464560870372694
Request Chain 242
  • https://ups.analytics.yahoo.com/ups/58422/occ HTTP 302
  • https://router.infolinks.com/dyn/VR-usync?uid=y-XrJM4dFE2uHSnpP6VhPvkeyoc6u1ii50hlJFWjM-~A
Request Chain 243
  • https://sync.1rx.io/usersync2/infolinks HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5008378458 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5008378458 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/200dd76c-6183-49d6-9fb9-08410ca8a1c3 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-e72ddd07-3f01-4cbe-916a-c61e06ab6cd8-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-e72ddd07-3f01-4cbe-916a-c61e06ab6cd8-003 HTTP 302
  • https://router.infolinks.com/dyn/r1-usync?uid=RX-e72ddd07-3f01-4cbe-916a-c61e06ab6cd8-003
Request Chain 244
  • https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP 302
  • https://router.infolinks.com/dyn/zmn-usync?uid=
Request Chain 246
  • https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fcrooksandliars.com%252F2022%252F01%252Fbannon-s-anti-vax-correspondent-blames-his&pid=12306&adnxs_uid=$UID HTTP 302
  • https://s.cpx.to/ca.png?ref=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pid=12306&adnxs_uid=1899464560870372694
Request Chain 248
  • https://ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP 302
  • https://router.infolinks.com/dyn/imd-usync?user_id=0b41250e-3f31-4fd1-926c-4fe9710ed238&partner_id=1531
Request Chain 249
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP00faf6d4-722b-11ec-b92b-022355a5a232 HTTP 302
  • https://router.infolinks.com/dyn/outh-usync?uid=y-HvlR7iBE2uHGN6hmPN2mZmQzm9eAPz9E~A~UP00faf6d4-722b-11ec-b92b-022355a5a232
Request Chain 251
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true HTTP 307
  • https://router.infolinks.com/dyn/sovrn-usync?uid=30b961211246323ef130f0ec
Request Chain 252
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTY4NEY1RTktM0IwQi00QjhCLUIxNEItODU1NkI3NzI0NjlE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3DE684F5E9-3B0B-4B8B-B14B-8556B772469D HTTP 302
  • https://router.infolinks.com/dyn/usersync?pmuservalue=E684F5E9-3B0B-4B8B-B14B-8556B772469D
Request Chain 253
  • https://p.rfihub.com/cm?pub=43153&in=1 HTTP 302
  • https://router.infolinks.com/dyn/zeta-usync?uid=2019934808504257040
Request Chain 316
  • https://ssp.behave.com/push_sync HTTP 302
  • https://ssp.behave.com/ul_cb/push_sync HTTP 302
  • https://x.bidswitch.net/sync?ssp=bouncex HTTP 302
  • https://ums.acuityplatform.com/bum?tpid=29&uid=d0773446-703e-4748-9935-7778e55be987&bidswitch_ssp_id=bouncex HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=236&user_id=&expires=30&user_group=1&ssp=bouncex HTTP 302
  • https://ssp.behave.com/sync?tp_id=2&tp_uid=d0773446-703e-4748-9935-7778e55be987
Request Chain 318
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YdxSXBt8uWyTtIAi9xXNZAAABHYAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YdxSXBt8uWyTtIAi9xXNZAAABHYAAAIB&dcc=t
Request Chain 321
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YdxSXBt8uWyTtIAi9xXNZAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECRnvGpQ31a66EFFmekFnmA&google_cver=1&gdpr=1
Request Chain 416
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 440
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4697919638350014267
Request Chain 442
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7051601680259414171
Request Chain 443
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YdxSXgAElBbmSAAm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YdxSXgAElBbmSAAm&gdpr=0&gdpr_consent=&_test=YdxSXgAElBbmSAAm
Request Chain 444
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3fMiE1AvSWZy7lUS9PyGn8EbDis
Request Chain 445
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGX2RFN0R1S1VBQUVGb29NQVhmdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAF_dE7DuKUAAEFooMAXfw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Request Chain 446
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 447
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=mtoD5EyevcP1gN00aHF9YISn
Request Chain 448
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 449
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=d597ba91-ae8e-4b9c-8974-0a6aae682d94-tuct8d5d7de&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 451
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-e72ddd07-3f01-4cbe-916a-c61e06ab6cd8-003&rndcb=5886358246 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=d0773446-703e-4748-9935-7778e55be987&google_hm=ZDA3NzM0NDYtNzAzZS00NzQ4LTk5MzUtNzc3OGU1NWJlOTg3 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEHY7xeQo2grf8xVJVFU8DUI&google_cver=1&ssp=adconductor&bsw_param=d0773446-703e-4748-9935-7778e55be987 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/d0773446-703e-4748-9935-7778e55be987?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-e72ddd07-3f01-4cbe-916a-c61e06ab6cd8-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-e72ddd07-3f01-4cbe-916a-c61e06ab6cd8-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e72ddd07-3f01-4cbe-916a-c61e06ab6cd8-003
Request Chain 454
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5oT16TsLS4uxS4VWt3JGnQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 455
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ca1a61dc-525e-4800-b5d3-f47e5f72a1a6
Request Chain 456
  • https://pixel.onaudience.com/?partner=214&mapped=E684F5E9-3B0B-4B8B-B14B-8556B772469D HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=13e38d5abdd85fcc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=c6c32a08-0416-4e63-7293-4d103ae50c25&zcluid=13e38d5abdd85fcc&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEFLtHxNUcocwx1gvXVwBns4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=c6c32a08-0416-4e63-7293-4d103ae50c25&zcluid=13e38d5abdd85fcc&zdid=1332
Request Chain 457
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKTT7TCCLRZc_eTUgY08CLI&google_cver=1
Request Chain 459
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:ee3861dc-525e-4500-ba51-154383c5c538&gdpr=0&gdpr_consent=
Request Chain 460
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=563268403423191541
Request Chain 461
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=200dd76c-6183-49d6-9fb9-08410ca8a1c3
Request Chain 462
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1899464560870372694&gdpr=0&gdpr_consent=
Request Chain 463
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E684F5E9-3B0B-4B8B-B14B-8556B772469D&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-T5TC1X9E2uXBw5ilgMr6w0jh5F3j45c-~A&gdpr=0&gdpr_consent=
Request Chain 465
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XFztm19fvJpHDLvKCFWky1sLucBHX77BXlj5paDe
Request Chain 466
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=2019934808504257040&expires=30&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d0773446-703e-4748-9935-7778e55be987&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 467
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=6947168936938911157&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 469
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 470
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3a94958b-0851-40c1-ac07-d6206c9c3ba5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 471
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1899464560870372694
Request Chain 515
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=geJsLSnkhaNu0i8XlHkg&pi=gumgum&tc=1
Request Chain 516
  • https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D%24UID HTTP 302
  • https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D%24UID
Request Chain 521
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=ee3861dc-525e-4500-ba51-154383c5c538&gdpr=1&gdpr_consent=
Request Chain 530
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=ee3861dc-525e-4500-ba51-154383c5c538&gdpr=1&gdpr_consent=
Request Chain 534
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=geJsLSnkhaNu0i8XlHkg&pi=gumgum&tc=1
Request Chain 536
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=ee3861dc-525e-4500-ba51-154383c5c538&gdpr=1&gdpr_consent=
Request Chain 540
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=ee3861dc-525e-4500-ba51-154383c5c538&gdpr=1&gdpr_consent=
Request Chain 543
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=geJsLSnkhaNu0i8XlHkg&pi=gumgum&tc=1
Request Chain 544
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=geJsLSnkhaNu0i8XlHkg&pi=gumgum&tc=1
Request Chain 549
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?endpoint=us-east&p=insticator HTTP 301
  • https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Request Chain 553
  • https://prebid.a-mo.net/cchain/0?gdpr=0&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Famx%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D HTTP 302
  • https://ex.ingage.tech/v1/sync/amx/0cf87ec8-f669-4bc0-9e9d-61689914b320?uid=ed09afd3-c9f1-4a43-8ab5-b0f0d8220ec9&gdpr=0
Request Chain 554
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=033b22e7-722b-11ec-9250-59e8f3a3eea6
Request Chain 555
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=&gdpr=1&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Request Chain 557
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=acC9uNGcyFYe&ev=1&pid=558355
Request Chain 558
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=0b41250e-3f31-4fd1-926c-4fe9710ed238
Request Chain 560
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=1899464560870372694
Request Chain 564
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsovrn%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D%24UID HTTP 307
  • https://ex.ingage.tech/v1/sync/sovrn/0cf87ec8-f669-4bc0-9e9d-61689914b320?uid=30b961211246323ef130f0ec
Request Chain 565
  • https://cs.admanmedia.com/sync/insticator_ssp?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Facuityads%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D%7B%24UID%7D HTTP 302
  • https://ex.ingage.tech/v1/sync/acuityads/0cf87ec8-f669-4bc0-9e9d-61689914b320?uid=18e646373b7f9f7e6fd2a32fa3ae10c0d31399c8
Request Chain 566
  • https://x.bidswitch.net/sync?ssp=insticator&custom_data=0cf87ec8-f669-4bc0-9e9d-61689914b320 HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=insticator HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=insticator HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=e3ddabf9-0695-4a08-8cde-44688370592d&ssp=insticator HTTP 302
  • https://ex.ingage.tech/v1/sync/bidswitch/0cf87ec8-f669-4bc0-9e9d-61689914b320?uid=d0773446-703e-4748-9935-7778e55be987&gdpr=&gdpr_consent=&us_privacy=
Request Chain 600
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAF_dE7DuKUAAEFooMAXfw&expiration=1643038561&gdpr=1
Request Chain 602
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=6947168936938911157
Request Chain 603
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 607
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Dd952d2dc72c9603b HTTP 302
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=d952d2dc72c9603b
Request Chain 612
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3Dd952d2dc72c9603b HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fsync.e-planning.net%2F
Request Chain 613
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dd952d2dc72c9603b%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=d952d2dc72c9603b&uid=1899464560870372694
Request Chain 620
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=ee3861dc-525e-4500-ba51-154383c5c538&gdpr=1&gdpr_consent=
Request Chain 621
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1641915361&gdpr=1
Request Chain 622
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=VrfcelW0jXtN54orAr6VKlHgiCFNtI8gVLMdo9-_
Request Chain 623
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2019934808504257040
Request Chain 624
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 628
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 630
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 659
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1 HTTP 302
  • https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=200dd76c-6183-49d6-9fb9-08410ca8a1c3
Request Chain 666
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1k4VUtJMEYtUS1CR0pN
Request Chain 667
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPX8BZ7uhD5O-IzoSoJfdfI&google_cver=1
Request Chain 668
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KY8UKI0F-Q-BGJM&sigv=1&esig=2~0c7f4f978cb9e112e2bdc495f08927e2ce07d84d
Request Chain 669
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ee3861dc-525e-4500-ba51-154383c5c538&expires=28
Request Chain 670
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/U_4dgcJEwdpjty5bYjigQg?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4155275327102725949
Request Chain 671
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjgyZTc5OWNhNDkxYjgwYzhmNDVmODY3NmU5M2QwZjJjMDVkNWM0Yw
Request Chain 672
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YdxSXgAElBbmSAAm
Request Chain 676
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEO3kx7bjhlqJ9VGNfeko6KU&google_cver=1&google_push=AYg5qPKbndW2Sd9HcnLreo9lkZZwMdG68QAnAUL21D0yuKCkdCnIUkPbL-ooyPS3ch8kE-ooKhPfI2EFh61QC87FrK6W7PYmfMgT HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5oT16TsLS4uxS4VWt3JGnQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKbndW2Sd9HcnLreo9lkZZwMdG68QAnAUL21D0yuKCkdCnIUkPbL-ooyPS3ch8kE-ooKhPfI2EFh61QC87FrK6W7PYmfMgT
Request Chain 677
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEpWsGQAWbkYY64liMMEfoM&google_cver=1&google_push=AYg5qPJIR62812JGrR5iH3J4c843amv1RQL3h-T8jOFU-l95bdq3OEH-tUvIAo1VuY8NakgawKH_yOl9eN7c4SzwGzxfOVksukn9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1k4VUtJMEYtUS1CR0pN&google_push=AYg5qPJIR62812JGrR5iH3J4c843amv1RQL3h-T8jOFU-l95bdq3OEH-tUvIAo1VuY8NakgawKH_yOl9eN7c4SzwGzxfOVksukn9
Request Chain 679
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKxoWliVegjUP3JIDLmqSVQ&google_cver=1&google_push=AYg5qPIfG7LwdbTdfJ4NQAk3kLoSY24uN9u6USLjTmSt9btfcyrbMN3fDYuhJz_y7-DsUfk2U_Jc-cj4o-PjkO2Kpl5PZwFSCpeT HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIfG7LwdbTdfJ4NQAk3kLoSY24uN9u6USLjTmSt9btfcyrbMN3fDYuhJz_y7-DsUfk2U_Jc-cj4o-PjkO2Kpl5PZwFSCpeT&google_hm=30b961211246323ef130f0ec
Request Chain 691
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 714
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1644420962
Request Chain 716
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=HDIcC3QZ1N6WIi5&gdpr=1
Request Chain 717
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 719
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-63fc2f0c-9e4d-481a-97d0-e04bf5c7691a
Request Chain 721
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2019934808504257040
Request Chain 748
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddbf1dfc7-c982-4a77-5c87-d7146f2213f0%26reqId%3D575ae0a0-5588-416f-6d65-7adf8c2cc58d%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddbf1dfc7-c982-4a77-5c87-d7146f2213f0%26reqId%3D575ae0a0-5588-416f-6d65-7adf8c2cc58d%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=5cee30e4-3772-42d2-a35e-93162edcdcbd&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
Request Chain 750
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddbf1dfc7-c982-4a77-5c87-d7146f2213f0%26reqId%3D575ae0a0-5588-416f-6d65-7adf8c2cc58d%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=200dd76c-6183-49d6-9fb9-08410ca8a1c3&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
Request Chain 754
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=efb5d118-3534-4068-a39b-033391ab0e99&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 755
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddbf1dfc7-c982-4a77-5c87-d7146f2213f0%26reqId%3D575ae0a0-5588-416f-6d65-7adf8c2cc58d%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddbf1dfc7-c982-4a77-5c87-d7146f2213f0%26reqId%3D575ae0a0-5588-416f-6d65-7adf8c2cc58d%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=73768553528570853683098214790666120184&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
Request Chain 757
  • https://bn01.er.bemail.it/zeotap.php?_bid=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022011016-94039-0.387167001641828969-b393d9d5bb4272524866e19748dc95e9&zdid=533&env=mWeb
Request Chain 758
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddbf1dfc7-c982-4a77-5c87-d7146f2213f0%26reqId%3D575ae0a0-5588-416f-6d65-7adf8c2cc58d%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7051601680259414171&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
Request Chain 760
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddbf1dfc7-c982-4a77-5c87-d7146f2213f0%26reqId%3D575ae0a0-5588-416f-6d65-7adf8c2cc58d%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddbf1dfc7-c982-4a77-5c87-d7146f2213f0%26reqId%3D575ae0a0-5588-416f-6d65-7adf8c2cc58d%26zdid%3D1361&bounce=1&random=2174689436 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=pj/r6D6V1XtaskZFYezJhu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
Request Chain 762
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=dbf1dfc7-c982-4a77-5c87-d7146f2213f0?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=dbf1dfc7-c982-4a77-5c87-d7146f2213f0?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=869932d30e106d0a3467deb1a3d587eb&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
Request Chain 763
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-8sS84KBE2ooTE3my1ZTCrtwKjl_q0w_NAA--~A&zpartnerid=570&env=mWeb
Request Chain 764
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=vmclNxe6OiZYMhNbGF%2BlPhYWghGFCZfN%2BS41iYitP1U%3D
Request Chain 768
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddbf1dfc7-c982-4a77-5c87-d7146f2213f0%26reqId%3D575ae0a0-5588-416f-6d65-7adf8c2cc58d%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YdxSXgAElBbmSAAm&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
Request Chain 769
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddbf1dfc7-c982-4a77-5c87-d7146f2213f0%26reqId%3D575ae0a0-5588-416f-6d65-7adf8c2cc58d%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=ee3861dc-525e-4500-ba51-154383c5c538&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
Request Chain 770
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
Request Chain 771
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361&dcc=t
Request Chain 772
  • https://tags.bluekai.com/site/87734?id=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Request Chain 773
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddbf1dfc7-c982-4a77-5c87-d7146f2213f0%26reqId%3D575ae0a0-5588-416f-6d65-7adf8c2cc58d%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
Request Chain 778
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:HDIcC3QZ1N6WIi5&gdpr=0&gdpr_consent=
Request Chain 780
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:28A9F7F7046F40DD8AD113074412F1AD
Request Chain 781
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=E684F5E9-3B0B-4B8B-B14B-8556B772469D&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=E684F5E9-3B0B-4B8B-B14B-8556B772469D&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=E684F5E9-3B0B-4B8B-B14B-8556B772469D&addseg=19,36,42
Request Chain 782
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=E684F5E9-3B0B-4B8B-B14B-8556B772469D&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=E684F5E9-3B0B-4B8B-B14B-8556B772469D&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 784
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=E684F5E9-3B0B-4B8B-B14B-8556B772469D HTTP 302
  • https://a.audrte.com/p
Request Chain 785
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=033b22e7-722b-11ec-9250-59e8f3a3eea6&gdpr=0&gdpr_consent=
Request Chain 794
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6951153631002470371&uid=Q6951153631002470371&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 796
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=4d82d812-27dc-4dae-bda6-170f06a7d781
Request Chain 797
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YdxSXBt8uWyTtIAi9xXNZAAABHYAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YdxSXBt8uWyTtIAi9xXNZAAABHYAAAIB&dcc=t
Request Chain 798
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 802
  • https://ad.mrtnsvr.com/sync/triplelift HTTP 302
  • https://eb2.3lift.com/xuidmid=7976&xuid=BARgT424p&dongle=u6nf
Request Chain 804
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjAwNTE2OTUxNzc3MDUxMzY5MQ%3D%3D
Request Chain 806
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2005169517770513691?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-XIXbRKpE2oRAFCFd8SACOTKvGNZD0zYsYJhXXQK7Vg--~A&dongle=0883
Request Chain 809
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=2005169517770513691 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2005169517770513691&dcc=t
Request Chain 810
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 813
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 815
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=1899464560870372694
Request Chain 817
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP00faf6d4-722b-11ec-b92b-022355a5a232 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-lPe8AVhE2uFAusja4PgQzuCO8HNWDQb4~A~UP00faf6d4-722b-11ec-b92b-022355a5a232
Request Chain 818
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=ttd&uid=200dd76c-6183-49d6-9fb9-08410ca8a1c3&ttl=1644420963
Request Chain 820
  • https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=18e646373b7f9f7e6fd2a32fa3ae10c0d31399c8
Request Chain 821
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3DE684F5E9-3B0B-4B8B-B14B-8556B772469D HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=E684F5E9-3B0B-4B8B-B14B-8556B772469D
Request Chain 822
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID/%257BuserId%257D HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=55&uid=$UID/no-consent
Request Chain 823
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=$y-XrJM4dFE2uHSnpP6VhPvkeyoc6u1ii50hlJFWjM-~A
Request Chain 939
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=563268403423191541 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESENkKth2Bg3txDY3SCerEN3A&google_cver=1 HTTP 302
  • https://ps.eyeota.net/match?bid=kh51m51&uid=cf9M5H9UE4XSQSWg5jWxc27Ig&gdpr=0&gdpr_consent=
Request Chain 940
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=cf9M5H9UE4XSQSWg5jWxc27Ig&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=cf9M5H9UE4XSQSWg5jWxc27Ig&gdpr=0&gdpr_consent=&google_gid=CAESENkKth2Bg3txDY3SCerEN3A&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 964
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=869932d30e106d0a3467deb1a3d587eb&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=5cee30e4-3772-42d2-a35e-93162edcdcbd
Request Chain 966
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YdxSXgAElBbmSAAm

982 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request bannon-s-anti-vax-correspondent-blames-his
crooksandliars.com/2022/01/
Redirect Chain
  • http://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
  • https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
68 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
0c1b12828169e3a9277dd6ed4f807e8dd4db342cbce696b2093170dbe9af7a1a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Mon, 10 Jan 2022 15:35:54 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding Accept-Encoding Cookie
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, HEAD, OPTIONS
access-control-allow-headers
token, Content-Type
x-drupal-cache
MISS
x-ua-compatible
IE=edge
x-xss-protection
0
access-control-allow-origin
*
etag
W/"1641828954-0"
cache-control
public, max-age=0
last-modified
Mon, 10 Jan 2022 15:35:54 +0000
expires
Sun, 11 Mar 1984 12:00:00 GMT
service-worker-allowed
/
content-encoding
gzip

Redirect headers

Server
nginx
Date
Mon, 10 Jan 2022 15:35:53 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Location
https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
fixes.css
crooksandliars.com/sites/all/themes/cl_theme21/public/ 		0
192 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://crooksandliars.com/sites/all/themes/cl_theme21/public/fixes.css?o
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:54 GMT
last-modified
Tue, 09 Nov 2021 02:27:37 GMT
server
nginx
etag
"6189dc99-0"
content-type
text/css
cache-control
max-age=315360000
accept-ranges
bytes
content-length
0
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
fixes.css
crooksandliars.com/sites/all/themes/cl_theme21/ 		159 B
348 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://crooksandliars.com/sites/all/themes/cl_theme21/fixes.css
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
6e403e2d554aa481361609012af929dcbc5b8f4a531561905a743b548735ff1f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:54 GMT
content-encoding
gzip
last-modified
Thu, 18 Nov 2021 00:16:48 GMT
server
nginx
etag
W/"61959b70-9f"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
theme21.css
crooksandliars.com/sites/all/themes/cl_theme21/public/resources/ 		106 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://crooksandliars.com/sites/all/themes/cl_theme21/public/resources/theme21.css?v=d89e696ee944254344d8
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
f85352e80d1f49f87680fdbe10256f58f6113e8cebf724653878e3168812c844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:54 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 18:35:39 GMT
server
nginx
etag
W/"61afa97b-1a7c3"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-2640119-1
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
846cfb597e4a8cd07d60d48198b5d71b608575add0702073e61452d5d05464b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:54 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36249
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 10 Jan 2022 15:35:54 GMT
dd_theme.red.css
crooksandliars.com/sites/all/modules/custom/donation_drives/css/ 		315 B
461 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://crooksandliars.com/sites/all/modules/custom/donation_drives/css/dd_theme.red.css
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
77a2a2da3462a92e5d25f6d22a4b8a5abd9ecdb57f1769a644a2788f861d254f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:54 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 18:35:39 GMT
server
nginx
etag
W/"61afa97b-13b"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88522cca257c7b55886862e9549236b005c2fcbb1246bcd986621476739c2127

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:54 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
845
etag
W/"f138f96bdde8c4ff4dce4300db918980"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6cb6fa57cc1183b4-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 13 Jan 2022 15:35:54 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b0b8992bcfb8da2a9e51764ee7c7d4705fa88a1df4f5d46f10cb3713dae0065a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51874
x-xss-protection
0
server
cafe
etag
4291387441768356347
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 10 Jan 2022 15:35:54 GMT
logo_sm.png
crooksandliars.com/sites/all/themes/cl_theme21/public/static/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/sites/all/themes/cl_theme21/public/static/logo_sm.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
a89adf784f7d54cd1d3f7e34a7b3d200eaf57abcb3cd8f0e418a0462c7ecf19a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:54 GMT
last-modified
Tue, 09 Nov 2021 02:27:37 GMT
server
nginx
etag
"6189dc99-acb"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
2763
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo_full.png
crooksandliars.com/sites/all/themes/cl_theme21/public/static/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/sites/all/themes/cl_theme21/public/static/logo_full.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
e3bf4936fbf82a51c0dbd4b478287e19915d0c3dd2ef15d32042b360bd7365f6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:54 GMT
last-modified
Tue, 09 Nov 2021 02:27:37 GMT
server
nginx
etag
"6189dc99-131c"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
4892
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
49289.jpg
crooksandliars.com/files/imagecache/box_150/mediaposters/2022/01/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/box_150/mediaposters/2022/01/49289.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
7e323abec7f395e7328c60a9e34e43ccdb4940262362d7cd0999f65a7f8daf16

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:54 GMT
last-modified
Mon, 10 Jan 2022 15:18:45 GMT
server
nginx
etag
"61dc4e55-ea7"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
3751
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
covid19-1600x900.jpg
crooksandliars.com/files/imagecache/box_150/primary_image/22/01/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/box_150/primary_image/22/01/covid19-1600x900.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
18cf4dfa4207df3b4a427036d0fcd3f428d9ef02d578d695871fc55f1d31b68b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:54 GMT
last-modified
Mon, 10 Jan 2022 14:05:23 GMT
server
nginx
etag
"61dc3d23-ea6"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
3750
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
fauci.png
crooksandliars.com/files/imagecache/box_150/primary_image/22/01/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/box_150/primary_image/22/01/fauci.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
e7fd91bdcbf604d107007b4a7cf73579068b35b701def3721908e285d73c2c36

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:54 GMT
last-modified
Mon, 10 Jan 2022 13:26:38 GMT
server
nginx
etag
"61dc340e-3459"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
13401
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
new1.crooksandliars.com.1105644.js
jsc.mgid.com/n/e/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/new1.crooksandliars.com.1105644.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3b402482a4e5307d324fd07d7b20e07cd893913ef816adbe9213079b617fc4b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:54 GMT
content-encoding
br
cf-cache-status
HIT
age
811
last-modified
Thu, 16 Dec 2021 13:40:19 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
QFJTEK02H80Z36N4
x-amz-id-2
iVREzl8M/kT6hn51oEfBgz8WFm/kXyyjs21bq/HLWlxXVECScVFGhX1FimSV2Ud9ZE+0/lUqDnU=
cf-bgj
minify
server
cloudflare
etag
W/"d9db3ba34479a214cd36795436e79944"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6cb6fa57bd3639f9-CDG
expires
Mon, 10 Jan 2022 18:35:54 GMT
yappa-comments.js
embed.yappaapp.com/
Redirect Chain
  • https://comments.yappaapp.com/embed/yappa-comments.js
  • https://embed.yappaapp.com/yappa-comments.js
17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.yappaapp.com/yappa-comments.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Server
2606:4700:3035::ac43:b142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd5b09d87bacd6639d48f38a2a374d8931143247796ff22a98305f51768e137c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Dec 2021 12:02:53 GMT
server
cloudflare
age
11392
etag
W/"61b887ed-4391"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQkEAK7FQcQnyFT6n8BEo2YRqXIcitJDpM03GA7R6RF1llPDInyHche%2F%2B%2BWV8NFAsm0IvPSD1cxdVpmQMUwvDcyuuT%2BjA5Tt8KNhIz0MEfabp01p0NtPNSbRZOuncdT%2BqmOw%2BHcGh6E%2BfE6zhFmuo4E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6cb6fa57da292199-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Mon, 10 Jan 2022 15:35:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R984GkJywsNjZnO7b2MktUJ1E2NaPi61M60F1tPkwfbx4G2xZfTDshr1MslVNG9om6ltKpsPJlOAsltjI2TnNAAW%2FuBbm%2Bt3GciQu%2B%2BRlKPRUsO3k9MVsEj%2BNsu5zotDkR1r0q5inuIETO4dbhne5E7aueA%3D"}],"group":"cf-nel","max_age":604800}
location
https://embed.yappaapp.com/yappa-comments.js
cache-control
max-age=3600
cf-ray
6cb6fa5749462199-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Mon, 10 Jan 2022 16:35:54 GMT
bundle.js
soapps.net/live/loader/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://soapps.net/live/loader/bundle.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.119.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-119-75.compute-1.amazonaws.com
Software
nginx/1.17.10 /
Resource Hash
017100a1d28f9dd94f54e7d812803134c0a36f6b05c8ff71e02cfd2d1ce1d5a3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:35:55 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Wed, 17 Nov 2021 08:30:52 GMT
Server
nginx/1.17.10
ETag
W/"6194bdbc-445b"
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Type
application/javascript
Cache-Control
public, max-age=300
Transfer-Encoding
chunked
Connection
keep-alive
bootloader.js
static.newsmaxfeednetwork.com/web-clients/bootloaders/TdUGmQOcTfm6Or8W2H9nVT/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.newsmaxfeednetwork.com/web-clients/bootloaders/TdUGmQOcTfm6Or8W2H9nVT/bootloader.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.99.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-99-233.compute-1.amazonaws.com
Software
/ Express
Resource Hash
2e2f8485434c1dc7ba8426b78bcdcce5d13462028693bc1b749957ef88909763

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
cache-control
public, max-age=300
x-powered-by
Express
etag
W/"58e-rpAHw0NpBBZ2yx67ykqppRQRbos"
content-length
1422
content-type
text/javascript; charset=utf-8
print.css
crooksandliars.com/sites/all/themes/cl_theme21/public/ 		0
192 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://crooksandliars.com/sites/all/themes/cl_theme21/public/print.css?o
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:54 GMT
last-modified
Tue, 09 Nov 2021 02:27:37 GMT
server
nginx
etag
"6189dc99-0"
content-type
text/css
cache-control
max-age=315360000
accept-ranges
bytes
content-length
0
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f52c267b1d211b721bac434b3922339d68451d4e48f0085a4cdda3d415066123
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
yXZIueUcehlWAQVXEzZccA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
BOXqAkwwscV8DllrDZAO+ew0tFe73Cshh+/O6gnE2LgOQPGmxVn7ZcM5z+sOzIznnmD5kOoRH7N9VkkDUE/4Fw==
x-fb-trip-id
686109401
x-fb-content-md5
a004fc73ee722ae2505cff91430b1d4e
x-frame-options
DENY
date
Mon, 10 Jan 2022 15:35:54 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"3b720cd1ffd30e689a73f43f94756229"
timing-allow-origin
*
expires
Mon, 10 Jan 2022 15:47:18 GMT
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CDF) /
Resource Hash
97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:35:55 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
1079
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length
29126
x-tw-cdn
VZ
Last-Modified
Thu, 02 Dec 2021 21:35:27 GMT
Server
ECS (mil/6CDF)
Etag
"50ec7e701ed018305368886c39cac301+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
counter.js
soapps.net/live/loader/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://soapps.net/live/loader/counter.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.119.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-119-75.compute-1.amazonaws.com
Software
nginx/1.17.10 /
Resource Hash
f8931fb54a893eb8399cb625262171e4dee6a7c74f8fb7e7db94fffb015872e7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:35:55 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Wed, 17 Nov 2021 08:30:52 GMT
Server
nginx/1.17.10
ETag
W/"6194bdbc-667b"
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Type
application/javascript
Cache-Control
public, max-age=300
Transfer-Encoding
chunked
Connection
keep-alive
theme21.js
crooksandliars.com/sites/all/themes/cl_theme21/public/resources/ 		27 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://crooksandliars.com/sites/all/themes/cl_theme21/public/resources/theme21.js?v=d89e696ee944254344d8
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
7e19eba3c8b38c55a49607c4e99341b0f5941dbdd03f702f927c73387aa92ed1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:54 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 18:21:38 GMT
server
nginx
etag
W/"618abc32-6baa"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=315360000
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
crooksandliars.min.js
global.proper.io/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/crooksandliars.min.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa79b84bd70e1ff4b0960cf83dc05b1b58e48c3671150186ad73c82b5df31dcd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 08 Jul 2021 18:08:10 GMT
server
cloudflare
age
13519278
etag
W/"60e73f0a-4f22"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
6cb6fa57eb5d0221-ZRH
expires
Mon, 10 Jan 2022 15:40:54 GMT
connatix.playspace.dc.js
cds.connatix.com/p/144775/
Redirect Chain
  • https://cd.connatix.com/connatix.playspace.js
  • https://cds.connatix.com/p/144775/connatix.playspace.dc.js
1 MB
245 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/144775/connatix.playspace.dc.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7289709ae46707bed0ee806280f219e63afaa5602ca8f1d5dd88a5b22b9c9010

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:54 GMT
content-encoding
br
last-modified
Mon, 10 Jan 2022 10:54:35 GMT
age
16747
etag
"65b40917a9105557c00c3b02f0539e01"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
250323

Redirect headers

location
https://cds.connatix.com/p/144775/connatix.playspace.dc.js
date
Mon, 10 Jan 2022 15:35:54 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
server
Kestrel
accept-ranges
bytes
content-length
0
v2svfVFmfR692y-_LnnShhl08-248o3qFh5AJHol-9kA088r9prIfWE8vFc-u44i_
glisteningguide.com/ 		89 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://glisteningguide.com/v2svfVFmfR692y-_LnnShhl08-248o3qFh5AJHol-9kA088r9prIfWE8vFc-u44i_
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.74.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.74.190.35.bc.googleusercontent.com
Software
/
Resource Hash
09557c464b55544459b20653f1e31abd29c693c4e6da393745567a599cf16158
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"b864d4b7f1597bc52e41d3d1ba5fa1f75f05c6663bc1637b06f2a41ab1923938"
vary
Accept-Encoding, Accept-Language
x-hostname
26187baf
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Mon, 10 Jan 2022 15:35:55 GMT
timing-allow-origin
*
gtm.js
www.googletagmanager.com/ 		112 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-QXNM
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0c99284f4e6560be7065537fdc7215fd0bc4bcb1c2b5eb16feeaf40fa7913ce6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:54 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42058
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 10 Jan 2022 15:35:54 GMT
bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
d3lcz8vpax4lo2.cloudfront.net/ads-code/ 		175 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:5200:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5912bf0e78a35dc4840b4ce5e5c739ff7f62c216ac6564f17969921e9edb0ebb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
A8OC.4_EQpRcP0B4mALIY4prlvLOAQJs
content-encoding
gzip
last-modified
Mon, 10 Jan 2022 08:56:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
etag
W/"1ec308e704254a29df643204ab348eba"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Mon, 10 Jan 2022 15:35:56 GMT
x-amz-cf-id
XQzwDJJYJVPPWTkyNKQIpCHxjypNDKDbkyfF2V93rPv-BUo2COYgsQ==
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
GtvO7FM0B49rGlTnJLdsc5+J7CUo7GH+79agdq5mJwK2Mg0gbeJqCfvQd1g235EttsfQDuAGrdbhRxDfAttcFg==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Mon, 10 Jan 2022 15:35:54 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
connatix.player.dc.js
cds.connatix.com/p/144775/ Frame 3C9B
Redirect Chain
  • https://cd.connatix.com/connatix.player.js
  • https://cds.connatix.com/p/144775/connatix.player.dc.js
1 MB
236 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/144775/connatix.player.dc.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
116e644aa3c0cf28db9a7e287acbe60a7b1e42532aa4433fd99e0593537f8e5e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:54 GMT
content-encoding
br
last-modified
Mon, 10 Jan 2022 10:54:35 GMT
age
16748
etag
"2ab540102700f25f853e0e6bc49130ed"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
241053

Redirect headers

location
https://cds.connatix.com/p/144775/connatix.player.dc.js
date
Mon, 10 Jan 2022 15:35:54 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
server
Kestrel
accept-ranges
bytes
content-length
0
dZAeyHMz
embed.crooksandliars.com/embed/ Frame 49FB 		6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://embed.crooksandliars.com/embed/dZAeyHMz
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.238.37.138 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
dean.crooksandliars.com
Software
nginx / Express
Resource Hash
6edae227c579f6d6138d0d46cb5c00646985582aa9d34d59b5e0ff75a836d505

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

server
nginx
date
Mon, 10 Jan 2022 15:35:55 GMT
content-type
text/html; charset=utf-8
content-length
5954
x-powered-by
Express
access-control-allow-origin
*
cache-control
public, max-age=300
etag
W/"1742-l9q+KuDHW8RqpFPERzmlEoNghtU"
si
capi.connatix.com/tr/ 		0
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/tr/si?token=6e68be0f-666a-4f9f-a109-6bb52f458823
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.50.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-50-229.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:54 GMT
access-control-allow-credentials
true
server
Kestrel
Connection
keep-alive
Content-Length
0
content-type
application/json
69695b08656fbd9c4196.png
crooksandliars.com/sites/all/themes/cl_theme21/public/resources/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/sites/all/themes/cl_theme21/public/resources/69695b08656fbd9c4196.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/sites/all/themes/cl_theme21/public/resources/theme21.css?v=d89e696ee944254344d8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
1d5a54e77957198a8d13763c94597359487cecbac0ab2bed81bbe19a82c8cd22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/sites/all/themes/cl_theme21/public/resources/theme21.css?v=d89e696ee944254344d8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:54 GMT
last-modified
Mon, 08 Nov 2021 21:51:30 GMT
server
nginx
etag
"61899be2-175d"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
5981
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
5ec52e12c7c6ec50eee8.png
crooksandliars.com/sites/all/themes/cl_theme21/public/resources/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/sites/all/themes/cl_theme21/public/resources/5ec52e12c7c6ec50eee8.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/sites/all/themes/cl_theme21/public/resources/theme21.css?v=d89e696ee944254344d8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
6b746405edc5c79f4b40f8392d475bf2cf4023e2c6ca60cee9324941bec30019

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/sites/all/themes/cl_theme21/public/resources/theme21.css?v=d89e696ee944254344d8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:54 GMT
last-modified
Mon, 08 Nov 2021 21:51:30 GMT
server
nginx
etag
"61899be2-a72"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
2674
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
d1597aa7a12fec55735f.ttf
crooksandliars.com/sites/all/themes/cl_theme21/public/resources/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://crooksandliars.com/sites/all/themes/cl_theme21/public/resources/d1597aa7a12fec55735f.ttf?mbpfd2
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/sites/all/themes/cl_theme21/public/resources/theme21.css?v=d89e696ee944254344d8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
1f66c0fbb5aeb0dd2d14a7f6e7d13873dcae81af3cd74beb437f604dad1245f6

Request headers

Referer
https://crooksandliars.com/sites/all/themes/cl_theme21/public/resources/theme21.css?v=d89e696ee944254344d8
Origin
https://crooksandliars.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:54 GMT
last-modified
Mon, 08 Nov 2021 21:51:30 GMT
server
nginx
etag
"61899be2-f10"
content-type
application/octet-stream
cache-control
max-age=315360000
accept-ranges
bytes
content-length
3856
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/ 		165 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MBSB7S97P1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2640119-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cc267b6ba6c4578259b191cf5f23abbba37c69721ebd60389bddd574bd0a2579
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:54 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62308
x-xss-protection
0
expires
Mon, 10 Jan 2022 15:35:54 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 		276 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5155643920455169&plah=crooksandliars.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f90b1d6f886480f7a961aa071ac28fc98a8a7347812f0acd5b2d3c7a51215b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101734
x-xss-protection
0
server
cafe
etag
6338342865683808284
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 10 Jan 2022 15:35:54 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220104/r20190131/ Frame BDAD 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220104/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
73271f83e0d89e09da51434a964dde15ced7b91331f3b96357eb05ee81a85567
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 09 Jan 2022 16:07:35 GMT
expires
Sun, 23 Jan 2022 16:07:35 GMT
content-type
text/html; charset=UTF-8
etag
2196020943555189384
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4873
x-xss-protection
0
age
84499
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
new1.crooksandliars.com.1105644.es6.js
jsc.mgid.com/n/e/ 		242 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/new1.crooksandliars.com.1105644.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/new1.crooksandliars.com.1105644.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa61101654955533172174acee2c1630beb0201da906f750740320d985039ab3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:54 GMT
content-encoding
br
cf-cache-status
HIT
age
919
last-modified
Thu, 16 Dec 2021 13:40:19 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
WYJW2KKV41PVXB0Z
x-amz-id-2
MroyhbuVgP9k4E8aqEvtSWUgDTAp9C9YxXI9U3mZI0MnxzsYEkwVY5VS/bZV7xKb1g8bkcZhlu8=
cf-bgj
minify
server
cloudflare
etag
W/"ee381799f77b8e6c4d2397a43a4e2fbd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6cb6fa584d2f4abd-FRA
expires
Mon, 10 Jan 2022 18:35:54 GMT
domains.json
prod-static.yappaapp.com/configurations/ 		61 B
507 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-static.yappaapp.com/configurations/domains.json
Requested by
Host: comments.yappaapp.com
URL: https://comments.yappaapp.com/embed/yappa-comments.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c000:6:6801:f140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f06f508e5643d1fe08170ba3a541e92c6ded761d292df9b600109a163f51e49c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:56 GMT
via
1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
last-modified
Tue, 14 Dec 2021 12:10:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
etag
"b28b678a85f43ba1b447005f8930940a"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
access-control-max-age
0
x-cache
Miss from cloudfront
accept-ranges
bytes
content-length
61
x-amz-cf-id
SybBcw-vav6HsC4si5VRMy0OQZ3FJ7CbeX8_th0HASSGDu4eWCtNtw==
217549316377187
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/217549316377187?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eb3c357495544d7c72902c3f08d90f086d358969fa2d8656eef048b325c619b6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
wt7BOC1hJO2rKThXHfpR6kUIkO4JxUqYdlIvUWooIICcRI6yBuh+quRk0C4AVkQAdx4qKU4xvEveGoyhMul4xw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 10 Jan 2022 15:35:55 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e000e7805a03b275608d64f0ee40fc1140ea80bcb3daa6bc9a5406dd107f9d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:54 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
770
etag
W/"bade15bfdcba7ee19d22e61741b04b27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6cb6fa586f4701fc-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 13 Jan 2022 15:35:54 GMT
48740.jpg
crooksandliars.com/files/imagecache/featured_650/embeds/2022/01/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/featured_650/embeds/2022/01/48740.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
bde381fcf6a08739f9741449955410c48d311960224876fb309ff3a756b61493

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:54 GMT
last-modified
Mon, 10 Jan 2022 12:39:17 GMT
server
nginx
etag
"61dc28f5-e8a6"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
59558
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
finag2fxeaud4hp.jpg
crooksandliars.com/files/imagecache/featured_650/primary_image/22/01/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/featured_650/primary_image/22/01/finag2fxeaud4hp.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
fa1b996f995650f284fe656d02eed6c3c91fa5e63499b6fa1a0715f945e62d71

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:54 GMT
last-modified
Mon, 10 Jan 2022 12:39:18 GMT
server
nginx
etag
"61dc28f6-a08e"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
41102
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
screen_shot_2022-01-09_at_6.00.16_pm.png
crooksandliars.com/files/imagecache/featured_650/primary_image/22/01/ 		208 KB
208 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/featured_650/primary_image/22/01/screen_shot_2022-01-09_at_6.00.16_pm.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
05d37070f844b99cb56ee5da29859d89fde717ee632cb7aebd944726b009a2a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:54 GMT
last-modified
Mon, 10 Jan 2022 11:45:55 GMT
server
nginx
etag
"61dc1c73-33e3b"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
212539
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
counter.js
statcounter.com/counter/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://statcounter.com/counter/counter.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.229.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76c3204c16180551c6575195c88969110daa632706c71fbfa154e5c2024b7022

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 07 Jan 2022 12:24:07 GMT
server
cloudflare
age
11084
etag
W/"61d830e7-9d23"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=43200
cf-ray
6cb6fa58a80d4ee6-FRA
expires
Tue, 11 Jan 2022 00:31:10 GMT
collect
www.google-analytics.com/g/ 		0
173 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-MBSB7S97P1&gtm=2oe150&_p=671282525&sr=1600x1200&ul=en-us&cid=228879631.1641828955&_s=1&dl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&dt=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&sid=1641828954&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MBSB7S97P1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://crooksandliars.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2640119-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2088
date
Mon, 10 Jan 2022 15:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 10 Jan 2022 17:01:06 GMT
BLUE_AMERICA_ENDORSE_MATT_BROWN_Governor-150x150.jpg
blueamerica.crooksandliars.com/wp-content/uploads/2022/01/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blueamerica.crooksandliars.com/wp-content/uploads/2022/01/BLUE_AMERICA_ENDORSE_MATT_BROWN_Governor-150x150.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
c10980b914bf7d7f932f3c2b801203b7712b8aa4a7bfd161c77d58a13859c139

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
last-modified
Sun, 09 Jan 2022 02:46:07 GMT
server
nginx
etag
"5557-5d51d38d6b4a0"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
21847
expires
Tue, 10 Jan 2023 15:35:55 GMT
MelanieDArrigo-for-NY03-150x150.jpeg
blueamerica.crooksandliars.com/wp-content/uploads/2021/12/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blueamerica.crooksandliars.com/wp-content/uploads/2021/12/MelanieDArrigo-for-NY03-150x150.jpeg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
9c43cba006e461f4da246854d7d069671a30eb6be16ae52b62dcb09df886a2cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
last-modified
Mon, 27 Dec 2021 02:57:08 GMT
server
nginx
etag
"1e52-5d417dc47b230"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
7762
expires
Tue, 10 Jan 2023 15:35:55 GMT
Lourin-Hubbard-CA22-2022-150x150.jpg
blueamerica.crooksandliars.com/wp-content/uploads/2021/12/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blueamerica.crooksandliars.com/wp-content/uploads/2021/12/Lourin-Hubbard-CA22-2022-150x150.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
a21f6f5f7c47bf542d9f7b13bd15dfa0b4694d2db35c0eeb939935a3216c6fe7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
last-modified
Sun, 12 Dec 2021 02:58:55 GMT
server
nginx
etag
"1d9e-5d2ea230ecc14"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
7582
expires
Tue, 10 Jan 2023 15:35:55 GMT
cookie.js
partner.googleadservices.com/gampad/ 		222 B
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=crooksandliars.com&callback=_gfp_s_&client=ca-pub-5155643920455169
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5155643920455169&plah=crooksandliars.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
618442dd4bbea7d6a3dd92289773ab6b09f2fc42d3a740dcfe54ef3487bfd7ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
203
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=crooksandliars.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5155643920455169&plah=crooksandliars.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=crooksandliars.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5155643920455169&plah=crooksandliars.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F53A 		247 KB
61 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5155643920455169&output=html&adk=1812271804&adf=3025194257&lmt=1641828954&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641828954868&bpp=3&bdt=300&idt=129&shv=r20220104&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=835347225140&frm=20&pv=2&ga_vid=228879631.1641828955&ga_sid=1641828955&ga_hid=671282525&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=2410621596312829&pem=731&tmod=299&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=149
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5155643920455169&plah=crooksandliars.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ab5e5775a3716a887510d73cd49eaf0e526494b4195c6dc4b6ecdedeb22de62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 10 Jan 2022 15:35:55 GMT
server
cafe
content-length
62370
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 10 Jan 2022 15:35:55 GMT
cache-control
private
web
onesignal.com/api/v1/sync/6e53e4f0-debb-4365-bdbe-2806cd20ee52/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/6e53e4f0-debb-4365-bdbe-2806cd20ee52/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa477d40d51f7c7e4c9c8c2b6ea56937d87cf16c3e3a9e7f58a8359d36f730c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2309
cf-polished
origSize=5522
status
200 OK
x-envoy-upstream-service-time
127
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
5973d0bd-654d-441c-aa79-a8c3a25a0a9a
x-runtime
0.125716
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"d319c11b07a48728e140a344a390f9f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
6cb6fa5a1b0983b4-MXP
access-control-allow-headers
SDK-Version
expires
Mon, 10 Jan 2022 16:35:55 GMT
t.php
c.statcounter.com/ 		397 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=8624509&u1=51CEE18D82BF4F48624BFF276042743F&java=1&security=4af12c5c&sc_snum=1&sess=64aa6d&sc_rum_e_s=1569&sc_rum_e_e=1575&sc_rum_f_s=0&sc_rum_f_e=1548&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his&t=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&get_config=true
Requested by
Host: statcounter.com
URL: https://statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.229.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a059ea4926328e48d91cae16a2f7d34c3a8cd7248c4eaa44cb6f52ff00d1763

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6cb6fa5918cb4ee6-FRA
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
content-type
application/json
expires
Mon, 26 Jul 1997 05:00:00 GMT
infolinks_main.js
resources.infolinks.com/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/infolinks_main.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61a75b3f52d74dbd7be2122848d0b7c97c8a26656ba24db2bb3d6fa88a8e7342

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray
6cb6fa5a6f8568fd-FRA
date
Mon, 10 Jan 2022 15:35:55 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Fri, 07 Jan 2022 06:50:38 GMT
server
cloudflare
age
2683
etag
W/"d36-5d4f867930f11"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
content-encoding
gzip
expires
Mon, 10 Jan 2022 15:51:12 GMT
i.js
tag.bounceexchange.com/3601/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.bounceexchange.com/3601/i.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.253.250 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
250.253.120.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
fa5d5795a68772af43db8edbe4a8bb19871ff4b0e5baa5dbfcf3300decbefb92

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:29:38 GMT
content-encoding
gzip
server
fasthttp
age
377
etag
54d2ce109b2e5f
content-type
text/plain; charset=utf-8
via
1.1 google
cache-control
public,max-age=60
x-region
us-central1
timing-allow-origin
*
alt-svc
clear
content-length
1434
link
<https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect
roboto.css
prod-static.yappaapp.com/assets/ 		116 B
483 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prod-static.yappaapp.com/assets/roboto.css
Requested by
Host: comments.yappaapp.com
URL: https://comments.yappaapp.com/embed/yappa-comments.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c000:6:6801:f140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
04c399a7f971435e3304ba9e8bd774b599ad88158a4d07b1a1d75bac7c462d8c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 00:02:29 GMT
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
last-modified
Tue, 14 Dec 2021 12:10:17 GMT
server
AmazonS3
age
56035
etag
"7c06837e3ecf2fffb3d9cfa23d57f7af"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=259200
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
116
x-amz-cf-id
psTj1_VM504rI0RgPuc8HDmp3yzam9Xikh6BvMV2xw26kREo_ZqiOA==
expires
Wed, 21 May 2025 00:00:00 GMT
yappa-comments.css
embed.yappaapp.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.yappaapp.com/yappa-comments.css
Requested by
Host: comments.yappaapp.com
URL: https://comments.yappaapp.com/embed/yappa-comments.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d6f2fc160a880bae98880a5534a797eca34e94a7af2d79229a3480be8cce870

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Dec 2021 12:02:53 GMT
server
cloudflare
age
11381
etag
W/"61b887ed-797"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CYCWfnC9lFLcfK9rcmboykMTN6%2FdbZdMbzSsYgzKhSl0jJoQQmmw9l5xae2egT4k%2F9hsqgwHUpCnZBGYTpQcFSo5YscOZzvd4xKn2VD7rbCeKtWPaDT8EHEyeMc%2B1fXbbU27X3fBtpGAX%2FzBKDzuyTs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6cb6fa596a0c83b8-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=671282525&t=pageview&_s=1&dl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&ul=en-us&de=UTF-8&dt=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1333067591&gjid=1002588213&cid=228879631.1641828955&tid=UA-2640119-1&_gid=1682051791.1641828955&_r=1&gtm=2ou150&cd1=blog&cd2=NewsHound%20Ellen&cd4=173440&cd5=post&z=1009232190
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://crooksandliars.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		290 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=2d7fa00c3b92638c695974981ca25ad0
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
15517b02abee442cf6136797578aff166411f068fd866a37940d772e8d2db9f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://crooksandliars.com/
Origin
https://crooksandliars.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Uv2dT/FcfLwSdKw15FcIxg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
83510
x-fb-rlafr
0
x-fb-debug
kbCZOPQoNga+LIyspfidS9lrXUXyvof8vOwTqX+MTMylgy4l/St4LmhhsMgD1PMwyBXHSml8RM8KXZGDf5lmMw==
x-fb-content-md5
2a89a0d6bbfb528241e17e515b0287a6
x-frame-options
DENY
date
Mon, 10 Jan 2022 15:35:55 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"2a9d9681a2a383962becde8530bf9702"
timing-allow-origin
*
priority
u=3,i
expires
Tue, 10 Jan 2023 15:08:11 GMT
1.73.0.js
global.proper.io/payloads/ 		401 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/payloads/1.73.0.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/crooksandliars.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bd5c81ed2892e35e7b6f4fb3809e3539610c1a23c21d93cadaf9385492d8089

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 01 Jul 2021 18:20:02 GMT
server
cloudflare
age
16663153
etag
W/"60de0752-645d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
6cb6fa594d360221-ZRH
expires
Mon, 10 Jan 2022 15:40:55 GMT
connatix.playspace.css
cds.connatix.com/p/144775/ 		96 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/144775/connatix.playspace.css
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4788aa41e5c2baf4838e97c2be52a34ff91e535da3d352847ae0d3c1ec9cdcb3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
br
last-modified
Mon, 10 Jan 2022 10:54:35 GMT
age
16747
etag
"9c60cef97473b19be4f331527d232d62"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
13487
player.css
cds.connatix.com/p/144775/ 		54 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/144775/player.css
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ed6cc3e4d411248d84eed9acc1d13ad3fd98396734464cf07173588aeb9d02aa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
br
last-modified
Mon, 10 Jan 2022 10:54:36 GMT
age
16747
etag
"2e0a3bf94576cf171c12f9ef0e6f5c54"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
8439
collect
stats.g.doubleclick.net/j/ 		4 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-2640119-1&cid=228879631.1641828955&jid=1333067591&gjid=1002588213&_gid=1682051791.1641828955&_u=YADAAUAAAAAAAC~&z=1183347812
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 10 Jan 2022 15:35:55 GMT
content-type
text/plain
access-control-allow-origin
https://crooksandliars.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=217549316377187&ev=PageView&dl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&rl=&if=false&ts=1641828955231&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1641828955226.586649544&it=1641828954905&coo=false&rqm=GET
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Mon, 10 Jan 2022 15:35:55 GMT
truncated
/ 		203 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2f63edf41c2dd793b54f1a0c1c35bc5ea6da64b77c7fe9e322151489a5a7a98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/gif
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
gzip
etag
"FMCWFRCBdbNj8Eh2c0G78Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Mon, 17 Jan 2022 15:35:55 GMT
delivery.js
assets.newsmaxwidget.com/master/ 		193 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.newsmaxwidget.com/master/delivery.js
Requested by
Host: static.newsmaxfeednetwork.com
URL: https://static.newsmaxfeednetwork.com/web-clients/bootloaders/TdUGmQOcTfm6Or8W2H9nVT/bootloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
80e1dff4e7d1df23d82a08e2e30e2d37d7695b6a96c6f4553f7dc367ec9205c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
gzip
last-modified
Thu, 06 Jan 2022 16:22:26 GMT
server
AmazonS3
x-amz-request-id
X8CPKBN6S3XWKP4B
etag
"103fb706332e41989d5290c9d811c9de"
x-hw
1641828955.cds036.lo4.hn,1641828955.cds278.lo4.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
63494
x-amz-id-2
p0KT28Uebq5fRo8NDZQBl2DE4Aro78gAB/FmSsvt+Pvoh0JZvusgJJCJvN/mcNy4JP1wh4eJ5JI=
generic
trends.newsmaxwidget.com/event/ 		0
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.newsmaxwidget.com/event/generic?t=e0BexIGnHI9%2BpNjG49wkYEyVM4y3BQNxwkTNY7a7dgvvBvz6%2FYgrimsvlkxxk7S%2BA%2FaojW3WOF3%2FGbHkr3qzjPKHxbgzvCAowRUaLS4dKWY%3D&e=adapty&s[ref]=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&s[hash]=TdUGmQOcTfm6Or8W2H9nVT
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.237.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-237-91.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 10 Jan 2022 15:35:55 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
strict-transport-security
max-age=931536000; includeSubDomains
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2640119-1&cid=228879631.1641828955&jid=1333067591&_u=YADAAUAAAAAAAC~&z=1509475401
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2640119-1&cid=228879631.1641828955&jid=1333067591&_u=YADAAUAAAAAAAC~&z=1509475401
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
story
capi.connatix.com/core/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/story?v=144775
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.50.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-50-229.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
20b2bb36e937d744519d7c8d585515b03d3b130dd4c92e61d93e7cc0ea452748

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
2390
widget_iframe.21f942bb866c2823339b839747a0c50c.html
platform.twitter.com/widgets/ Frame 425E 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fcrooksandliars.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE2) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
2747373
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Mon, 10 Jan 2022 15:35:55 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Thu, 02 Dec 2021 21:34:18 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (mil/6CE2)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
loader.js
product.instiengage.com/product-loader-script/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://product.instiengage.com/product-loader-script/loader.js
Requested by
Host: soapps.net
URL: https://soapps.net/live/loader/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:3800:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71a2d4d17fa341504b931b8e2ac60bff5d53f81871a965b1e10925a76bfbe48f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
avr6qrVxLBe3MHpL7p7GQI627nbWzj3w
content-encoding
br
last-modified
Fri, 19 Nov 2021 16:25:07 GMT
server
AmazonS3
age
216
etag
W/"a6acaac366ff6be19be6e71ea32480c2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
date
Mon, 10 Jan 2022 15:32:19 GMT
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
y0-NPFKAcaKrSBQkkuPoZQlI4Z7WtUNiMFBe0Hs72TgadztME3FLuw==
getThreadsCounters
soapps.net/live/comments/api/externalAPI/ 		166 B
546 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://soapps.net/live/comments/api/externalAPI/getThreadsCounters
Requested by
Host: soapps.net
URL: https://soapps.net/live/loader/counter.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.119.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-119-75.compute-1.amazonaws.com
Software
nginx/1.17.10 /
Resource Hash
7200187b2f513d8e5958491d82f4c6b8adaa548c2e718af1277756cd6bf43438
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

Date
Mon, 10 Jan 2022 15:35:55 GMT
Vary
Origin
Server
nginx/1.17.10
RequestId
947fea81-4666-4a8f-812a-6e461fd766be
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Type
application/json
Access-Control-Allow-Origin
https://crooksandliars.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
166
getThreadsCounters
soapps.net/live/comments/api/externalAPI/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://soapps.net/live/comments/api/externalAPI/getThreadsCounters
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.119.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-119-75.compute-1.amazonaws.com
Software
nginx/1.17.10 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://crooksandliars.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.17.10
Date
Mon, 10 Jan 2022 15:35:55 GMT
Content-Length
0
Connection
keep-alive
RequestId
12cb2e3a-2988-45e2-ac9e-dac01a5294ab
Access-Control-Allow-Origin
https://crooksandliars.com
Vary
Origin, Access-Control-Request-Headers
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Headers
content-type
Strict-Transport-Security
max-age=15724800; includeSubDomains
skeleton.gif
static.adsafeprotected.com/ 		43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ba00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:14:35 GMT
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
age
13562481
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
fZk9br6V7jveT7G2m_SrE-OaWT4RvVJL0Orn7E9A2MpK2MczEa1Hcw==
ijs_all_modules_59172a559156a275174986debedb08b4.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		530 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_59172a559156a275174986debedb08b4.js
Requested by
Host: tag.bounceexchange.com
URL: https://tag.bounceexchange.com/3601/i.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
67ecae2176c57750a105c28037d326728f7a60ccbd7214d3fb6a12571c7e01ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 20:08:35 GMT
content-encoding
gzip
age
329240
x-guploader-uploadid
ADPycdseuVwpzWkeHU6Y2_30A4pqadteZ8HSav5IT6sXagkYzC0IfE2AaXp1-CAvAdg2Dt8ykSHcRHpbe3UwgO3E7GgueBT7MA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
128448
last-modified
Thu, 06 Jan 2022 20:08:15 GMT
server
UploadServer
etag
"9948b12772bc499003e6c12552a5a1f4"
vary
Accept-Encoding
x-goog-hash
crc32c=0HY7vw==, md5=mUixJ3K8SZAD5sElUqWh9A==
x-goog-generation
1641499695584608
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
128448
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 06 Jan 2023 20:08:35 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
51efa64739a62d888b20194381ef1a14eef553dd303829181021f9ef781c308d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26881
x-xss-protection
0
server
sffe
etag
"1097 / 117 of 1000 / last-modified: 1641807633"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 10 Jan 2022 15:35:55 GMT
usersync
usync.proper.io/v1/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D524a21c7-7a2e-45fe-ab5f-2e2e1aa6dc54%26uid%3D%24%7BBSW_UUID%7D?&callback=window....
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D524a21c7-7a2e-45fe-ab5f-2e2e1aa6dc54%26uid%3D%24%7BBSW_UUID%7D?&callback=w...
  • https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=524a21c7-7a2e-45fe-ab5f-2e2e1aa6dc54&uid=d0773446-703e-4748-9935-7778e55be987
183 B
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=524a21c7-7a2e-45fe-ab5f-2e2e1aa6dc54&uid=d0773446-703e-4748-9935-7778e55be987
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Server
54.149.4.149 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-4-149.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
3b45f771edb3f44cff3ccce014039a37f6f2f402ba16c96ceb73ef0b4ea476a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 10 Jan 2022 15:35:56 GMT
server
nginx/1.18.0
content-length
183
content-type
text/javascript

Redirect headers

Location
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=524a21c7-7a2e-45fe-ab5f-2e2e1aa6dc54&uid=d0773446-703e-4748-9935-7778e55be987
Date
Mon, 10 Jan 2022 15:35:55 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
usersync
usync.proper.io/v1/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_39155b29_4b28ae57_2
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_39155b29_4b28ae57_2&verify=true
  • https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-nIqaC_JE2uHOcqtTwZjkOJCzLXwPa0Ku~A
151 B
361 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-nIqaC_JE2uHOcqtTwZjkOJCzLXwPa0Ku~A
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Server
54.149.4.149 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-4-149.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
844c08aa7055085454093624a5030ff7432450add861ebaff60b4cef759d8f28

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 10 Jan 2022 15:35:56 GMT
server
nginx/1.18.0
content-length
151
content-type
text/javascript

Redirect headers

location
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-nIqaC_JE2uHOcqtTwZjkOJCzLXwPa0Ku~A
date
Mon, 10 Jan 2022 15:35:55 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
445.json
id5-sync.com/g/v2/ 		213 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/445.json
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.183 , France, ASN16276 (OVH, FR),
Reverse DNS
p08.id5-sync.com
Software
/
Resource Hash
947094990b0286fc70c9929451b6e53672176eca58423f3cf5575a3e5ab903a9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://crooksandliars.com
Date
Mon, 10 Jan 2022 15:35:54 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
id
id.sharedid.org/ 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sharedid.org/id
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.70.210.121 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-210-121.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://crooksandliars.com
pragma
no-cache
date
Mon, 10 Jan 2022 15:35:55 GMT
cache-control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
expires
0
envelope
api.rlcdn.com/api/identity/ 		44 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=72
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
bidding
bids.proper.io/api/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.proper.io/api/bidding
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.210.253.33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-210-253-33.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 10 Jan 2022 15:35:55 GMT
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
rules-p-mEzuYq24VEJ-3.js
rules.quantcount.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:6600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8838c15a093042dda8446ae18d93db16218d1c8810dae5cfa21e0e889dc0ec68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:41:21 GMT
content-encoding
gzip
age
3483
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Wed, 03 Nov 2021 22:03:49 GMT
server
AmazonS3
etag
W/"ebff52074a206856b4f1993710373d93"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
YKsx8hj5KrnoPMoORFuZKjXsbecf1sI_9VM9mJphurkm_4UP4H6M4g==
ice.js
resources.infolinks.com/js/1777.009-3.025/ 		177 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1777.009-3.025/ice.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a371129a6e67d3eb2f475322a81243cf98611e5efcafdff660485b22bdfc1c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray
6cb6fa5b9b4268fd-FRA
date
Mon, 10 Jan 2022 15:35:55 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 05 Jan 2022 13:50:02 GMT
server
cloudflare
age
8560
etag
W/"2c41c-5d4d607ca5a45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
content-encoding
gzip
expires
Wed, 09 Feb 2022 13:13:15 GMT
/
geoip.insticator.com/json/ 		240 B
428 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.2.181.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-181-133.compute-1.amazonaws.com
Software
/
Resource Hash
2bffd27deccc4940c0be1a637adfdc98a16fb615ac0b0a8a6909624224ed65e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Mon, 10 Jan 2022 15:35:55 GMT
access-control-allow-credentials
true
x-database-date
Sun, 09 Jan 2022 22:25:18 GMT
content-length
240
vary
Origin
content-type
application/json
usertracking
b2c.insticator.com/v3/pages/ Frame 6649 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b2c.insticator.com/v3/pages/usertracking
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.234.103.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-103-215.compute-1.amazonaws.com
Software
/
Resource Hash
984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
content-type
text/html; charset=UTF-8
content-length
2821
etag
79ba8180-7602-460f-b08f-390f950f6751
vary
Accept-Encoding,Origin
pragma
max-age=3600
cache-control
max-age=3600
content-encoding
gzip
bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
df80k0z3fi8zg.cloudfront.net/files/instibid/ 		298 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:3e00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f0b4fe10b76015de9004e6dc22e8791f7d2dc251e00e02b00a365dfc4fa83945

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 08:57:40 GMT
content-encoding
br
last-modified
Mon, 10 Jan 2022 08:57:23 GMT
server
AmazonS3
age
23896
etag
W/"a90300a1d9b09c0277ec5ccb6d1eca99"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
r01ShsPvEJUMPinIdQ7wYwQHm1GTMun0
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-type
application/javascript
x-amz-cf-id
TTVJukDdBi4sTS_9x4bG4CowNOP1OVop394NkreNMx1uVOdY8S7rpg==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/95054/2912/ 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ac0bd9ccf76dab801b622a469ce0fd0959a1b359f3eae79c0c8d816285014ea2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
gzip
last-modified
Tue, 21 Dec 2021 17:49:57 GMT
server
Apache/2.2.15 (CentOS)
etag
"1121321-32dd5-5d3aba23180c8"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=163075
accept-ranges
bytes
content-type
text/javascript
content-length
65426
expires
Wed, 12 Jan 2022 12:53:50 GMT
config.js
confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/ 		472 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
986aad8897c676d490c46f0b03f18459b9e6fd31d3ede1f0886da9a66534cfa1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:35:55 GMT
Content-Encoding
gzip
Age
211
X-Cache
HIT
Connection
keep-alive
Content-Length
69512
x-amz-id-2
RntJkVs/GKKFK+jRSEbLu0yUN3SQR9QoLJvV67t0A7hfhHKPQmxj1oBfXIL9bCnqaEXyZ0TUwBo=
X-Served-By
cache-hhn4059-HHN
Last-Modified
Mon, 10 Jan 2022 14:49:33 GMT
Server
AmazonS3
X-Timer
S1641828955.496992,VS0,VE0
ETag
"cfc5e11f10a29afa6782c8310b0b3ee4"
x-amz-request-id
FS3TBWR6H4H30F5M
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
6
tag.min.js
get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
83af3eed9bc9713193f2ad86f6214e2554ec29f8022e054dcf696a10d59ff9d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
aT8uF5QDZCsxz_FuCjV0EGzNRrUyg9DX
content-encoding
gzip
last-modified
Thu, 17 Jun 2021 18:02:42 GMT
server
AmazonS3
age
40826
etag
W/"51ed6db266476896c6fe9a06992898e2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 d79861a030d3421826a919f9c2b00147.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Mon, 10 Jan 2022 04:15:30 GMT
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
aVcFkx-sb3MDRDElxMGHZ34AJAYQRmRyPo85qP6qCUmlAuDEgmMVyg==
index.html
auth.instiengage.com/auth/ Frame 0257 		73 B
427 B 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/index.html
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:3800:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb7e70becd9b9f29c4afe8b2b82eef24739e120c0abafc812e24c8362657f37d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

content-type
text/html
content-length
73
last-modified
Thu, 28 Oct 2021 14:58:38 GMT
x-amz-version-id
Z_9pWwT0klc7emOur8LDxIaKOSvjAB6l
accept-ranges
bytes
server
AmazonS3
date
Mon, 10 Jan 2022 15:30:59 GMT
etag
"d143b1e94cfb2dcb20bcad0f44fd1f0a"
x-cache
Hit from cloudfront
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
IBq2W9Z9OirsNt0GTDvp6tVWJBhXUnE1d7C7NDY5ztntydLLjAv07A==
age
575
cdb
bidder.criteo.com/ 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=29&wv=4.25.0&cb=30882462265&im=1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ 		484 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
46b048b983905049aa879341b18e8b731fd1094860c2fd0b7d46a0798da39417
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:35:55 GMT
X-Proxy-Origin
193.27.14.43; 193.27.14.43; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
8c7ad4c5-5826-48ea-8f0e-da710a4fe772
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://crooksandliars.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
484
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.25.0&referrer=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&tmax=1200
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.163.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-163-83.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:55 GMT
x-auction-status
17, 17, 17
content-type
application/json; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
display
mantodea.mantisadnetwork.com/prebid/ 		56 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/display?tz=0&buster=1641828955498&secure=true&version=9&mobile=false&title=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&measurable=true&property=5c7dc3ee68958f00125bb54c&bids[0][bidId]=crooksandliars_300x250&bids[0][sizes][0][width]=300&bids[0][sizes][0][height]=250&foo
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.147.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-147-122.compute-1.amazonaws.com
Software
/ Express
Resource Hash
ab8a2802bf3879ac0b6dae1c03b2adc6706750c2ceb633fbc20462f015385ea4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:55 GMT
x-powered-by
Express
etag
W/"38-MiNU0nrKJ+SIkBlwdCyxUbI2PR0"
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
56
expires
-1
hb
hb.undertone.com/ 		0
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3520&domain=crooksandliars.com
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-124.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:55 GMT
via
1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://crooksandliars.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
x-amz-cf-id
WbS1nNo_Hv5dvOBTLKz9MgUj4jOfjETkPYcbM3xwKBK5DJgWXRba5Q==
expires
Mon, 26 Jul 1997 05:00:00 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-109-174.fra56.r.cloudfront.net
Software
Server /
Resource Hash
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:27:15 GMT
content-encoding
gzip
age
519
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
05D1H4ZJPKJK1EK2319N
etag
1e39d25f07f5619925357b752ab10d04
vary
Accept-Encoding
x-amz-version-id
qkOcdGsoDUMvfWusL4m2BAijBZa3LkSN
via
1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
-e7QDuAck6xCdrfg_V2yRyUXGPgXHMxy9Qmx8JMGguMP9dJoScOn0Q==
/
hb.emxdgt.com/ 		0
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=1000&ts=1641828955500
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.57.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-57-46.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Mon, 10 Jan 2022 15:35:55 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
hb
ssc.33across.com/api/v1/ 		87 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
ac78a10789ce36d8ac70037de52ea213a4aca8de7595f039c1961525717df5d0

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
249430d69e27553764da0bc80dc0705aa5f80776c6785271020825a96dd1fd30

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
1a909107fab0dd34e9898b660689246a64f6b9b7f72627ee27f010992de6d85d

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
7ffa645ef842062bcbf4a9cbe8ad089b24fd8e4677be19f28ef363409460922f

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
bid
ap.lijit.com/rtb/ 		115 B
762 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.25.0
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
166abb06d677dd6657ba4a3940993b906a3801f4afb5f99d551d051fd1417fce

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 10 Jan 2022 15:35:55 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://crooksandliars.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
111
prebid
ib.adnxs.com/ut/v3/ 		479 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b42a34c9060e736fc7c941400a69fbd4be5441f6cbed8018eccbb5ba0d0054ae
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:35:55 GMT
X-Proxy-Origin
193.27.14.43; 193.27.14.43; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
53dee300-8969-4df9-9b3b-9e697f37c422
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://crooksandliars.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
479
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
propermedia-d.openx.net/w/1.0/ 		73 B
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://propermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&ch=UTF-8&res=1600x1200x24&ifr=true&tws=1600x1200&aus=728x90%2C970x90%2C970x250%7C160x600%2C300x250%2C300x600%7C160x600%2C300x250%2C300x600%7C300x250&auid=540403958%2C540403959%2C540403960%2C540403962&aumfs=900%2C100.00000000000001%2C100.00000000000001%2C100&dddid=ce8d2556-aefa-473e-9154-20d33608476e%2C17c62e7c-3310-4bf5-b055-a3b5cc692b48%2Cceae1984-f49f-4ef7-9684-ab5aa539fbca%2C9dd49951-f59e-4e98-9a50-b23e6d13e2c7&divIds=openx-ee157515-c703-49ba-b9f7-cb968d53a3af%2Copenx-825e0e63-b011-421a-99bf-a4fcd68c07de%2Copenx-32162431-cd8c-4e22-add6-482ca53ab217%2Copenx-02424864-5f01-41ff-a7a4-c61cbc376a8b&be=1&bc=hb_pb_3.0.1&nocache=1641828955503&schain=1.0%2C1!proper.io%2Ce5963be0-eb92-11e9-a488-69e3386c7506%2C1&id5id=0&_pubcid=608a8c59-2913-4689-8fc5-8eff4d015c14
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
0213bc44ead6718b244d5a465c655a164c2eafad5fcca094b54a6270574772c1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://crooksandliars.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
0
headertag
as-sec.casalemedia.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headertag?v=9&s=161112&r=%7B%22id%22%3A%22441218008%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his%22%2C%22ref%22%3A%22%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22728x90-1-YMgci%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-1-YMgci%22%2C%22siteID%22%3A333149%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22160x600-1-koZ8i%22%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22160x600-1-koZ8i%22%2C%22siteID%22%3A333149%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22160x600-2-m6umG%22%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22160x600-2-m6umG%22%2C%22siteID%22%3A333149%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x250-1-kAzeX%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-1-kAzeX%22%2C%22siteID%22%3A333149%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x250-2-hWOf6%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-2-hWOf6%22%2C%22siteID%22%3A333149%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x250-3-WaVIj%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-3-WaVIj%22%2C%22siteID%22%3A333149%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x600-1-iz7jj%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x600-1-iz7jj%22%2C%22siteID%22%3A333149%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x600-2-HRYgp%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x600-2-HRYgp%22%2C%22siteID%22%3A333149%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22970x250-1-ZfY6m%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22970x250-1-ZfY6m%22%2C%22siteID%22%3A333149%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5963be0-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%7D&t=300&fn=window.proper_f45d2b45_c371f1bb_3
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a1f83e9fba03728f15ed3378e7510ca4168cdd47a193061c957e70f248f3b27f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:35:55 GMT
Content-Encoding
gzip
X-AK-INITIAL-GEO
CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.43], XFF:[]
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
Content-Type
text/javascript
X-CS-CLIENT-GEO
12
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1462
X-AK-CLIENT-GEO
12
Expires
Mon, 10 Jan 2022 15:35:55 GMT
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=pn5JiZ1w14hHksqGyAziYrrZ&bidId=pn5JiZ1w14hHksqGyAziYrrZ&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&id5uid=%5Bobject%20Object%5D&pubcid=524a21c7-7a2e-45fe-ab5f-2e2e1aa6dc54&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5963be0-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.246.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-246-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Mon, 10 Jan 2022 15:35:55 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=qEuK1gtPXLZNEzojFC4yxwTf&bidId=qEuK1gtPXLZNEzojFC4yxwTf&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&id5uid=%5Bobject%20Object%5D&pubcid=524a21c7-7a2e-45fe-ab5f-2e2e1aa6dc54&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5963be0-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.246.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-246-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Mon, 10 Jan 2022 15:35:55 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=KPmFNstvKZhZoZkaJi8hg4Po&bidId=KPmFNstvKZhZoZkaJi8hg4Po&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&id5uid=%5Bobject%20Object%5D&pubcid=524a21c7-7a2e-45fe-ab5f-2e2e1aa6dc54&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5963be0-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.246.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-246-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Mon, 10 Jan 2022 15:35:55 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=QJJoshB5L8QGo1Z8uwJS6UtJ&bidId=QJJoshB5L8QGo1Z8uwJS6UtJ&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&id5uid=%5Bobject%20Object%5D&pubcid=524a21c7-7a2e-45fe-ab5f-2e2e1aa6dc54&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5963be0-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.246.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-246-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Mon, 10 Jan 2022 15:35:55 GMT
access-control-allow-credentials
true
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ 		593 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8777&site_id=238568&zone_id=1176710&size_id=2%3B15%3B15%3B15&alt_size_ids=57%3B9%2C10%3B9%2C10%3B&rp_floor=0.1%3B0.10000000000000002%3B0.10000000000000002%3B0.1&rp_secure=1&tk_flint=pbjs_lite_v3.2.0&x_source.tid=5983ae51-182d-4254-be32-8003be604fe1%3B9ee206a2-b3b5-41f0-a01a-338bf86e2abf%3B34dbb340-675b-4a9a-a9cd-580a8f4a019f%3B8653ea95-c44f-4736-8316-dc7c63689996&p_screen_res=1600x1200&tg_fl.eid=1176710-5%3B1176710-1%3B1176710-2%3B1176710-3&rf=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&x_source.pchain=proper.io%3Ae5963be0-eb92-11e9-a488-69e3386c7506&ppuid=524a21c7-7a2e-45fe-ab5f-2e2e1aa6dc54&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=608a8c59-2913-4689-8fc5-8eff4d015c14%5E1&rp_schain=1.0%2C1!proper.io%2Ce5963be0-eb92-11e9-a488-69e3386c7506%2C1&slots=4&rand=0.8273128466686135
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
637d414442545af9528d885e9a00356bbc0466ed608d80b9cb2a6220d5f648b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:35:55 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://crooksandliars.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
593
Expires
Wed, 17 Sep 1975 21:32:10 GMT
mvo
tag.1rx.io/rmp/78983/0/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/78983/0/mvo?z=1r&hbv=4.25,2.1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://crooksandliars.com
pragma
no-cache
date
Mon, 10 Jan 2022 15:35:55 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ 		165 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
d89ddf30ec7c8687516d93e8cdcdd2b892d47e6fd7cd166cdb839283203edf5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
gzip
last-modified
Fri, 30 Jul 2021 21:19:34 GMT
server
Apache/2.2.15 (CentOS)
etag
"16a1416-29219-5c85dc6abdd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=158166
accept-ranges
bytes
content-type
text/javascript
content-length
54050
expires
Wed, 12 Jan 2022 11:32:01 GMT
sr
capi.connatix.com/tr/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/sr?v=144775
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.50.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-50-229.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 10 Jan 2022 15:35:54 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
1a2a6e34-072c-420f-91f8-cbaa0cdc74e0.bin
vid.connatix.com/7fabf066-9119-47b6-8d5a-54f2dec2ab75/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/7fabf066-9119-47b6-8d5a-54f2dec2ab75/1a2a6e34-072c-420f-91f8-cbaa0cdc74e0.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7a591f4319432694f7856ed068d5cbc848aa46b72209c87afcab79d80f8c67cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
gzip
last-modified
Mon, 10 Jan 2022 06:33:21 GMT
age
32483
etag
"cffb7080f2868a1088af4f3e6e624d21"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
786
roboto-regular.woff
prod-static.yappaapp.com/assets/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://prod-static.yappaapp.com/assets/roboto-regular.woff
Requested by
Host: prod-static.yappaapp.com
URL: https://prod-static.yappaapp.com/assets/roboto.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c000:6:6801:f140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7838acd6a8bd0836972523ffbe20c9745d03b07d89968d9cc9bc57f46e567895

Request headers

Referer
https://prod-static.yappaapp.com/assets/roboto.css
Origin
https://crooksandliars.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 06:43:13 GMT
via
1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
age
236086
x-cache
Hit from cloudfront
content-length
20924
last-modified
Tue, 14 Dec 2021 12:10:17 GMT
server
AmazonS3
etag
"b3be96cbbfd0ff1f3ba3c7c2f58c1441"
access-control-max-age
0
access-control-allow-methods
GET
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=259200
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
nMXq5dGBT_74tCwCv0c0ae7dbgUAdRNfrRQjkX5qLzm0n1GSNJj4lw==
expires
Wed, 21 May 2025 00:00:00 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		375 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d7fcc6fcc8f7cad5e4057c7add47caf4bf89bf5368158fe7a7285c0f63a1733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126524
x-xss-protection
0
expires
Mon, 10 Jan 2022 15:35:55 GMT
pls
capi.connatix.com/core/ Frame 3C9B 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/pls?v=144775
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.50.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-50-229.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
8cbe9bda008b0507a0076c7dd3b03c6074bd4d48817234e897cb9940581947a5

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
2280
1.png
img.connatix.com/d60f5cfc-7f17-427b-8453-12b256768837/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/d60f5cfc-7f17-427b-8453-12b256768837/1.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ba1ab31c0baa328a01132704ed3c7f669e8e92485a64517ae1b0cc3ecb67029e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
br
age
2023659
etag
"6RuZS0nK8heEMrc/ff4Z1iAw8+otXxH/g5bcQ2H81vs"
access-control-max-age
86400
fastly-io-info
ifsz=12625 idim=108x87 ifmt=png ofsz=11693 odim=108x87 ofmt=png
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/png
content-length
11679
/
conversations.yappaapp.com/ Frame 0CA7 		662 B
633 B 		Document
General
Check archive.org
Download Go to
Full URL
https://conversations.yappaapp.com/?url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&content-id=&disable-ads=false&enable-auth-token-exchange=false&widget-type=undefined
Requested by
Host: comments.yappaapp.com
URL: https://comments.yappaapp.com/embed/yappa-comments.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1102609ea6a0c6229b8bc92bbaa3b814c24f89191954f8141b902f42d2705272

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
content-type
text/html
last-modified
Tue, 14 Dec 2021 12:12:55 GMT
cache-control
public, max-age=0, s-maxage=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rweQHOrqRgO%2BgqbK6Cho%2BWLeQVVtPmGloel1tf0TJOAk34k9aIjoUQZQCspt4RSd6eBaa%2BAMvoW%2FRgddEmfKO8MO9FK9XEBYlhEU54lar80AVjGp8LrPKWX9fgAEUe7mQnxz7ST7O1LZOL8Ssb3Zck5bcyvczz02Hw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6cb6fa5cac3d2199-DUS
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pubads_impl_2022010402.js
securepubads.g.doubleclick.net/gpt/ 		348 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
dbd5e5c6f492cb57725acb0285b903b83c24dfe4337eea573ff6e6168733156a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119548
x-xss-protection
0
last-modified
Tue, 04 Jan 2022 15:59:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 10 Jan 2022 15:35:55 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		327 B
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=crooksandliars.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
3e9e01354478cafbb69fea2c888c0d78a467f5fa137b6c51bde283bfd2a234cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
151
x-xss-protection
0
expires
Mon, 10 Jan 2022 15:35:55 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 6A5A 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-109-174.fra56.r.cloudfront.net
Software
Server /
Resource Hash
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:27:15 GMT
content-encoding
gzip
age
519
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
05D1H4ZJPKJK1EK2319N
etag
1e39d25f07f5619925357b752ab10d04
vary
Accept-Encoding
x-amz-version-id
qkOcdGsoDUMvfWusL4m2BAijBZa3LkSN
via
1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
8q9-D8QltlH4n4UU-FLmIifcXpbzsH-j4I7FTMNQQo7ojoFGDZGATA==
pixel;r=1610363640;labels=type.article%2Csite.Crooks%20and%20Liars;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his;uht=2;fpan=1;...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1610363640;labels=type.article%2Csite.Crooks%20and%20Liars;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his;uht=2;fpan=1;fpa=P0-882604230-1641828955639;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=crooksandliars.com;je=0;sr=1600x1200x24;dst=0;et=1641828955639;tzo=0;ogl=title.Bannon%E2%80%99s%20AntiVax%20'Correspondent'%20Blames%20COVID%20On%20Biden%252C%20BLM%252C%20Antifa%2Curl.http%3A%2F%2Fcrooksandliars%252Ecom%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his%2Ctype.article%2Csite_name.Crooks%20and%20Liars%2Cimage.http%3A%2F%2Fcrooksandliars%252Ecom%2Ffiles%2Fmediaposters%2F2022%2F01%2F49279%252Ejpg%2Cimage%3Awidth.1200%2Cimage%3Aheight.674%2Cdescription.Real%20America's%20Voice%20%22correspondent%22%20Ben%20Bergquam%20has%20been%20hospitalized%20with%20the%2Ctwitter%3Aimage%3Asrc.http%3A%2F%2Fcrooksandliars%252Ecom%2Ffiles%2Fmediaposters%2F2022%2F01%2F49279%252Ejpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:55 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
local_storage_frame16.min.html
assets.bounceexchange.com/assets/bounce/ Frame 8F9E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_59172a559156a275174986debedb08b4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f2f11e4d45030f1f21ec7d3ae67a65b83c4c67016fe861fbebdff04ca0c8cd60

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

x-guploader-uploadid
ADPycdsvaS1_fNW9r9KNy8pti7p7MlT89U5UfI9Mx9hdCkt9wEyFXnwY81gK6mLmeTQmhdLJAM4RkeRzIUEPC1cfJVZ8Su6wPQ
date
Thu, 16 Dec 2021 11:11:35 GMT
expires
Fri, 16 Dec 2022 11:11:35 GMT
last-modified
Sat, 11 Dec 2021 16:19:57 GMT
etag
"b8c50f18cc5fed1c5c680e124f7d03d5"
x-goog-generation
1639239597546174
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
1055
content-type
text/html; charset=UTF-8
content-encoding
gzip
x-goog-hash
crc32c=rMxtkA== md5=uMUPGMxf7RxcaA4ST30D1Q==
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
vary
Accept-Encoding
content-length
1055
access-control-allow-origin
*
access-control-expose-headers
etag Content-Type
server
UploadServer
cache-control
public,max-age=31536000
age
2175860
alt-svc
clear
bundle.js
auth.instiengage.com/auth/ Frame 0257 		76 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/bundle.js
Requested by
Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:3800:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f24a6a7d78e4a99caf119573507d8ccd650d0919ad9c647441b86d10dc1c8f85

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://auth.instiengage.com/auth/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
jkvVs5l1bdD4_CiNx2O8LCKAIlX14uq9
content-encoding
gzip
last-modified
Thu, 28 Oct 2021 14:58:37 GMT
server
AmazonS3
age
294
etag
W/"3f019eeba204464fe4c8dad30cf9150b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
date
Mon, 10 Jan 2022 15:31:02 GMT
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
s4RMVqXtlr5ueNQsZ893H6NjbSFyeikLOwR94hcDQCnXmyuSIpLl2w==
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcrooksandliars.com%2F&domain=crooksandliars.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://crooksandliars.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
https://crooksandliars.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1206
date
Mon, 10 Jan 2022 15:35:55 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcrooksandliars.com%2F&domain=crooksandliars.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=j-u_13xPdlJqTXI4YlR2YTRRL3VUUzZWVElZcElPR2ROMEozcVpVV0lrUjJyYmlYSjlMNmE4OEdUS0swMGRabGZCRHlHekl6RUh0NitlNE9XQ0dCeDlVblhDUm1sK1F0MGtxUDluNTVmZjhiVE5zMHpibTlGTDZLdmlaZX...
342 B
613 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=j-u_13xPdlJqTXI4YlR2YTRRL3VUUzZWVElZcElPR2ROMEozcVpVV0lrUjJyYmlYSjlMNmE4OEdUS0swMGRabGZCRHlHekl6RUh0NitlNE9XQ0dCeDlVblhDUm1sK1F0MGtxUDluNTVmZjhiVE5zMHpibTlGTDZLdmlaZXp4dEx3Mm5KbVk1RzY4ZDN5U1NWYlQ0VjBXVTF6R1QzcTROMzJ4UGxwS1dKMnVhRFZRKzF0ZGFlYy9jd1ppU3hlZlhDbFliNnBUcEZycHVscjIwckdsejhwUE1mSHE4ditCeW1RT3phK0FGVkM0N3pKcTdBPXw&cppv=2
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
80254c5d2966b83ca375d8ffcc626d1ba39dcc6e4e3653218a92a37c14b09d57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2643
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:55 GMT
location
https://mug.criteo.com/sid?cpp=j-u_13xPdlJqTXI4YlR2YTRRL3VUUzZWVElZcElPR2ROMEozcVpVV0lrUjJyYmlYSjlMNmE4OEdUS0swMGRabGZCRHlHekl6RUh0NitlNE9XQ0dCeDlVblhDUm1sK1F0MGtxUDluNTVmZjhiVE5zMHpibTlGTDZLdmlaZXp4dEx3Mm5KbVk1RzY4ZDN5U1NWYlQ0VjBXVTF6R1QzcTROMzJ4UGxwS1dKMnVhRFZRKzF0ZGFlYy9jd1ppU3hlZlhDbFliNnBUcEZycHVscjIwckdsejhwUE1mSHE4ditCeW1RT3phK0FGVkM0N3pKcTdBPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1943
content-length
482
expires
0
/
onetag-geo.s-onetag.com/ 		555 B
971 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-41.fra56.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 19:08:25 GMT
via
1.1 29f7132906866b79866659848b3a3b69.cloudfront.net (CloudFront), 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
age
73650
x-amzn-requestid
fe55944c-1c4b-4e11-923f-4587c59dda3d
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P3, FRA56-P5
x-amz-apigw-id
LsTaeFX4CYcFyVw=
content-length
555
x-amz-cf-id
zqWdOrD1S1Sl7ETZ33AkCzNK1FJaoGXWznrdWZldmAkZiHpNk29rxg==
beacon.min.js
signal-beacon.s-onetag.com/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-29.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
958d46af4272fd75603fbcd0680896efbe73e2609987de68b0665500e607a6d5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
FFoz53cfgEbfQogHib76iTyL1K5X37BJ
content-encoding
gzip
etag
W/"ea838863b2b3bf40d1353c99808a5464"
last-modified
Tue, 09 Nov 2021 13:26:48 GMT
server
AmazonS3
age
12422
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Mon, 10 Jan 2022 12:08:54 GMT
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
W6ZDYY97dBBDsLaK6IjLncjIY3TW3A553PsX1NyqyKhB4IHFH84WqQ==
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202201060907/ 		186 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202201060907/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
34c32eeae87ec0ddd2efd4762a8fc9c0aeca9cade89f466923ad23ff8bb849a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:35:55 GMT
Content-Encoding
gzip
Age
267
X-Cache
HIT
Connection
keep-alive
Content-Length
60869
x-amz-id-2
R71lTCt+DSML/xJAXu47jNOzBTg2Zmm1tpInDQCF4zz+sLczsDLCyhcTlEyhWagYnXCtLEoTDXc=
X-Served-By
cache-hhn4059-HHN
Last-Modified
Thu, 06 Jan 2022 14:12:48 GMT
Server
AmazonS3
X-Timer
S1641828956.735042,VS0,VE0
ETag
"1182e09311a5320d3c428f2adc809ed0"
x-amz-request-id
ABE4VM94QHNTAVG0
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
511
ao
capi.connatix.com/tr/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ao?v=144775
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.50.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-50-229.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 10 Jan 2022 15:35:54 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
g
capi.connatix.com/rtb/ 		124 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/rtb/g?v=144775
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.50.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-50-229.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
81d9a567b6d4a27c0ede6829ff56307a3522d28394418e31bcaa53eae310c995

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
125
ps
capi.connatix.com/tr/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ps?v=144775
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.50.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-50-229.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 10 Jan 2022 15:35:54 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
5db029b4-f871-4845-995f-bc64a72de815.jpg
img.connatix.com/7fabf066-9119-47b6-8d5a-54f2dec2ab75/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/7fabf066-9119-47b6-8d5a-54f2dec2ab75/5db029b4-f871-4845-995f-bc64a72de815.jpg?crop=600:410,smart&width=600&height=410&format=jpeg&quality=60&fit=crop
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
454f1b58ed74d45febd1bc926050f98145593ca8c15917f84ba3e8adb3977ccb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
br
age
32481
etag
"HLq8sn7sV4dvFdxPINvZq3O/+XRwy5IeQNLU8OD1mJ8"
access-control-max-age
86400
fastly-io-info
ifsz=1058971 idim=1276x542 ifmt=png ofsz=21814 odim=600x410 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
21418
manage
router.infolinks.com/usync/ Frame D7C8 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/manage?pid=3325427&wsid=0&pdom=crooksandliars.com&purl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1777.009-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0013c88ee4495a861519f66361d12a922b234de71d5fdd9dce84a74ffae48963

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

date
Mon, 10 Jan 2022 15:35:56 GMT
content-type
text/html;charset=UTF-8
cache-control
no-store
p3p
CP="NON DSP NID OUR COR"
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6cb6fa5df8eb68fd-FRA
content-encoding
gzip
lcmanage
router.infolinks.com/usync/ 		0
67 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/lcmanage?pid=3325427&wsid=0&pdom=crooksandliars.com&purl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1777.009-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control
no-store
cf-ray
6cb6fa5df8ed68fd-FRA
content-length
0
gsd
router.infolinks.com/ 		317 B
524 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/gsd?evt=afterGSD&pid=3325427&pdom=crooksandliars.com&purl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&jsv=1777.009-3.025&_cb=16418289558260
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1777.009-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1129654ac52be55932cbe8483d6c8b6cc7e5124f054aafd34b0f05d04fe806e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:55 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
text/javascript;charset=UTF-8
content-encoding
gzip
cache-control
max-age=0
cf-ray
6cb6fa5df8f168fd-FRA
expires
Thu, 01 Jan 1970 00:00:00 GMT
insticator
insticator.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://insticator.technoratimedia.com/openrtb/bids/insticator?src=prebid_prebid_4.43.4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://crooksandliars.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Mon, 10 Jan 2022 15:35:56 GMT
access-control-allow-headers
content-type
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
342001598
age
0
via
1.1 varnish
openrtb
ex.ingage.tech/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://crooksandliars.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 10 Jan 2022 15:35:56 GMT
content-length
0
vary
Origin, Access-Control-Request-Headers
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers
content-type
access-control-max-age
3600
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6cb6fa5eb905233d-ZRH
hb
ssc.33across.com/api/v1/ 		65 B
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bfg5H-dWur64rQaKlId8sQ
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
20c2d1666247904f1e30dc9d1f03e66d8a2a90ec11594aed6f1572561e892e1c

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
hb
ssc.33across.com/api/v1/ 		65 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bi21t-dWur64rQaKlId8sQ
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
4b8b57482dc1388a35edd1d44221fed0bf18ec4248a9b101ec2e8df01192b708

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
hb
ssc.33across.com/api/v1/ 		65 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=a7MD9EdWur64rQaKlId8sQ
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
8910eda6921f46c9c05c0b9ec5a1700b07db92583767107dabef4e4b498b3df9

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
hb
ssc.33across.com/api/v1/ 		65 B
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=baGR9kdWur64rQaKlId8sQ
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
3ee631c3f6b123d42207c89e8e6d8a31cfc857829f5c9104f923e759bed3afd3

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
hb
ssc.33across.com/api/v1/ 		65 B
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bfg5H-dWur64rQaKlId8sQ
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
6dd9dc02e883c609cfdcf09de45bcb001f9f47a57496ff8fe082d745906c41af

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
hb
ssc.33across.com/api/v1/ 		64 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bi21t-dWur64rQaKlId8sQ
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
9ccc9714fd4c1a6a0bb7c531cac3bc1264568b78f5205066889808c339771521

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
insticator
insticator.technoratimedia.com/openrtb/bids/ 		0
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://insticator.technoratimedia.com/openrtb/bids/insticator?src=prebid_prebid_4.43.4
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 10 Jan 2022 15:35:56 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
324078136
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
prebid-request
onetag-sys.com/ 		15 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://crooksandliars.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
mvo
tag.1rx.io/rmp/235073/0/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/235073/0/mvo?z=1r&hbv=4.43.4,2.1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://crooksandliars.com
pragma
no-cache
date
Mon, 10 Jan 2022 15:35:55 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
openrtb
ex.ingage.tech/v1/ 		2 KB
944 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ab8da720d07fe4cb6ff1307d2f8663d410bd72a13f1d70150e3b8b951c4654a

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 10 Jan 2022 15:35:56 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
cf-ray
6cb6fa6068b5374a-MXP
prebid
ib.adnxs.com/ut/v3/ 		700 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
1c62070a452c4d13bbdd242bb89363ad291428e0c3d6caede17cc28e71203682
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 10 Jan 2022 15:35:55 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
193.27.14.43; 193.27.14.43; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
97a0d593-b668-413a-b87e-aa1506f2661c
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://crooksandliars.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		699 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
ab0bd339a2bb4364ba2966bb9274e9845df3eee8b6ea37e4967e5cd010f7304f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 10 Jan 2022 15:35:55 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
193.27.14.43; 193.27.14.43; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
86bc7b10-20a3-46fe-8f74-b6ac3c0ae954
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://crooksandliars.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
hb.emxdgt.com/ 		0
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1641828955902&src=pbjs
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.57.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-57-46.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Mon, 10 Jan 2022 15:35:55 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
arj
insticator-d.openx.net/w/1.0/ 		73 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://insticator-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=8111d38c-c7c5-4f2d-8a3c-8d8d6162a9ae%2C7c70507a-8dc1-48bf-ad24-a5a4e33245b6%2C6f1a8d50-c701-4a07-988b-28b115ed5f6e%2C2836fe49-c755-41de-a33d-2c39f4a707f1%2Ccb7c5ed5-2795-484c-a97c-c152f598f5dc%2C48589611-079f-4ea1-88f4-b820a5bece73&nocache=1641828955904&id5id=0&pubcid=94ef7167-44e2-4f9b-a8f8-c7b1073b8734&schain=1.0%2C1!insticator.com%2Cecf2723f-6eaf-4718-a72f-4d6205343dab%2C1%2C%2C%2C&aus=320x50%2C300x250%2C336x280%7C320x50%2C300x250%2C336x280%7C320x50%2C300x250%2C336x280%7C320x50%2C300x250%2C336x280%7C320x50%2C300x250%2C336x280%7C320x50%2C300x250%2C336x280&divids=div-insticator-ad-3%2Cdiv-insticator-ad-4%2Cdiv-insticator-ad-cmt-1%2Cdiv-insticator-ad-cmt-2%2Cdiv-insticator-ad-cmt-3%2Cdiv-insticator-ad-cmt-4&aucs=%2C%2C%2C%2C%2C&auid=543540054%2C543540054%2C543540054%2C543540054%2C543540054%2C543540054
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
b459607bb7efdc1c777bd357a45f72b10e16b20f1e5632dd10eb9d5781adb9be

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://crooksandliars.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
dmx.districtm.io/b/ 		0
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
cf-ray
6cb6fa5ebfa64e98-FRA
access-control-allow-headers
Content-Type, Origin
v1
dmx.districtm.io/b/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
cf-ray
6cb6fa5ebfa84e98-FRA
access-control-allow-headers
Content-Type, Origin
c
prebid.a-mo.net/a/ 		0
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Mon, 10 Jan 2022 15:35:55 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
2
vary
origin, Accept-Encoding
bid
ap.lijit.com/rtb/ 		95 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.4
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
effdb42581d0ff03e56f43d6a62d50267ba1087d9ba84e7d6214dfed9d0986ca

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 10 Jan 2022 15:35:55 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://crooksandliars.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
fastlane.json
fastlane.rubiconproject.com/a/api/ 		837 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17062&site_id=154346&zone_id=733758%3B733762%3B733754%3B733756%3B733758%3B733762&size_id=15&alt_size_ids=16%2C43&rp_schain=1.0,1!insticator.com,ecf2723f-6eaf-4718-a72f-4d6205343dab,1,,,&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=94ef7167-44e2-4f9b-a8f8-c7b1073b8734%5E1&rf=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&tk_flint=pbjs_lite_v4.43.4&x_source.tid=16acb244-a94d-4f1f-bf6e-c2ce89e9af28%3B16159f4e-4337-4ce2-b0f0-c0b59d451117%3B38109e9a-36c2-417c-8991-fc37d40a6d54%3B02581471-0ed3-4205-b48f-f64120c0bc5e%3B4a53d15a-66c8-49f6-9a9b-8dc90d0e6dff%3B7cb7f966-af31-4733-9e13-61617a38a2e6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=6&rand=0.09887167132513541
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
6db0db45a211f4a6d9bba32c50d6c208ec95a0601927791de0eb9dad4dc90683

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:35:56 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://crooksandliars.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
837
Expires
Wed, 17 Sep 1975 21:32:10 GMT
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=18037&pi=3&bf=300x250%2C336x280&schain=1.0%2C1!insticator.com%2Cecf2723f-6eaf-4718-a72f-4d6205343dab%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.4%22%7D&ogu=http%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&ns=9830
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1e053bd99cf697a58e1e0c5192a13c7035b61a1f81e0b4c28f12833fd034321b

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:56 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://crooksandliars.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=18038&pi=3&bf=300x250%2C336x280&schain=1.0%2C1!insticator.com%2Cecf2723f-6eaf-4718-a72f-4d6205343dab%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.4%22%7D&ogu=http%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&ns=9830
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
62ef3f35e05829f05a938328c077400b7937140e4936d00dae1a68efd878656f

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:56 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://crooksandliars.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=81515&pi=3&bf=300x250%2C336x280&schain=1.0%2C1!insticator.com%2Cecf2723f-6eaf-4718-a72f-4d6205343dab%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.4%22%7D&ogu=http%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&ns=9830
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6034ef66d58adbe1313bfe3cc17a0afd15316cedb10e75b6b4efe39df03519b4

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:56 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://crooksandliars.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=81516&pi=3&bf=300x250%2C336x280&schain=1.0%2C1!insticator.com%2Cecf2723f-6eaf-4718-a72f-4d6205343dab%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.4%22%7D&ogu=http%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&ns=9830
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e937e6636b7dda33402ca7899484227e744ab126566bae037c6195f5aab0478

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:56 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://crooksandliars.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=81517&pi=3&bf=300x250%2C336x280&schain=1.0%2C1!insticator.com%2Cecf2723f-6eaf-4718-a72f-4d6205343dab%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.4%22%7D&ogu=http%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&ns=9830
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8941f55ce38f172b17086023856f60ef45f68b1abcec4db60b88a3ef16d695b1

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:56 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://crooksandliars.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=81518&pi=3&bf=300x250%2C336x280&schain=1.0%2C1!insticator.com%2Cecf2723f-6eaf-4718-a72f-4d6205343dab%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.4%22%7D&ogu=http%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&ns=9830
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
322d976642feb8a836b55bf9204647bc8c505842da8a465b1107d819b8ed9516

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:56 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://crooksandliars.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
trinity.json
apex.go.sonobi.com/ 		205 B
780 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22100b2dfa8cc3e61%22%3A%22708b11912afbdf6f60d3%7C320x100%2C320x50%2C300x250%2C336x280%22%2C%22101aacbaf47a4e5c%22%3A%22facd47fdd540379a2ff7%7C320x100%2C320x50%2C300x250%2C336x280%22%2C%221026d4d16eab23a8%22%3A%22edec79958bb6d03283ff%7C320x100%2C320x50%2C300x250%2C336x280%22%2C%22103e4b68a4660a06%22%3A%222001df652e022dbf3b32%7C320x100%2C320x50%2C300x250%2C336x280%22%2C%22104a29e1e56cb8c7%22%3A%22708b11912afbdf6f60d3%7C320x100%2C320x50%2C300x250%2C336x280%22%2C%22105b94069fed1bda%22%3A%22facd47fdd540379a2ff7%7C320x100%2C320x50%2C300x250%2C336x280%22%7D&ref=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&s=70c994bb-acb6-4d97-81ee-7cb0e40aed3f&pv=4b79089b-75c8-4f06-8b53-3aac82ec9edc&vp=desktop&lib_name=prebid&lib_v=4.43.4&us=50&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%22ecf2723f-6eaf-4718-a72f-4d6205343dab%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22id5id%22%3A%220%22%2C%22pubcid%22%3A%2294ef7167-44e2-4f9b-a8f8-c7b1073b8734%22%7D&eids=%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2294ef7167-44e2-4f9b-a8f8-c7b1073b8734%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
01faf18c8eec9dde1557cc1ebb093733c53a1b432623c5e56ea3e499eea7c914
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:35:56 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-128
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://crooksandliars.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
163
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		716 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
cbdcf54f5d42211db2ab2b2381c1d1334c2db619602f74f82848e21614a419e1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 10 Jan 2022 15:35:55 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
193.27.14.43; 193.27.14.43; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
229962a8-5a90-4ab2-82a6-78f6b604bcc8
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://crooksandliars.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=579236&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221130554c77538a37%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A6%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A6%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.4%22%2C%22userIds%22%3A%5B%22id5id%22%2C%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%22ecf2723f-6eaf-4718-a72f-4d6205343dab%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221144f52361e71bd5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22579236%22%2C%22sid%22%3A%22320x100%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A100%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22115e1ba835778ae5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22579236%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22116faa0baa890b15%22%2C%22ext%22%3A%7B%22siteID%22%3A%22579236%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22117dc787f8ec4978%22%2C%22ext%22%3A%7B%22siteID%22%3A%22579236%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22118f30895aba087a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22579236%22%2C%22sid%22%3A%22320x100%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A100%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2211994358f768ae5a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22579236%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221207593f0255db28%22%2C%22ext%22%3A%7B%22siteID%22%3A%22579236%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2212151fb7d60bae5f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22579236%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22122253f0202af3ac%22%2C%22ext%22%3A%7B%22siteID%22%3A%22579237%22%2C%22sid%22%3A%22320x100%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A100%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22123327a488d7c1b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22579237%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22124437e90a877a31%22%2C%22ext%22%3A%7B%22siteID%22%3A%22579237%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22125d21643462547e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22579237%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22126fd123ad8f5436%22%2C%22ext%22%3A%7B%22siteID%22%3A%22579237%22%2C%22sid%22%3A%22320x100%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A100%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22127c4dee3d7b51be%22%2C%22ext%22%3A%7B%22siteID%22%3A%22579237%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22128cb2003e5d98c7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22579237%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22129d048d3bf6c688%22%2C%22ext%22%3A%7B%22siteID%22%3A%22579237%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22130aa66c3621c3d7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22579237%22%2C%22sid%22%3A%22320x100%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A100%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22131dfa5e74b17955%22%2C%22ext%22%3A%7B%22siteID%22%3A%22579237%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221329aef89de592e4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22579237%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22133ccc2251310d2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22579237%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22134f66a47408f815%22%2C%22ext%22%3A%7B%22siteID%22%3A%22579237%22%2C%22sid%22%3A%22320x100%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A100%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22135420d10f14adf9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22579237%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221369bab645f98d39%22%2C%22ext%22%3A%7B%22siteID%22%3A%22579237%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22137d44ea41bd1788%22%2C%22ext%22%3A%7B%22siteID%22%3A%22579237%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ff6148c387eccc3429992beeec33ddd0a4608155c89e97f55da8c55aa303dc5f

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:56 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.43], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://crooksandliars.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
2086
x-ak-client-geo
12
expires
Mon, 10 Jan 2022 15:35:56 GMT
settings
syndication.twitter.com/ Frame 425E 		232 B
447 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=4d18422db88527a4373075524b44338770582ea7
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fcrooksandliars.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time
105
date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
gzip
last-modified
Mon, 10 Jan 2022 15:35:56 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
822b764e599040dfe6fb65eec88c99a443962becfad9e71aed8f10e94e303c93
content-length
166
insights.bin
ins.connatix.com/0f8c5ab0-5019-46db-b52f-0b43b776490b/4/ Frame 3C9B 		92 B
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/0f8c5ab0-5019-46db-b52f-0b43b776490b/4/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
732cde5447c457c1d068340db6b2c5ea8c8aa2e3580b52d5ddd2b6b70df80487

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 18:17:43 GMT
age
495036
etag
"aa88731ed62fc23d0e7676b1612e7718"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
106
sr
capi.connatix.com/tr/ Frame 3C9B 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/sr?v=144775
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.50.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-50-229.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
4_media.bin
vid.connatix.com/0f8c5ab0-5019-46db-b52f-0b43b776490b/ Frame 3C9B 		282 B
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/0f8c5ab0-5019-46db-b52f-0b43b776490b/4_media.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a1dce8675b1d4112cccf82d715db0d58289d2709a19910bc91bbfb356867cb03

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 18:17:43 GMT
age
446220
etag
"44c15264a40b842fa3b5e266359bbb42"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
245
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 3C9B 		375 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d7fcc6fcc8f7cad5e4057c7add47caf4bf89bf5368158fe7a7285c0f63a1733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126524
x-xss-protection
0
expires
Mon, 10 Jan 2022 15:35:56 GMT
5db029b4-f871-4845-995f-bc64a72de815.jpg
img.connatix.com/7fabf066-9119-47b6-8d5a-54f2dec2ab75/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/7fabf066-9119-47b6-8d5a-54f2dec2ab75/5db029b4-f871-4845-995f-bc64a72de815.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f1ccdf09adebe92ab445c323413d4d59dcdfba58ac9c9e51fabe63e0b17ce11a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:56 GMT
content-encoding
br
age
32481
etag
"NgYHxZmC9qPC08r8PiE/4q4eN4k2ZEibmgn0nt8ByBc"
access-control-max-age
86400
fastly-io-info
ifsz=1058971 idim=1276x542 ifmt=png ofsz=19465 odim=600x338 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
19100
779cf36b-1b9b-4076-82da-87c72aef9308.jpg
img.connatix.com/7fabf066-9119-47b6-8d5a-54f2dec2ab75/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/7fabf066-9119-47b6-8d5a-54f2dec2ab75/779cf36b-1b9b-4076-82da-87c72aef9308.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4998c74ff02ea8b3a61f9859f1224bfd9dccb639a9726e933428a5fbf90cd405

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:56 GMT
content-encoding
br
age
32481
etag
"Hil2u7Sv/uoWm/5RK7bF8E7A3lLTrntH/THKz4SBUQg"
access-control-max-age
86400
fastly-io-info
ifsz=407923 idim=1300x735 ifmt=jpeg ofsz=24579 odim=600x338 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
24221
beb33743-24c4-4dde-819d-ace0cca5eb68.jpg
img.connatix.com/7fabf066-9119-47b6-8d5a-54f2dec2ab75/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/7fabf066-9119-47b6-8d5a-54f2dec2ab75/beb33743-24c4-4dde-819d-ace0cca5eb68.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
95c053147d91937015a02b47a68b61283011b1fd2aaffec4b166b466c5a93cbc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:56 GMT
content-encoding
br
age
32481
etag
"RVt2hwusttUWX8XXu9MY5pjG5EKKWyWCoZZ4Z97gdjs"
access-control-max-age
86400
fastly-io-info
ifsz=1840190 idim=1546x884 ifmt=png ofsz=21952 odim=600x338 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
21554
56558413-761e-4831-9afc-3c114f527251.jpg
img.connatix.com/7fabf066-9119-47b6-8d5a-54f2dec2ab75/ 		28 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/7fabf066-9119-47b6-8d5a-54f2dec2ab75/56558413-761e-4831-9afc-3c114f527251.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d155e549e3c9e8a150bab1d9183352ca07d308d8db4e711a80e553df70450ad4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:56 GMT
content-encoding
br
age
32482
etag
"L0JkacH4f4L5KKk5uJLgNywAOLGUCOnHwM9iARdnNDQ"
access-control-max-age
86400
fastly-io-info
ifsz=841279 idim=1280x718 ifmt=png ofsz=28337 odim=600x338 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
27833
ecc4fee9-a3bf-4d17-9401-6f73cfab1b80.jpg
img.connatix.com/7fabf066-9119-47b6-8d5a-54f2dec2ab75/ 		22 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/7fabf066-9119-47b6-8d5a-54f2dec2ab75/ecc4fee9-a3bf-4d17-9401-6f73cfab1b80.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eec3858c10015aa48ad6b41699da545031b26063661a970c168b46d8312c551b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:56 GMT
content-encoding
br
age
32482
etag
"p+G6XKEkxekwZtGOtNhc6F61UO53L+Dt2NulxMJwm2M"
access-control-max-age
86400
fastly-io-info
ifsz=32695 idim=550x309 ifmt=jpeg ofsz=22044 odim=549x309 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
21617
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=j-u_13xPdlJqTXI4YlR2YTRRL3VUUzZWVElZcElPR2ROMEozcVpVV0lrUjJyYmlYSjlMNmE4OEdUS0swMGRabGZCRHlHekl6RUh0NitlNE9XQ0dCeDlVblhDUm1sK1F0MGtxUDluNTVmZjhiVE5zMHpibTlGTDZLdmlaZXp4dEx3Mm5KbVk1RzY4ZDN5U1NWYlQ0VjBXVTF6R1QzcTROMzJ4UGxwS1dKMnVhRFZRKzF0ZGFlYy9jd1ppU3hlZlhDbFliNnBUcEZycHVscjIwckdsejhwUE1mSHE4ditCeW1RT3phK0FGVkM0N3pKcTdBPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1037
date
Mon, 10 Jan 2022 15:35:55 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
theme.css
embed.crooksandliars.com/css/ Frame 49FB 		43 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.crooksandliars.com/css/theme.css?1591398763000
Requested by
Host: embed.crooksandliars.com
URL: https://embed.crooksandliars.com/embed/dZAeyHMz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.238.37.138 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
dean.crooksandliars.com
Software
nginx / Express
Resource Hash
7a542f4a9339c46375dc651de903e3ede596f04c48cb061c292bc2e75052d06d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://embed.crooksandliars.com/embed/dZAeyHMz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:56 GMT
content-encoding
gzip
etag
W/"aa56-17286c209f8"
last-modified
Fri, 05 Jun 2020 23:12:43 GMT
server
nginx
x-powered-by
Express
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 49FB 		375 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: embed.crooksandliars.com
URL: https://embed.crooksandliars.com/embed/dZAeyHMz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d7fcc6fcc8f7cad5e4057c7add47caf4bf89bf5368158fe7a7285c0f63a1733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://embed.crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126524
x-xss-protection
0
expires
Mon, 10 Jan 2022 15:35:56 GMT
js
www.googletagmanager.com/gtag/ Frame 49FB 		90 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-2640119-6
Requested by
Host: embed.crooksandliars.com
URL: https://embed.crooksandliars.com/embed/dZAeyHMz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7b32af52876ce17886b034fd38bb3ac3c5037523ab2e7198b4b43decf65be408
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://embed.crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:56 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36249
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 10 Jan 2022 15:35:56 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-109-174.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 03:17:35 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
44302
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 22 Dec 2021 01:41:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
L2_MRp8KwiUR7xIWXZFooLHRBfnaqY96
via
1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
S9Yi5-rfC-ErvsXn5uI1Zt8DRYHSWOoiQm5bdoDfVpzWmHP2MB8tvw==
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fcrooksandliars.com&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-109-174.fra56.r.cloudfront.net
Software
Server /
Resource Hash
831eaf6f1c288f766382de0ff923046ec00f3e7346af39b1849c0630203215ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:21:18 GMT
via
1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
server
Server
age
877
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://crooksandliars.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P5
content-length
1123
x-amz-cf-id
zd4Uzr5LwXs9Ft6xsBUswgcJqastch5XB3xZS8X8Nk9YGGd62lu-qQ==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pid=AyaCPIenxVRiq&cb=0&ws=1600x1200&v=7.71.1&t=2000&slots=%5B%7B%22sd%22%3A%22desktop-5%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%7D%2C%7B%22sd%22%3A%22desktop-1%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x250%22%2C%22300x600%22%5D%7D%2C%7B%22sd%22%3A%22desktop-2%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x250%22%2C%22300x600%22%5D%7D%2C%7B%22sd%22%3A%22desktop-3%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%5D&schain=1.0%2C1!proper.io%2Ce5963be0-eb92-11e9-a488-69e3386c7506%2C1%2C%2C%2C&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-109-174.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:56 GMT
via
1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P5
x-amz-rid
NFF7V03KPV2071EP5BYR
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
JCghGJVo9HlAImQdFwt600Rc-BHmnIP7JZyPffzTEtwo7WyR52jH4w==
/
trends.newsmaxwidget.com/api/demand/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.newsmaxwidget.com/api/demand/?w=167087&wlw=newsmaxwidget.com
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.237.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-237-91.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Mon, 10 Jan 2022 15:35:56 GMT
access-control-allow-credentials
true
server
Apache/2.4.25 (Debian)
content-length
52
strict-transport-security
max-age=931536000; includeSubDomains
content-type
text/html; charset=UTF-8
sync
trends.newsmaxwidget.com/ 		0
171 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.newsmaxwidget.com/sync
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.237.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-237-91.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Mon, 10 Jan 2022 15:35:56 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
/
www.facebook.com/tr/ Frame 818E 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://crooksandliars.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
date
Mon, 10 Jan 2022 15:35:56 GMT
config
c.amazon-adsystem.com/cdn/prod/ Frame 6A5A 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fcrooksandliars.com&pubid=70fb13d1-ab65-42ac-a7ca-0b4e680d5c92
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-109-174.fra56.r.cloudfront.net
Software
Server /
Resource Hash
2e0b76760753ecabd92d6562f5900f745acbefc7226fd4af4127f9aaeea9dba2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:21:18 GMT
via
1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
server
Server
age
877
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://crooksandliars.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P5
content-length
1897
x-amz-cf-id
blFJ77ELyu7osmhxcWv6uaR6SkKXHHVlS8n1xdaxJXsmlF8ra6_pKA==
bid
c.amazon-adsystem.com/e/dtb/ Frame 6A5A 		64 B
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pid=AtJ9t9WiMhhu1&cb=0&ws=0x0&v=7.71.1&t=3000&slots=%5B%7B%22sd%22%3A%22div-insticator-ad-3%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F27794161%2Fcrooksandliars.com_Web_300x250_3%22%7D%2C%7B%22sd%22%3A%22div-insticator-ad-4%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F27794161%2Fcrooksandliars.com_Web_300x250_4%22%7D%2C%7B%22sd%22%3A%22div-insticator-ad-cmt-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F27794161%2Fcrooksandliars.com_Web_300x250_cmt_1%22%7D%2C%7B%22sd%22%3A%22div-insticator-ad-cmt-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F27794161%2Fcrooksandliars.com_Web_300x250_cmt_2%22%7D%2C%7B%22sd%22%3A%22div-insticator-ad-cmt-3%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F27794161%2Fcrooksandliars.com_Web_300x250_cmt_3%22%7D%2C%7B%22sd%22%3A%22div-insticator-ad-cmt-4%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F27794161%2Fcrooksandliars.com_Web_300x250_cmt_4%22%7D%5D&schain=1.0%2C1!insticator.com%2Cecf2723f-6eaf-4718-a72f-4d6205343dab%2C1%2C%2C%2C&pubid=70fb13d1-ab65-42ac-a7ca-0b4e680d5c92&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-109-174.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:56 GMT
via
1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P5
x-amz-rid
D7KQ6AMFJBE6B7QBZQ0G
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
IHeHG5jkTBCn9VMwK43GWJdJiRVEdzdgGlkZRRMVjPcd5BSlxrxQ4A==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 6A5A 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-109-174.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 03:17:35 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
44302
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 22 Dec 2021 01:41:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
L2_MRp8KwiUR7xIWXZFooLHRBfnaqY96
via
1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
gkDRjRgNpZtNi0f1py1d3mR5ESikUyNl9Bsx3LSKDe-4y1ko-pm74A==
bridge3.494.0_en.html
imasdk.googleapis.com/js/core/ Frame A657 		598 KB
194 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa900c43537f2033211adb263b21e424397bc66aba2383df7ad62e7d4e9a075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
198941
date
Sat, 08 Jan 2022 17:35:07 GMT
expires
Sun, 08 Jan 2023 17:35:07 GMT
last-modified
Tue, 04 Jan 2022 16:08:31 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
165649
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 10 Jan 2022 15:35:56 GMT
bridge3.494.0_en.html
imasdk.googleapis.com/js/core/ Frame 9C9B 		598 KB
194 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa900c43537f2033211adb263b21e424397bc66aba2383df7ad62e7d4e9a075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
198941
date
Sat, 08 Jan 2022 17:35:07 GMT
expires
Sun, 08 Jan 2023 17:35:07 GMT
last-modified
Tue, 04 Jan 2022 16:08:31 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
165649
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=crooksandliars.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:35:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=crooksandliars.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:35:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.494.0_en.html
imasdk.googleapis.com/js/core/ Frame 8989 		598 KB
194 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa900c43537f2033211adb263b21e424397bc66aba2383df7ad62e7d4e9a075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
198941
date
Sat, 08 Jan 2022 17:35:07 GMT
expires
Sun, 08 Jan 2023 17:35:07 GMT
last-modified
Tue, 04 Jan 2022 16:08:31 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
165649
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ats.js
ats.rlcdn.com/ Frame 6A5A 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-88.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 10:24:28 GMT
content-encoding
gzip
age
18689
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:6fbe2bf4-0d3f-4234-a84e-c584de5ecb5e
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-sha256
ae589a6335869a8948d0172dfafea0c42638763d87ea89591504c580a5c4f6c7
x-amz-meta-codebuild-content-md5
8c7650e47b7f894f6ae5a1fc4919cee6
last-modified
Thu, 16 Dec 2021 12:45:56 GMT
server
AmazonS3
etag
W/"d7dfa2940a5d5ce3beedd8774c961dd7"
vary
Accept-Encoding
x-amz-version-id
28x_tDvW9kJ.rWgfbdZIcgxbFDdgh9p3
via
1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA60-P3
content-type
application/x-javascript
x-amz-cf-id
ygdjzTTdEivyY1goB4uMDbx85vcfLBj8CtSQWJdwx4tJELgKGpOwVQ==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 6A5A 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-144.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:56 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Mon, 10 Jan 2022 15:50:56 GMT
config.js
confiant-integrations.global.ssl.fastly.net/pOIAx-8QWovHK9PBpEctv-fzgXs/gpt_and_prebid/ Frame 6A5A 		53 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/pOIAx-8QWovHK9PBpEctv-fzgXs/gpt_and_prebid/config.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6ac92e70058c44e5a5dee833057b97874cfa406a163fbd0079e885730eef0179

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:35:56 GMT
Content-Encoding
gzip
Age
2427
X-Cache
HIT
Connection
keep-alive
Content-Length
12946
x-amz-id-2
kE45j8JyJLRdV9JY7SVt4NEsJW2CnnR0EB0sR/xe6PMAS58bokd6Bb6+PX9P0VintwN2a/39uac=
X-Served-By
cache-hhn4059-HHN
Last-Modified
Mon, 10 Jan 2022 14:35:52 GMT
Server
AmazonS3
X-Timer
S1641828956.320345,VS0,VE0
ETag
"74b2967d3d7de186b07a1d457168aa4c"
x-amz-request-id
CR8MYABG6WJXFPYS
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
198
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame 6A5A 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
cd22c397f04eb61e3e9ad14b6149f294e4b8ae69b74b2140b237a31b26c99275
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
date
Mon, 10 Jan 2022 15:14:38 GMT
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
sbg
content-disposition
attachment;filename="id5-api.js"
accept-ranges
bytes
content-length
10430
x-request-id
998048927
app.7c07f929.css
conversations.yappaapp.com/css/ Frame 0CA7 		94 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://conversations.yappaapp.com/css/app.7c07f929.css
Requested by
Host: conversations.yappaapp.com
URL: https://conversations.yappaapp.com/?url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&content-id=&disable-ads=false&enable-auth-token-exchange=false&widget-type=undefined
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cd3c75804e2ae8052ed78d37fddf681f2ad49472b276cca4cc6bad29b356425

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://conversations.yappaapp.com/?url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&content-id=&disable-ads=false&enable-auth-token-exchange=false&widget-type=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Dec 2021 12:12:55 GMT
server
cloudflare
age
11381
etag
W/"61b88a47-1763a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iAaxdGp4seSj5vFbUdCNHmMgo9Rv5bmQvDg9FY2Za3Bbr%2Fc89CEElrlviugWyZyZTGJrRjuGUqPQPsZm%2FJELprYD6XNnn6lRex2zYlO%2BQl8LXjitARSlhW63j0sUmxgMN1Xdef0zHdmrwbuilqUMaci57QnXPRdR%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6cb6fa61396c83b8-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
chunk-vendors.18dab191.css
conversations.yappaapp.com/css/ Frame 0CA7 		82 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://conversations.yappaapp.com/css/chunk-vendors.18dab191.css
Requested by
Host: conversations.yappaapp.com
URL: https://conversations.yappaapp.com/?url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&content-id=&disable-ads=false&enable-auth-token-exchange=false&widget-type=undefined
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca111e34edd206852e0d65ac8fafc269e4ae722cd3766943cedf57d5a385ad52

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://conversations.yappaapp.com/?url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&content-id=&disable-ads=false&enable-auth-token-exchange=false&widget-type=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Dec 2021 12:12:55 GMT
server
cloudflare
age
11381
etag
W/"61b88a47-14644"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yFliBu4nKaevHlWN7DHpTdbfp6wEzWc%2BDMXh5DxELhjEAusVoANd8mebzfY0J30AjveG9PpU9YBB5Lt9fxtXcHDIQzHB%2BOaz%2BYp5lUIjDZXhwnSvHbkRJLhDy%2Br9aPxlYj49sJlVx7v%2Fj7HTdeiOoy38Wo8m%2BICpKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6cb6fa61397283b8-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
app.1f234b12.js
conversations.yappaapp.com/js/ Frame 0CA7 		352 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://conversations.yappaapp.com/js/app.1f234b12.js
Requested by
Host: conversations.yappaapp.com
URL: https://conversations.yappaapp.com/?url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&content-id=&disable-ads=false&enable-auth-token-exchange=false&widget-type=undefined
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaea2958487176ec1524ecc1a04eda2977455e35c62836a29687a3c8cc842bb2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://conversations.yappaapp.com/?url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&content-id=&disable-ads=false&enable-auth-token-exchange=false&widget-type=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Dec 2021 12:12:55 GMT
server
cloudflare
age
11381
etag
W/"61b88a47-57e69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xtTUf5YCNBNvXzRCOOkH%2FDqGNohRVcy4OIBoxPd1hHj1DlDJoOBYmLE2S%2BZ23VVTOUtbDh%2FPmRkPPicQtevAOJGnmcNql%2FOGcA26hx%2Bo6haMyxBdNhM7vKSfFLFxJ5RywTdSc%2BEcpLJtlYi0XPZ2719CU7x%2FV4mEdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6cb6fa61397683b8-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
chunk-vendors.1e365abc.js
conversations.yappaapp.com/js/ Frame 0CA7 		712 KB
217 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://conversations.yappaapp.com/js/chunk-vendors.1e365abc.js
Requested by
Host: conversations.yappaapp.com
URL: https://conversations.yappaapp.com/?url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&content-id=&disable-ads=false&enable-auth-token-exchange=false&widget-type=undefined
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a572e976a54f59c0426d02f1bf23fb4b0b711132e1b7d377b8087aefc0230569

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://conversations.yappaapp.com/?url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&content-id=&disable-ads=false&enable-auth-token-exchange=false&widget-type=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Dec 2021 12:12:55 GMT
server
cloudflare
age
11381
etag
W/"61b88a47-b1f40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zrXAfVttIGBAls%2F02WGby3sd%2FYCRaANcOxtEEWW62Qyx7l%2FHrfMgkxqewMCu7okZZYYBL1k8hMTb8RatTIdrktNeMGRtLWiTN%2BfvMWpbqbViwTg4gOn3MeckMhVI1T39tuxfjKSxg8XLvcvuQWpn2SkA64ng%2FzvKYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6cb6fa61397b83b8-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
ao
capi.connatix.com/tr/ Frame 3C9B 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ao?v=144775
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.50.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-50-229.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
g
capi.connatix.com/rtb/ Frame 3C9B 		468 B
640 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/rtb/g?v=144775
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.50.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-50-229.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
cde656a12f1ed0da35a8dd07f29c366ac443fc6f12239869036f0f776440d08d

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
340
ps
capi.connatix.com/tr/ Frame 3C9B 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ps?v=144775
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.50.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-50-229.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 10 Jan 2022 15:35:55 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
1_th.jpg
img.connatix.com/0f8c5ab0-5019-46db-b52f-0b43b776490b/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/0f8c5ab0-5019-46db-b52f-0b43b776490b/1_th.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c9cb94b7e1647f7f23e5928a1d54d9f17be0931ef8545ad38e7476a97940da87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:56 GMT
content-encoding
br
age
496283
etag
"R8VBIZkmKU8df4TG4A6/Qyek6x4sJv4wz6x3bBeiHXM"
access-control-max-age
86400
fastly-io-info
ifsz=68340 idim=1872x1440 ifmt=jpeg ofsz=12625 odim=600x338 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
12133
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 3C9B 		375 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d7fcc6fcc8f7cad5e4057c7add47caf4bf89bf5368158fe7a7285c0f63a1733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126524
x-xss-protection
0
expires
Mon, 10 Jan 2022 15:35:56 GMT
doq.htm
rt3042.infolinks.com/action/ 		896 B
1020 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt3042.infolinks.com/action/doq.htm?pcode=utf-8&r=16418289564151
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1777.009-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
709a5591dae1de6c53336d06b7193199505efb7f8a07acc4b61f193427d7c84f

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 10 Jan 2022 15:35:56 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NON DSP NID OUR COR"
content-type
text/html;charset=UTF-8
x-application-context
application:prod
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-language
de-DE
access-control-allow-origin
https://crooksandliars.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
cf-ray
6cb6fa61e9b48b95-FRA
expires
Thu, 01 Jan 1970 00:00:00 GMT
token
eua.instiengage.com/v1/auth/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eua.instiengage.com/v1/auth/token
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.173.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-173-84.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://auth.instiengage.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 10 Jan 2022 15:35:56 GMT
content-length
0
vary
Origin
access-control-max-age
3600
access-control-allow-origin
https://auth.instiengage.com
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-credentials
true
token
eua.instiengage.com/v1/auth/ Frame 0257 		864 B
1016 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://eua.instiengage.com/v1/auth/token
Requested by
Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.173.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-173-84.compute-1.amazonaws.com
Software
/
Resource Hash
05ac06ee325f239671ee8a7c7915694f79fa1b4549e91a36d2247bbe91b2cd67

Request headers

Referer
https://auth.instiengage.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://auth.instiengage.com
date
Mon, 10 Jan 2022 15:35:56 GMT
access-control-allow-credentials
true
content-length
864
vary
Origin
content-type
application/json
generic
trends.newsmaxwidget.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.newsmaxwidget.com/event/generic
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.237.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-237-91.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Mon, 10 Jan 2022 15:35:56 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
strict-transport-security
max-age=931536000; includeSubDomains
generic
trends.newsmaxwidget.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.newsmaxwidget.com/event/generic
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.237.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-237-91.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Mon, 10 Jan 2022 15:35:56 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
strict-transport-security
max-age=931536000; includeSubDomains
/
trends.newsmaxwidget.com/api/delivery/ 		35 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.newsmaxwidget.com/api/delivery/?is_blocked=undefined&w=167087&width=1600&rev_allow_cookies=undefined&site_url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&icr_url=&va=0&user_uuid=undefined&time=1641828956457&up=pc&bn=chrome&bv=97&widget_width=300&style_id=0&idhub[id5id]=[object%20Object]&idhub[pubcid]=94ef7167-44e2-4f9b-a8f8-c7b1073b8734
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.237.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-237-91.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
15bd3b782c22b1f64a17915dfb1495cfb7eb35223b0496b1a0119d990722bb99
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:56 GMT
content-encoding
gzip
server
Apache/2.4.25 (Debian)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
strict-transport-security
max-age=931536000; includeSubDomains
content-length
13628
s2s
eb.proper.io/ 		373 B
994 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eb.proper.io/s2s?proper_uid=524a21c7-7a2e-45fe-ab5f-2e2e1aa6dc54
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed15ed8e9eecce711a4a56a736c346cd82a73c520dbdf5f8060f46d735962353

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:56 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://crooksandliars.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-timing
dur:90
cf-ray
6cb6fa620ae60221-ZRH
expires
-1
ats.js
ats.rlcdn.com/ 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-88.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 10:24:28 GMT
content-encoding
gzip
age
18689
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:6fbe2bf4-0d3f-4234-a84e-c584de5ecb5e
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-sha256
ae589a6335869a8948d0172dfafea0c42638763d87ea89591504c580a5c4f6c7
x-amz-meta-codebuild-content-md5
8c7650e47b7f894f6ae5a1fc4919cee6
last-modified
Thu, 16 Dec 2021 12:45:56 GMT
server
AmazonS3
etag
W/"d7dfa2940a5d5ce3beedd8774c961dd7"
vary
Accept-Encoding
x-amz-version-id
28x_tDvW9kJ.rWgfbdZIcgxbFDdgh9p3
via
1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA60-P3
content-type
application/x-javascript
x-amz-cf-id
3BODSxAkktcvEGX-t7CD1TS69bhuL7GuCuKCfi6A48NNoXuC1kh7Ig==
id5-api.js
cdn.id5-sync.com/api/1.0/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
cd22c397f04eb61e3e9ad14b6149f294e4b8ae69b74b2140b237a31b26c99275
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
date
Mon, 10 Jan 2022 15:14:38 GMT
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
sbg
content-disposition
attachment;filename="id5-api.js"
accept-ranges
bytes
content-length
10430
x-request-id
998048927
css
fonts.googleapis.com/ Frame 49FB 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: embed.crooksandliars.com
URL: https://embed.crooksandliars.com/css/theme.css?1591398763000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://embed.crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 13:57:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 10 Jan 2022 15:35:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Jan 2022 15:35:56 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3F4D 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:56:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2362
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 10 Jan 2022 15:56:34 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E14E 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:56:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2362
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 10 Jan 2022 15:56:34 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3FD7 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:56:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2362
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 10 Jan 2022 15:56:34 GMT
event
event.insticator.com/v1/ 		0
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.2.181.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-181-133.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin
*
Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Mon, 10 Jan 2022 15:35:56 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.2.181.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-181-133.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
access-control-allow-origin,content-type
Origin
https://crooksandliars.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 10 Jan 2022 15:35:56 GMT
content-length
0
vary
Origin
access-control-max-age
3600
access-control-allow-origin
https://crooksandliars.com
access-control-allow-headers
access-control-allow-origin,content-type
access-control-allow-methods
POST
access-control-allow-credentials
true
horizon_tweet.4027cff8c5dfbbf9b414b0df963e6b7d.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/horizon_tweet.4027cff8c5dfbbf9b414b0df963e6b7d.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CEB) /
Resource Hash
7ca703a20171d4d4440daefb529292d7720e3bb2b0aa1aa6d797228bcd3b762c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:35:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Dec 2021 21:34:11 GMT
Server
ECS (mil/6CEB)
Age
2747374
Etag
"8e55b85bd8d8e443c9a80691ed34d775+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2438
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 		149 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5155643920455169&plah=crooksandliars.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1eb1b6e1e688ba61d00ccf66b2a294712a2020fea57ce41189e6d380b8574de2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54387
x-xss-protection
0
server
cafe
etag
899174416618973979
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Jan 2022 15:35:56 GMT
bridge3.494.0_en.html
imasdk.googleapis.com/js/core/ Frame 5F3B 		598 KB
194 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa900c43537f2033211adb263b21e424397bc66aba2383df7ad62e7d4e9a075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
198941
date
Sat, 08 Jan 2022 17:35:07 GMT
expires
Sun, 08 Jan 2023 17:35:07 GMT
last-modified
Tue, 04 Jan 2022 16:08:31 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
165649
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 3C9B 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 10 Jan 2022 15:35:56 GMT
bridge3.494.0_en.html
imasdk.googleapis.com/js/core/ Frame B0DE 		598 KB
194 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa900c43537f2033211adb263b21e424397bc66aba2383df7ad62e7d4e9a075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
198941
date
Sat, 08 Jan 2022 17:35:07 GMT
expires
Sun, 08 Jan 2023 17:35:07 GMT
last-modified
Tue, 04 Jan 2022 16:08:31 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
165649
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.494.0_en.html
imasdk.googleapis.com/js/core/ Frame EC1E 		598 KB
194 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa900c43537f2033211adb263b21e424397bc66aba2383df7ad62e7d4e9a075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
198941
date
Sat, 08 Jan 2022 17:35:07 GMT
expires
Sun, 08 Jan 2023 17:35:07 GMT
last-modified
Tue, 04 Jan 2022 16:08:31 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
165649
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
de.tynt.com/deb/ Frame A4B5 		75 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3325427&wsid=0&pdom=crooksandliars.com&purl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/

Response headers

cache-control
max-age=86400
expires
Tue, 11 Jan 2022 15:35:57 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Mon, 10 Jan 2022 15:35:56 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
usermatch
ssum-sec.casalemedia.com/ Frame 6062
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3325427&wsid=0&pdom=crooksandliars.com&purl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fb6e95966333e927df9ab6e3286310ce0919429e299800fe10e21a564a1db022

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|39|230|45|13|5|218|191
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1726
Expires
Mon, 10 Jan 2022 15:35:56 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 10 Jan 2022 15:35:56 GMT
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
311
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Mon, 10 Jan 2022 15:35:56 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 10 Jan 2022 15:35:56 GMT
Connection
keep-alive
/
onetag-sys.com/usync/ Frame 2789 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3325427&wsid=0&pdom=crooksandliars.com&purl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
pbm-usync
router.infolinks.com/dyn/ Frame D7C8
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3DE684F5E9-3B0B-4B8B-B14B-8556B772469D
  • https://router.infolinks.com/dyn/pbm-usync?uid=E684F5E9-3B0B-4B8B-B14B-8556B772469D
0
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/pbm-usync?uid=E684F5E9-3B0B-4B8B-B14B-8556B772469D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3325427&wsid=0&pdom=crooksandliars.com&purl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
text/html;charset=UTF-8
cache-control
no-store, no-cache, private
cf-ray
6cb6fa693f6168fd-FRA
content-length
0
expires
Sun, 10 Jan 2021 15:35:57 GMT

Redirect headers

location
https://router.infolinks.com/dyn/pbm-usync?uid=E684F5E9-3B0B-4B8B-B14B-8556B772469D
date
Mon, 10 Jan 2022 15:35:55 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
apn-usync
router.infolinks.com/dyn/ Frame D7C8
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
  • https://router.infolinks.com/dyn/apn-usync?user_id=1899464560870372694
35 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/apn-usync?user_id=1899464560870372694
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3325427&wsid=0&pdom=crooksandliars.com&purl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6cb6fa65bd6a68fd-FRA
content-length
35
expires
Sun, 10 Jan 2021 15:35:57 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:35:56 GMT
X-Proxy-Origin
193.27.14.43; 193.27.14.43; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
0896d88d-7931-4718-957c-19e9660adba1
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://router.infolinks.com/dyn/apn-usync?user_id=1899464560870372694
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cm
u.openx.net/w/1.0/ Frame D7C8 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3325427&wsid=0&pdom=crooksandliars.com&purl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:56 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
VR-usync
router.infolinks.com/dyn/ Frame D7C8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58422/occ
  • https://router.infolinks.com/dyn/VR-usync?uid=y-XrJM4dFE2uHSnpP6VhPvkeyoc6u1ii50hlJFWjM-~A
35 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/VR-usync?uid=y-XrJM4dFE2uHSnpP6VhPvkeyoc6u1ii50hlJFWjM-~A
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3325427&wsid=0&pdom=crooksandliars.com&purl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6cb6fa64ca5f68fd-FRA
content-length
35
expires
Sun, 10 Jan 2021 15:35:57 GMT

Redirect headers

location
https://router.infolinks.com/dyn/VR-usync?uid=y-XrJM4dFE2uHSnpP6VhPvkeyoc6u1ii50hlJFWjM-~A
date
Mon, 10 Jan 2022 15:35:56 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
r1-usync
router.infolinks.com/dyn/ Frame D7C8
Redirect Chain
  • https://sync.1rx.io/usersync2/infolinks
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5008378458
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5008378458
  • https://sync.1rx.io/usersync/tradedesk/200dd76c-6183-49d6-9fb9-08410ca8a1c3
  • https://sync.targeting.unrulymedia.com/csync/RX-e72ddd07-3f01-4cbe-916a-c61e06ab6cd8-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-e72ddd07-3f01-4cbe-916a-c61e06ab6cd8-003
  • https://router.infolinks.com/dyn/r1-usync?uid=RX-e72ddd07-3f01-4cbe-916a-c61e06ab6cd8-003
35 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/r1-usync?uid=RX-e72ddd07-3f01-4cbe-916a-c61e06ab6cd8-003
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3325427&wsid=0&pdom=crooksandliars.com&purl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:58 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6cb6fa6b4cff68fd-FRA
content-length
35
expires
Sun, 10 Jan 2021 15:35:58 GMT

Redirect headers

location
https://router.infolinks.com/dyn/r1-usync?uid=RX-e72ddd07-3f01-4cbe-916a-c61e06ab6cd8-003
date
Mon, 10 Jan 2022 15:35:57 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXe72ddd073f014cbe916ac61e06ab6cd8003
content-type
text/html
zmn-usync
router.infolinks.com/dyn/ Frame D7C8
Redirect Chain
  • https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
  • https://router.infolinks.com/dyn/zmn-usync?uid=
35 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/zmn-usync?uid=
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3325427&wsid=0&pdom=crooksandliars.com&purl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store
cf-ray
6cb6fa67dbd768fd-FRA
content-length
35

Redirect headers

Location
https://router.infolinks.com/dyn/zmn-usync?uid=
Pragma
no-cache
Date
Mon, 10 Jan 2022 15:35:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
70
Content-Type
text/html; charset=utf-8
us
sync.go.sonobi.com/ Frame D7C8 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3325427&wsid=0&pdom=crooksandliars.com&purl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:35:56 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ca.png
s.cpx.to/ Frame D7C8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fcrooksandliars.com%252F2022%252F01%252Fbannon-s-anti-vax-correspondent-blames-his&pid=12306&adnxs_uid=$UID
  • https://s.cpx.to/ca.png?ref=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pid=12306&adnxs_uid=1899464560870372694
95 B
944 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pid=12306&adnxs_uid=1899464560870372694
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3325427&wsid=0&pdom=crooksandliars.com&purl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his
Protocol
HTTP/1.1
Server
176.34.73.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-73-162.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache, no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Mon, 10 Jan 2022 15:35:57 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Mon, 10 Jan 2022 15:35:57 UTC

Redirect headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:35:56 GMT
X-Proxy-Origin
193.27.14.43; 193.27.14.43; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
931af1cf-36ae-493a-b769-8ffc2e9608c7
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pid=12306&adnxs_uid=1899464560870372694
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
dsp.adkernel.com/ Frame D7C8 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=202&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fearn-usync%3Fuid%3D%7BUID%7D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3325427&wsid=0&pdom=crooksandliars.com&purl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:35:56 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
imd-usync
router.infolinks.com/dyn/ Frame D7C8
Redirect Chain
  • https://ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
  • https://ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
  • https://router.infolinks.com/dyn/imd-usync?user_id=0b41250e-3f31-4fd1-926c-4fe9710ed238&partner_id=1531
35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/imd-usync?user_id=0b41250e-3f31-4fd1-926c-4fe9710ed238&partner_id=1531
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3325427&wsid=0&pdom=crooksandliars.com&purl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6cb6fa67ec2868fd-FRA
content-length
35
expires
Sun, 10 Jan 2021 15:35:57 GMT

Redirect headers

location
https://router.infolinks.com/dyn/imd-usync?user_id=0b41250e-3f31-4fd1-926c-4fe9710ed238&partner_id=1531
date
Mon, 10 Jan 2022 15:35:57 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
outh-usync
router.infolinks.com/dyn/ Frame D7C8
Redirect Chain
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP00faf6d4-722b-11ec-b92b-022355a5a232
  • https://router.infolinks.com/dyn/outh-usync?uid=y-HvlR7iBE2uHGN6hmPN2mZmQzm9eAPz9E~A~UP00faf6d4-722b-11ec-b92b-022355a5a232
35 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/outh-usync?uid=y-HvlR7iBE2uHGN6hmPN2mZmQzm9eAPz9E~A~UP00faf6d4-722b-11ec-b92b-022355a5a232
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3325427&wsid=0&pdom=crooksandliars.com&purl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6cb6fa68eebb68fd-FRA
content-length
35
expires
Sun, 10 Jan 2021 15:35:57 GMT

Redirect headers

location
https://router.infolinks.com/dyn/outh-usync?uid=y-HvlR7iBE2uHGN6hmPN2mZmQzm9eAPz9E~A~UP00faf6d4-722b-11ec-b92b-022355a5a232
date
Mon, 10 Jan 2022 15:35:57 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usersync
match.bnmla.com/ Frame D7C8 		0
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.bnmla.com/usersync?sspid=1000361&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3D%5BUUID%5D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3325427&wsid=0&pdom=crooksandliars.com&purl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.101 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:35:56 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
sovrn-usync
router.infolinks.com/dyn/ Frame D7C8
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true
  • https://router.infolinks.com/dyn/sovrn-usync?uid=30b961211246323ef130f0ec
35 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/sovrn-usync?uid=30b961211246323ef130f0ec
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3325427&wsid=0&pdom=crooksandliars.com&purl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6cb6fa680c8468fd-FRA
content-length
35
expires
Sun, 10 Jan 2021 15:35:57 GMT

Redirect headers

Date
Mon, 10 Jan 2022 15:35:57 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://router.infolinks.com/dyn/sovrn-usync?uid=30b961211246323ef130f0ec
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
usersync
router.infolinks.com/dyn/ Frame D7C8
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTY4NEY1RTktM0IwQi00QjhCLUIxNEItODU1NkI3NzI0NjlE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3DE684F5E9-3B0B-4B8B-B14B-8556B772469D
  • https://router.infolinks.com/dyn/usersync?pmuservalue=E684F5E9-3B0B-4B8B-B14B-8556B772469D
0
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/usersync?pmuservalue=E684F5E9-3B0B-4B8B-B14B-8556B772469D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3325427&wsid=0&pdom=crooksandliars.com&purl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:58 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
cache-control
no-store
cf-ray
6cb6fa6b3cd368fd-FRA
content-length
0

Redirect headers

location
https://router.infolinks.com/dyn/usersync?pmuservalue=E684F5E9-3B0B-4B8B-B14B-8556B772469D
date
Mon, 10 Jan 2022 15:35:57 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
zeta-usync
router.infolinks.com/dyn/ Frame D7C8
Redirect Chain
  • https://p.rfihub.com/cm?pub=43153&in=1
  • https://router.infolinks.com/dyn/zeta-usync?uid=2019934808504257040
35 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/zeta-usync?uid=2019934808504257040
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3325427&wsid=0&pdom=crooksandliars.com&purl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:58 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6cb6fa6a29fa68fd-FRA
content-length
35
expires
Sun, 10 Jan 2021 15:35:57 GMT

Redirect headers

Location
https://router.infolinks.com/dyn/zeta-usync?uid=2019934808504257040
Date
Mon, 10 Jan 2022 15:35:57 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
ssc-cms.33across.com/ps/ Frame D7C8 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3325427&wsid=0&pdom=crooksandliars.com&purl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP002 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-33x-status
2000208
date
Mon, 10 Jan 2022 15:35:56 GMT
server
33XP002
iq-usync
router.infolinks.com/dyn/ Frame D7C8 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/iq-usync
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3325427&wsid=0&pdom=crooksandliars.com&purl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/usync/manage?pid=3325427&wsid=0&pdom=crooksandliars.com&purl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control
no-store
cf-ray
6cb6fa66a83f68fd-FRA
content-length
0
init1.js
api.bounceexchange.com/bounce/ 		156 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bounceexchange.com/bounce/init1.js?wklz=C4ewVgigvArgdgEwKYDMCWckIGQGNgDOUAjAGwAsxAHAExUCcArKaQOwDM2wAXiFAAzYA7kgBGBNMCQB9NAijtS-YtgBOSAiAA2MYGhBwSS-gA9iNfoPUokq9aqh4Ahlq0YA5tJiqtUABbAwAAOBACk7ACCoTQAYtExuKogIADWBE6Ibk6qBAB0uCAAtvEWNDTxyvGiGXAGALQEdRl6dQBuTiZ1BXYaQQbIcMB1olpOhRp1fmgE2K3TktIFqWhIUKGsAELRNFpB2+FRZQHBYTSMkdGMsZexiclpGQhZOflFNzGl5Wexld8x1XBanAGk1Bmg2h0uiAegQ+ogkINhqNxo0pqcvgBhbaqfYXMr7VgAETw9xWa0262JSxSK2koBA0lGqncqxQLgISGwoiCAmwSGCUAA2gBdbBBQiOAqFIJZOC4GQoUbuKBAA
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_59172a559156a275174986debedb08b4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
8a09ac31a67065c84917aa611d21c8258a2140b9f759d21ca0fae38af7b5c287

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:56 GMT
content-encoding
gzip
last-modified
Mon, 10 Jan 2022 15:35:56 GMT
server
istio-envoy
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
22
content-type
text/javascript;charset=UTF-8
alt-svc
clear
via
1.1 google
expires
0
playlist.m3u8
vid.connatix.com/0f8c5ab0-5019-46db-b52f-0b43b776490b/ Frame 3C9B 		308 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/0f8c5ab0-5019-46db-b52f-0b43b776490b/playlist.m3u8
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3c111bf8421ba681e6a4ea5e498d459d1f37e89544af26734f1cca85cc30ff06

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:56 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 18:17:02 GMT
age
495632
etag
"e37efd31a42fbfa275c8613fe5159aba"
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
164
pixel.gif
dh014lg6uwepv.cloudfront.net/ 		35 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dh014lg6uwepv.cloudfront.net/pixel.gif?timestamp=1641828956762&site_uuid=bf354797-2feb-4d2a-ad39-b31b027bc5f3&hostname=crooksandliars.com&ad_unit=crooksandliars.com_Web_300x250_3&impression_type=undefined&device=desktop&country_code=DE
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:3400:1a:5302:20c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:57 GMT
via
1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
last-modified
Tue, 10 Sep 2019 16:08:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
RefreshHit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
Z1E2ZSY09tJtUieQOU4FfkXDzXAJ6eeG4smD7ooWdltMOVrGQTR0SA==
pixel.gif
dh014lg6uwepv.cloudfront.net/ 		35 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dh014lg6uwepv.cloudfront.net/pixel.gif?timestamp=1641828956764&site_uuid=bf354797-2feb-4d2a-ad39-b31b027bc5f3&hostname=crooksandliars.com&ad_unit=crooksandliars.com_Web_300x250_4&impression_type=undefined&device=desktop&country_code=DE
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:3400:1a:5302:20c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:57 GMT
via
1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
last-modified
Tue, 10 Sep 2019 16:08:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
LsEgA0emcHbUrRDi4vhi9vdTPLHGRSwtrslatKLoE88osazRrdfafg==
pixel.gif
dh014lg6uwepv.cloudfront.net/ 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dh014lg6uwepv.cloudfront.net/pixel.gif?timestamp=1641828956766&site_uuid=bf354797-2feb-4d2a-ad39-b31b027bc5f3&hostname=crooksandliars.com&ad_unit=crooksandliars.com_Web_300x250_cmt_1&impression_type=undefined&device=desktop&country_code=DE
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:3400:1a:5302:20c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:57 GMT
via
1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
last-modified
Tue, 10 Sep 2019 16:08:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
r2bJ6dzEr_Z893KHhtWQFM4JCNyzien8ZkfJ4BH3MIdELhohOL25xQ==
pixel.gif
dh014lg6uwepv.cloudfront.net/ 		35 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dh014lg6uwepv.cloudfront.net/pixel.gif?timestamp=1641828956768&site_uuid=bf354797-2feb-4d2a-ad39-b31b027bc5f3&hostname=crooksandliars.com&ad_unit=crooksandliars.com_Web_300x250_cmt_2&impression_type=undefined&device=desktop&country_code=DE
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:3400:1a:5302:20c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:57 GMT
via
1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
last-modified
Tue, 10 Sep 2019 16:08:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
KbIvht2frwKov90Lv0Jo2q7xr5uTtnHcOePbAAS6qohNrw88UiwU-Q==
pixel.gif
dh014lg6uwepv.cloudfront.net/ 		35 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dh014lg6uwepv.cloudfront.net/pixel.gif?timestamp=1641828956770&site_uuid=bf354797-2feb-4d2a-ad39-b31b027bc5f3&hostname=crooksandliars.com&ad_unit=crooksandliars.com_Web_300x250_cmt_3&impression_type=undefined&device=desktop&country_code=DE
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:3400:1a:5302:20c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:57 GMT
via
1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
last-modified
Tue, 10 Sep 2019 16:08:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
ZkZfuT4ZyE3Oi2yCn3kVquw_AEBoYLj_SmHDNKYVCPeRuZXNapwMcA==
pixel.gif
dh014lg6uwepv.cloudfront.net/ 		35 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dh014lg6uwepv.cloudfront.net/pixel.gif?timestamp=1641828956772&site_uuid=bf354797-2feb-4d2a-ad39-b31b027bc5f3&hostname=crooksandliars.com&ad_unit=crooksandliars.com_Web_300x250_cmt_4&impression_type=undefined&device=desktop&country_code=DE
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:3400:1a:5302:20c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:57 GMT
via
1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
last-modified
Tue, 10 Sep 2019 16:08:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
tlmlj8eXJYmX6_-3ZKlyLwKG5aaZSNV1OG4YzMtTf4zrLaUkN_k5Tg==
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2410621596312829&correlator=1482206590855689&output=ldjh&impl=fifs&eid=31063378%2C31063975%2C31063256%2C31063918&vrg=2022010402&ptt=17&tfcd=0&sc=1&sfv=1-0-38&ecs=20220110&iu_parts=27794161%2Ccrooksandliars.com_Web_300x250_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x100%7C320x50%7C250x250%7C300x250%7C336x280&prev_scp=h%3D15%26shb%3D1%26tg%3D0%26ics%3D320x100%26iba%3D00001%26iaid%3D1406e7675ea78a0e%26ib%3DindexExchange%26p%3DBTF%26at%3D1%26hostname%3Dcrooksandliars.com%26consent%3D0%26Exclude_Adx%3DN%26it%3Dil&eri=1&cookie=ID%3D3e7e576597cad971-22ee45191acd00bc%3AT%3D1641828955%3ART%3D1641828955%3AS%3DALNI_MZEL4o_273NeNMaJ7CTsFfwUaxsZg&bc=31&abxe=1&lmt=1641828954&dt=1641828956801&dlt=1641828954568&idt=1618&frm=20&biw=1600&bih=1200&oid=2&adxs=245&adys=4254&adks=1077819132&ucis=1&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&vis=1&dmc=8&scr_x=0&scr_y=0&psz=765x600&msz=336x-1&ga_vid=228879631.1641828955&ga_sid=1641828955&ga_hid=671282525&ga_fc=true&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
b893356e07a4c625453e4896b24f86d2144c9a7228221fc138719049e039dd60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8380
x-xss-protection
0
google-lineitem-id
5262196733
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138299530112
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://crooksandliars.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		25 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2410621596312829&correlator=208254192350875&output=ldjh&impl=fifs&eid=31063378%2C31063975%2C31063256%2C31063918&vrg=2022010402&ptt=17&tfcd=0&sc=1&sfv=1-0-38&ecs=20220110&iu_parts=27794161%2Ccrooksandliars.com_Web_300x250_4&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x100%7C320x50%7C250x250%7C300x250%7C336x280&prev_scp=h%3D15%26shb%3D1%26tg%3D0%26iba%3D0%26iaid%3Dnofill%26ib%3Dnofill%26p%3DBTF%26at%3D1%26hostname%3Dcrooksandliars.com%26consent%3D0%26Exclude_Adx%3DN%26it%3Dil&eri=1&cookie=ID%3D3e7e576597cad971-22ee45191acd00bc%3AT%3D1641828955%3ART%3D1641828955%3AS%3DALNI_MZEL4o_273NeNMaJ7CTsFfwUaxsZg&bc=31&abxe=1&lmt=1641828954&dt=1641828956807&dlt=1641828954568&idt=1618&frm=20&biw=1600&bih=1200&oid=2&adxs=245&adys=4554&adks=513601625&ucis=2&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&vis=1&dmc=8&scr_x=0&scr_y=0&psz=765x600&msz=336x-1&ga_vid=228879631.1641828955&ga_sid=1641828955&ga_hid=671282525&ga_fc=true&fws=0&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
cdccc07af4d0fea744c71669667210b49c44079fbe8c14ff7270bede83c83bb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
209918
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11427
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
321593
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://crooksandliars.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		443 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2410621596312829&correlator=2445080232019740&output=ldjh&impl=fifs&eid=31063378%2C31063975%2C31063256%2C31063918&vrg=2022010402&ptt=17&tfcd=0&sc=1&sfv=1-0-38&ecs=20220110&iu_parts=27794161%2Ccrooksandliars.com_Web_300x250_cmt_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x100%7C320x50%7C250x250%7C300x250%7C336x280&prev_scp=h%3D15%26shb%3D1%26tg%3D0%26iba%3D0%26iaid%3Dnofill%26ib%3Dnofill%26p%3DBTF%26at%3D1%26hostname%3Dcrooksandliars.com%26consent%3D0%26Exclude_Adx%3DN%26it%3Dil&eri=1&cookie=ID%3D3e7e576597cad971-22ee45191acd00bc%3AT%3D1641828955%3ART%3D1641828955%3AS%3DALNI_MZEL4o_273NeNMaJ7CTsFfwUaxsZg&bc=31&abxe=1&lmt=1641828954&dt=1641828956810&dlt=1641828954568&idt=1618&frm=20&biw=1600&bih=1200&oid=2&adxs=245&adys=7418&adks=2223117260&ucis=3&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&vis=1&dmc=8&scr_x=0&scr_y=0&psz=765x600&msz=336x-1&ga_vid=228879631.1641828955&ga_sid=1641828955&ga_hid=671282525&ga_fc=true&fws=0&ohw=0&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
386f30efa7e5c8d3016432f273329e7a95ec708a3603245cb5b0404c876bbb4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
242
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://crooksandliars.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2410621596312829&correlator=3795852013193628&output=ldjh&impl=fifs&eid=31063378%2C31063975%2C31063256%2C31063918&vrg=2022010402&ptt=17&tfcd=0&sc=1&sfv=1-0-38&ecs=20220110&iu_parts=27794161%2Ccrooksandliars.com_Web_300x250_cmt_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x100%7C320x50%7C250x250%7C300x250%7C336x280&prev_scp=h%3D15%26shb%3D1%26tg%3D0%26ics%3D320x100%26iba%3D00001%26iaid%3D139ce513965cfda1%26ib%3DindexExchange%26p%3DBTF%26at%3D1%26hostname%3Dcrooksandliars.com%26consent%3D0%26Exclude_Adx%3DN%26it%3Dil&eri=1&cookie=ID%3D3e7e576597cad971-22ee45191acd00bc%3AT%3D1641828955%3ART%3D1641828955%3AS%3DALNI_MZEL4o_273NeNMaJ7CTsFfwUaxsZg&bc=31&abxe=1&lmt=1641828954&dt=1641828956815&dlt=1641828954568&idt=1618&frm=20&biw=1600&bih=1200&oid=2&adxs=245&adys=7718&adks=2841650447&ucis=4&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&vis=1&dmc=8&scr_x=0&scr_y=0&psz=765x600&msz=336x-1&ga_vid=228879631.1641828955&ga_sid=1641828955&ga_hid=671282525&ga_fc=true&fws=0&ohw=0&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
706d83ce071408e15bed000798a035a355cad0ca200f014a8c0e1c93ca4e7767
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8404
x-xss-protection
0
google-lineitem-id
5262196733
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138299530115
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://crooksandliars.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		436 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2410621596312829&correlator=4380668880971868&output=ldjh&impl=fifs&eid=31063378%2C31063975%2C31063256%2C31063918&vrg=2022010402&ptt=17&tfcd=0&sc=1&sfv=1-0-38&ecs=20220110&iu_parts=27794161%2Ccrooksandliars.com_Web_300x250_cmt_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x100%7C320x50%7C250x250%7C300x250%7C336x280&prev_scp=h%3D15%26shb%3D1%26tg%3D0%26iba%3D0%26iaid%3Dnofill%26ib%3Dnofill%26p%3DBTF%26at%3D1%26hostname%3Dcrooksandliars.com%26consent%3D0%26Exclude_Adx%3DN%26it%3Dil&eri=1&cookie=ID%3D3e7e576597cad971-22ee45191acd00bc%3AT%3D1641828955%3ART%3D1641828955%3AS%3DALNI_MZEL4o_273NeNMaJ7CTsFfwUaxsZg&bc=31&abxe=1&lmt=1641828954&dt=1641828956817&dlt=1641828954568&idt=1618&frm=20&biw=1600&bih=1200&oid=2&adxs=245&adys=8018&adks=3769340010&ucis=5&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&vis=1&dmc=8&scr_x=0&scr_y=0&psz=765x600&msz=336x-1&ga_vid=228879631.1641828955&ga_sid=1641828955&ga_hid=671282525&ga_fc=true&fws=0&ohw=0&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
2423d7f14862fe955684a6b0c9e549f412936be33e5b53ab92cc919ef8e03888
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://crooksandliars.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		436 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2410621596312829&correlator=2381310613219453&output=ldjh&impl=fifs&eid=31063378%2C31063975%2C31063256%2C31063918&vrg=2022010402&ptt=17&tfcd=0&sc=1&sfv=1-0-38&ecs=20220110&iu_parts=27794161%2Ccrooksandliars.com_Web_300x250_cmt_4&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x100%7C320x50%7C250x250%7C300x250%7C336x280&prev_scp=h%3D15%26shb%3D1%26tg%3D0%26iba%3D0%26iaid%3Dnofill%26ib%3Dnofill%26p%3DBTF%26at%3D1%26hostname%3Dcrooksandliars.com%26consent%3D0%26Exclude_Adx%3DN%26it%3Dil&eri=1&cookie=ID%3D3e7e576597cad971-22ee45191acd00bc%3AT%3D1641828955%3ART%3D1641828955%3AS%3DALNI_MZEL4o_273NeNMaJ7CTsFfwUaxsZg&bc=31&abxe=1&lmt=1641828954&dt=1641828956820&dlt=1641828954568&idt=1618&frm=20&biw=1600&bih=1200&oid=2&adxs=245&adys=8318&adks=1953366762&ucis=6&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&vis=1&dmc=8&scr_x=0&scr_y=0&psz=765x600&msz=336x-1&ga_vid=228879631.1641828955&ga_sid=1641828955&ga_hid=671282525&ga_fc=true&fws=0&ohw=0&btvi=6&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
67904ff0c4ac70c6c6d20f4b91a1047b396a0b5683c6f6550c6706a08a344178
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
232
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://crooksandliars.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F204 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 10 Jan 2022 15:35:56 GMT
expires
Tue, 10 Jan 2023 15:35:56 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
in_search.js
resources.infolinks.com/js/1777.009-3.025/ 		123 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1777.009-3.025/in_search.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1777.009-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ed4b80efbb81a92a82a727735aa23cd0e64ba7f8fe99507b31154f3042b9ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray
6cb6fa64aa3468fd-FRA
date
Mon, 10 Jan 2022 15:35:56 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 05 Jan 2022 13:50:02 GMT
server
cloudflare
age
4262
etag
W/"1eb61-5d4d607ca5a45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
content-encoding
gzip
expires
Wed, 09 Feb 2022 14:24:54 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		375 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1777.009-3.025/ice.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d7fcc6fcc8f7cad5e4057c7add47caf4bf89bf5368158fe7a7285c0f63a1733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126524
x-xss-protection
0
expires
Mon, 10 Jan 2022 15:35:56 GMT
/
geo.privacymanager.io/ 		30 B
594 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-35.fra60.r.cloudfront.net
Software
/
Resource Hash
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:33:09 GMT
via
1.1 5626bf35345f32d3e58fb8d33ec4d967.cloudfront.net (CloudFront), 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
age
3768
x-amzn-requestid
ff967530-cd17-4ac7-a767-1440e1393c54
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-61dc43a5-7d4594a302a9635e0238f966;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P3, FRA60-P3
x-amz-apigw-id
Lu-B8EbbjoEFW5w=
content-length
30
x-amz-cf-id
MCSsQruGxZGJS-aUb3YtIyC3Yk5i0C85EulhXcJm2QeoghZAHH76Tg==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
vendor.js
embed.crooksandliars.com/js/ Frame 49FB 		559 KB
184 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.crooksandliars.com/js/vendor.js?1591398766000
Requested by
Host: embed.crooksandliars.com
URL: https://embed.crooksandliars.com/embed/dZAeyHMz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.238.37.138 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
dean.crooksandliars.com
Software
nginx / Express
Resource Hash
39ae94009ec5715f2eb0d4f092bd2d6280554ae486d05fde9c878ba9cdf1d634

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://embed.crooksandliars.com/embed/dZAeyHMz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:57 GMT
content-encoding
gzip
etag
W/"8bb3d-17286c215b0"
last-modified
Fri, 05 Jun 2020 23:12:46 GMT
server
nginx
x-powered-by
Express
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
player.js
embed.crooksandliars.com/js/ Frame 49FB 		105 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.crooksandliars.com/js/player.js?1591398763000
Requested by
Host: embed.crooksandliars.com
URL: https://embed.crooksandliars.com/embed/dZAeyHMz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.238.37.138 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
dean.crooksandliars.com
Software
nginx / Express
Resource Hash
97c4049e4693d80234ca02c53b4dd15ce3c5f9239ca2cee32909a6a02f2e9511

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://embed.crooksandliars.com/embed/dZAeyHMz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:57 GMT
content-encoding
gzip
etag
W/"1a46a-17286c209f8"
last-modified
Fri, 05 Jun 2020 23:12:43 GMT
server
nginx
x-powered-by
Express
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
js
www.googletagmanager.com/gtag/ Frame 0CA7 		90 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-65028971-4
Requested by
Host: conversations.yappaapp.com
URL: https://conversations.yappaapp.com/js/chunk-vendors.1e365abc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
67a2326a52adf037c12e7c296101fcd3361463ae815e6603e674bb055f097142
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://conversations.yappaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:57 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36312
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 10 Jan 2022 15:35:57 GMT
dark-theme.css
conversations.yappaapp.com/themes/ Frame 0CA7 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://conversations.yappaapp.com/themes/dark-theme.css
Requested by
Host: conversations.yappaapp.com
URL: https://conversations.yappaapp.com/js/app.1f234b12.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
892481627b04c76730adbc4f35801fb327d86237ae6237c037dd4b6504ad1834

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://conversations.yappaapp.com/?url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&content-id=&disable-ads=false&enable-auth-token-exchange=false&widget-type=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Dec 2021 12:12:57 GMT
server
cloudflare
age
4170
etag
W/"61b88a49-6ac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=muOQKOWWYnKVz1LCsXX6fiE384Y%2F6PkVN%2FmRqyLrX1iOlkjN4cRoevpYCNrgzJ0z%2Bt13ARk6hdjsZ%2B5wdffA6kWkavQnjj%2FZ6eVh55F4RtAr6v7oh5yk6ouG8yfcWVbIypIyjp9FtdH1E9TjJHzjIRevJM%2BxsU%2BVHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6cb6fa65af0e83b8-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
yappa-isologo.e276ca2e.svg
conversations.yappaapp.com/img/ Frame 0CA7 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://conversations.yappaapp.com/img/yappa-isologo.e276ca2e.svg
Requested by
Host: conversations.yappaapp.com
URL: https://conversations.yappaapp.com/?url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&content-id=&disable-ads=false&enable-auth-token-exchange=false&widget-type=undefined
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5158a4f31c9c535fc4f6ff4b35387850fa211dd6e7fb84ca52cec739a82c1bff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://conversations.yappaapp.com/?url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&content-id=&disable-ads=false&enable-auth-token-exchange=false&widget-type=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Dec 2021 12:12:55 GMT
server
cloudflare
age
11381
etag
W/"61b88a47-11dd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BWOs2vkVkTgKlwU5WVaxi2p4bJ%2BKlbleSJhNb4rBMka7CNnbJ%2Bo1t%2B03Z38PHiyguPpBSHzWrBsjRbjBsKYiLM7c7LEwIc3UQl%2FNTLtM3c48%2FyQDNjaVzPtvgHsy5wIIMBLezR7Mwy%2BExTlRClzPr3%2F%2BIYjqClLlYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6cb6fa65af1583b8-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
yappa-logo.8615df0e.svg
conversations.yappaapp.com/img/ Frame 0CA7 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://conversations.yappaapp.com/img/yappa-logo.8615df0e.svg
Requested by
Host: conversations.yappaapp.com
URL: https://conversations.yappaapp.com/?url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&content-id=&disable-ads=false&enable-auth-token-exchange=false&widget-type=undefined
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45487612f3817d95cfcd0d0555734168dedf00e8e1832cfb39ea327ec23cf3c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://conversations.yappaapp.com/?url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&content-id=&disable-ads=false&enable-auth-token-exchange=false&widget-type=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Dec 2021 12:12:55 GMT
server
cloudflare
age
11381
etag
W/"61b88a47-540"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T0SyQ5ZEfSx6vTlfHtUqmk3H8ntHZuLY7BSnuCR21XI1eIhlvyKNrsyPBX6ZoiQVBJ%2B0%2BYMQnikOSulqVlq2ueXvoofOBS24fUnUrEpqmnncB9LD56xSBsSZ45GhtJ6QyxWj9Vk2IGPfbJvfrKY4j6XeJdVrgYebOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6cb6fa65af1a83b8-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
metadata
comments.yappaapp.com/urls/ Frame 0CA7 		325 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://comments.yappaapp.com/urls/metadata?url=https:%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&contentId=&widgetType=undefined
Requested by
Host: conversations.yappaapp.com
URL: https://conversations.yappaapp.com/js/chunk-vendors.1e365abc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cd993faa79e79ae073b231ca8a74d29c0dc6dda364047771c795ac2c50cd7e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://conversations.yappaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MDh1ksSmFB2eo1pQReN0%2F2iHpHPNxHw63GCITdKd8rjGXxeBU3FJzSkHWjr9duWfMRktySAfCGwp9sf13Auw2hi5IlR82wNMLSUU3toAMKYYsWGylesezgdZN93FXzBCM6qKOe4D2AOXZRwZ9U5oxLcfhgI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-yappa-jwt, content-disposition
cf-ray
6cb6fa662826047e-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id
136519
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 55E1 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:56:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2363
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 10 Jan 2022 15:56:34 GMT
0.m3u8
vid.connatix.com/0f8c5ab0-5019-46db-b52f-0b43b776490b/ Frame 3C9B 		435 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/0f8c5ab0-5019-46db-b52f-0b43b776490b/0.m3u8
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e500e478c9c3073f1d08c18e6d2aa0737ea56fe5d149e0d643107aaf1c43c4da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:57 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 18:17:02 GMT
age
398540
etag
"4151ab974aa458037982ca3041694b56"
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
231
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame B0E9 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:56:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2363
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 10 Jan 2022 15:56:34 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame ADF4 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:56:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2363
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 10 Jan 2022 15:56:34 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=crooksandliars.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:35:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=crooksandliars.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:35:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		61 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2410621596312829&correlator=1359358010970731&output=ldjh&impl=fifs&eid=31063378%2C31063975%2C31063256%2C31063918&vrg=2022010402&ptt=17&tfcd=0&sc=1&sfv=1-0-38&ecs=20220110&iu_parts=5376056%3A1010624%2Ccrooksandliars_leaderboard%2Ccrooksandliars_side_1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=1x1%7C728x90%7C970x250%7C970x90%2C1x1%7C160x600%7C300x250%7C300x600&prev_scp=post_id%3Dunknown%26member%3Dno%26split_version%3D7787%26proper_site%3Dcrooksandliars%26proper_slot%3D1%26tags%3Dunknown_desktop%252Cunknown%26proper_floor_970x90%3D2.50%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%7Cpost_id%3Dunknown%26member%3Dno%26split_version%3D7787%26proper_site%3Dcrooksandliars%26proper_slot%3D3%26tags%3Dunknown_desktop%252Cunknown%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0&eri=1&cookie=ID%3D3e7e576597cad971-22ee45191acd00bc%3AT%3D1641828955%3ART%3D1641828955%3AS%3DALNI_MZEL4o_273NeNMaJ7CTsFfwUaxsZg&bc=31&abxe=1&lmt=1641828954&dt=1641828957093&dlt=1641828954568&idt=1618&frm=20&biw=1600&bih=1200&oid=2&adxs=800%2C1055&adys=15%2C828&adks=3278398655%2C3583374100&ucis=7%7C8&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x300%7C300x0&msz=1600x0%7C300x0&ga_vid=228879631.1641828955&ga_sid=1641828955&ga_hid=671282525&ga_fc=true&fws=4%2C0&ohw=1600%2C0&btvi=0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010402.js?31063975
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
35bcb837f43ab5006496b8bb433ea8ee78f08ff7da0ccb92b146c6b8d2485e2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18766
x-xss-protection
0
google-lineitem-id
5836876057,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138371557808,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://crooksandliars.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
geo.privacymanager.io/ Frame 6A5A 		30 B
595 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-35.fra60.r.cloudfront.net
Software
/
Resource Hash
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:33:09 GMT
via
1.1 5626bf35345f32d3e58fb8d33ec4d967.cloudfront.net (CloudFront), 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
age
3768
x-amzn-requestid
ff967530-cd17-4ac7-a767-1440e1393c54
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-61dc43a5-7d4594a302a9635e0238f966;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P3, FRA60-P3
x-amz-apigw-id
Lu-B8EbbjoEFW5w=
content-length
30
x-amz-cf-id
BTwQjjiG9vbG1Rp6QkjQykLzVuJmcON_uelXPF_XCj2lEyc0-mXJag==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202201060907/ Frame 6A5A 		186 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202201060907/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/pOIAx-8QWovHK9PBpEctv-fzgXs/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
34c32eeae87ec0ddd2efd4762a8fc9c0aeca9cade89f466923ad23ff8bb849a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:35:57 GMT
Content-Encoding
gzip
Age
268
X-Cache
HIT
Connection
keep-alive
Content-Length
60869
x-amz-id-2
R71lTCt+DSML/xJAXu47jNOzBTg2Zmm1tpInDQCF4zz+sLczsDLCyhcTlEyhWagYnXCtLEoTDXc=
X-Served-By
cache-hhn4059-HHN
Last-Modified
Thu, 06 Jan 2022 14:12:48 GMT
Server
AmazonS3
X-Timer
S1641828957.117356,VS0,VE0
ETag
"1182e09311a5320d3c428f2adc809ed0"
x-amz-request-id
ABE4VM94QHNTAVG0
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
516
impression
trends.newsmaxwidget.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.newsmaxwidget.com/event/impression
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.237.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-237-91.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Mon, 10 Jan 2022 15:35:57 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
strict-transport-security
max-age=931536000; includeSubDomains
defaultWidget~feedWidget.delivery.js
assets.revcontent.com/master/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b2612c718234da702ea006e4927c721f4eb073a6c82d1e59906d0f49d748f3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:57 GMT
content-encoding
gzip
last-modified
Thu, 06 Jan 2022 16:22:30 GMT
server
AmazonS3
x-amz-request-id
MYCJQJ035C2V2FED
etag
"6ab70188c911ccb4b1fe423eb434fb14"
x-hw
1641828957.cds138.fr8.hn,1641828957.cds154.fr8.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
7714
x-amz-id-2
doRDAP3ves5SXaCKZU/2UVNtqgCQj1gQjwlx12Dvf+yrV8dIT6gv7tW4W+CNtlldxHsv3Kcfdg4=
defaultWidget.delivery.js
assets.revcontent.com/master/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/defaultWidget.delivery.js
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0651dec239d8752440324a6dda9339c03fa68eda296ab9acf2d065eec3f4c3df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:57 GMT
content-encoding
gzip
last-modified
Thu, 06 Jan 2022 16:22:26 GMT
server
AmazonS3
x-amz-request-id
MYCJYRQ0J76AR7A8
etag
"73d6e97513a832603ea5f639bfde364a"
x-hw
1641828957.cds138.fr8.hn,1641828957.cds280.fr8.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
6278
x-amz-id-2
YvAUtBwvCmMpEm7wHSV19aw+v1NGA9aiaTxLdAvSxwYlnkF3l9CS5wFiZqJYA2Poa3m3Wba9a9E=
integrator.js
adservice.google.com/adsid/ Frame 3C9B 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:35:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame BF17 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUMWFFn3CeuUY7HL-Kf7EshQUGnBMPJpXKf4Bob94EEFg2WTknW8C3lwdukz7TwHJwnP6bT605Uyc5rV5NTiPX2SX9UJsP-KE0Xwb69E9CDV1lNOiJLoKIMmDxubOHwk-9CXxQqslJW9fgYKF8VAoFb4G3xFLHeS1Zz96b6oigUcP4VR6c6-A4yviiV41y5KPBJtsZPwvkPpAWt7bxefZt74-aMzKq11H9xev8t8RWbtWrMEQxqcqjz_p3uv7lX4qTFCqKNuPzwCzd8w_TXeOr6nBw8WKqFiYKkCHnxGNA-e_cmHBjFj7NuAan_aXt0RLLeFGcio5_Dk1ls40ZHhac8g&sig=Cg0ArKJSzIb95FnCL06VEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:35:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
track.adform.net/adfscript/ Frame BF17 		1008 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=46688788;rtbwp=YdxSXAAAAAAIIElMYxlwdP5bz4GeEjF0GsMWKA;rtbdata=bN-gJ_rN8wXYmLEfnT1L8jWldT_tslZIiIR98NwVlXShlV4_GhkZWpZ29P050fuYZqtlexx74EyQ46P3k7ixSONHU44RzfCSUKuczeshBQP9T_9bqROc39v9jrP0a79h0RunnUg298tDBOM6P-o_lghUKotLelcbR8lcYmtqEI0qHMckcoZdiIBE0K4F8zM66PJdBbokhs1XurCCTKxqyzKahT1VEHmsgqkTyjm8WxErZmEv5Q4g_SmJ_IU6mQ8yZbviwnvRADMnYfX9AcMSX6uJiUApLKFLomN1-c6UvUo1
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9bccc8819bd7821140ca478a8e4b97c8d3690a7aa9cdf3c42f7a750045589421
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:57 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
875
expires
-1
v1
a5264.casalemedia.com/impression/ Frame BF17 		43 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a5264.casalemedia.com/impression/v1?bidID=62104380-8626-42a5-9d0d-0b389911988c&traceID=c7e54mo9r2nq246vk350&dspID=111&userID=&cmpro=0&ap=0.01
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.170.61.205 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:35:57 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=100
Content-Length
43
Expires
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BF17 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37632
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641385868096614"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 10 Jan 2022 15:35:57 GMT
pixel
protected-by.clarium.io/ Frame BF17 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_RnNlZXpfLW5EeVdRWElKc2Jub0trS1RIWEM0L2l4OjMyMHgxMDA=&v=5&s=v31fp2a3f30&id=eyJwcmViaWQiOnsiYWRJZCI6IjE0MDZlNzY3NWVhNzhhMGUiLCJjcG0iOjAuMDEsInMiOiJkaXYtaW5zdGljYXRvci1hZC0zIiwic3JjIjoiY2xpZW50In0sInRwX2NyaWQiOiJQQjppeDsyNzczNzcxNiIsImFkb21haW4iOiJtcnZlZ2FzLmNvbSJ9&sb=undefined&cb=4669069&h=crooksandliars.com&d=eyJ3aCI6IlJuTmxaWHBmTFc1RWVWZFJXRWxLYzJKdWIwdHJTMVJJV0VNMEwybDRPak15TUhneE1EQT0iLCJ3ZCI6eyJrIjp7ImhiX2JpZGRlciI6WyJpeCJdLCJoYl9zaXplIjpbIjMyMHgxMDAiXX19LCJ3ciI6MH0=
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.247.85 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-247-85.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:35:57 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/ Frame F7FC 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5155643920455169&plah=crooksandliars.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
73271f83e0d89e09da51434a964dde15ced7b91331f3b96357eb05ee81a85567
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 09 Jan 2022 16:15:14 GMT
expires
Sun, 23 Jan 2022 16:15:14 GMT
content-type
text/html; charset=UTF-8
etag
2196020943555189384
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4873
x-xss-protection
0
age
84043
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/ Frame 2EE3 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5155643920455169&plah=crooksandliars.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
73271f83e0d89e09da51434a964dde15ced7b91331f3b96357eb05ee81a85567
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 09 Jan 2022 16:15:14 GMT
expires
Sun, 23 Jan 2022 16:15:14 GMT
content-type
text/html; charset=UTF-8
etag
2196020943555189384
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4873
x-xss-protection
0
age
84043
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
0.mp4
vid.connatix.com/0f8c5ab0-5019-46db-b52f-0b43b776490b/ Frame 3C9B 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/0f8c5ab0-5019-46db-b52f-0b43b776490b/0.mp4
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
388d2f5e626dec1988b5e8492f6856d16228570edd27f36ecf39e70da96da95a

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=0-1322

Response headers

date
Mon, 10 Jan 2022 15:35:57 GMT
last-modified
Wed, 29 Dec 2021 18:17:02 GMT
age
495624
etag
"2828f2657694573cc80bf9d772e8d17d"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 0-1322/3045194
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
1323
view
securepubads.g.doubleclick.net/pcs/ Frame 6776 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXH4aoLLRe7HW_M2w73V7aUWCGxcnB-PoeDr4_Pd9F7EYl6gmVVA5EBnjlrxzSBDMECPVmO8avOqbB0yvfPdmDeCBSQo9_FzX50GOVVHgRlFxgquktKzcR4G23nQG_Vx3QdaC8dAOkQYHDZPW8cJL4uPbCGbpCRnBTgfgBgCUe0taeEkuKQi6x2Uijc15YZA_23WryROqTn7Z9WoJCqtP3kxnaWk6xsCYWPp_HofWRxOmO9_m97Q9Hqcjrgjl1NIPl4KdGebWZqik0-FKS8WuBwkB77iq3uuDYPDfWnF4XH7ks-msvUq3GV3jAuxqdj1vAPcBq6E__rucqMjB2FQ8SW_QTOSQ&sig=Cg0ArKJSzLh-G_A8sKzGEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:35:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
track.adform.net/adfscript/ Frame 6776 		1003 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=36796705;rtbwp=YdxSXAAAAAB_hxGm11uAtxhSpYKRmQPT8k33Gw;rtbdata=-tyE_VEosu5KoaypkrgWT5xba6JP2eZvzludDmwMoZAYzXsebAu70xBS9tOuhzZ1Zqtlexx74EyQ46P3k7ixSONHU44RzfCSUKuczeshBQP9T_9bqROc39v9jrP0a79h0RunnUg298tDBOM6P-o_lghUKotLelcbR8lcYmtqEI0qHMckcoZdiKmS-MwLyzEI6PJdBbokhs1XurCCTKxqy21H07YFavlfxppwppddD8mHfuzNXtEdZSmJ_IU6mQ8yZbviwnvRADMnYfX9AcMSX6uJiUApLKFLvvk7P4m62a81
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e8ae68a17c57a751288a12f79c49da833531c5a8bf7764b0f8c30a2897e1af10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:57 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
864
expires
-1
v1
a5264.casalemedia.com/impression/ Frame 6776 		43 B
302 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a5264.casalemedia.com/impression/v1?bidID=c692ead3-5168-478e-9d82-5ab7be01b9e3&traceID=c7e54mo9r2nq246vk350&dspID=111&userID=&cmpro=0&ap=0.01
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.170.61.205 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:35:57 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=99
Content-Length
43
Expires
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6776 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37632
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641385868096614"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 10 Jan 2022 15:35:57 GMT
pixel
protected-by.clarium.io/ Frame 6776 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_RnNlZXpfLW5EeVdRWElKc2Jub0trS1RIWEM0L2l4OjMyMHgxMDA=&v=5&s=v31fp2a3f67&id=eyJwcmViaWQiOnsiYWRJZCI6IjEzOWNlNTEzOTY1Y2ZkYTEiLCJjcG0iOjAuMDEsInMiOiJkaXYtaW5zdGljYXRvci1hZC1jbXQtMiIsInNyYyI6ImNsaWVudCJ9LCJ0cF9jcmlkIjoiUEI6aXg7MjEwMDMwMjQiLCJhZG9tYWluIjoidmlkZW9zbG90cy5jb20ifQ%3D%3D&sb=undefined&cb=4584634&h=crooksandliars.com&d=eyJ3aCI6IlJuTmxaWHBmTFc1RWVWZFJXRWxLYzJKdWIwdHJTMVJJV0VNMEwybDRPak15TUhneE1EQT0iLCJ3ZCI6eyJrIjp7ImhiX2JpZGRlciI6WyJpeCJdLCJoYl9zaXplIjpbIjMyMHgxMDAiXX19LCJ3ciI6MH0=
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.247.85 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-247-85.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:35:57 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Tweet.html
platform.twitter.com/embed/ Frame D222 		487 B
970 B 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479540381872271362&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CED) /
Resource Hash
97437ddda31de1d9582d9959a3eac685b57e88c061945e8b61624656cff97a25

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
42
Cache-Control
public, max-age=1800
Content-Type
text/html; charset=utf-8
Date
Mon, 10 Jan 2022 15:35:57 GMT
Etag
"d2ae6062fdb589003afca58b94948bda"
Last-Modified
Thu, 06 Jan 2022 19:46:17 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (mil/6CED)
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
487
Tweet.html
platform.twitter.com/embed/ Frame AFD7 		487 B
970 B 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479530205513351170&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CED) /
Resource Hash
97437ddda31de1d9582d9959a3eac685b57e88c061945e8b61624656cff97a25

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
42
Cache-Control
public, max-age=1800
Content-Type
text/html; charset=utf-8
Date
Mon, 10 Jan 2022 15:35:57 GMT
Etag
"d2ae6062fdb589003afca58b94948bda"
Last-Modified
Thu, 06 Jan 2022 19:46:17 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (mil/6CED)
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
487
Tweet.html
platform.twitter.com/embed/ Frame A41E 		487 B
970 B 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-2&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479436233357119489&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CED) /
Resource Hash
97437ddda31de1d9582d9959a3eac685b57e88c061945e8b61624656cff97a25

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
42
Cache-Control
public, max-age=1800
Content-Type
text/html; charset=utf-8
Date
Mon, 10 Jan 2022 15:35:57 GMT
Etag
"d2ae6062fdb589003afca58b94948bda"
Last-Modified
Thu, 06 Jan 2022 19:46:17 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (mil/6CED)
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
487
analytics.js
www.google-analytics.com/ Frame 49FB 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2640119-6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://embed.crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2091
date
Mon, 10 Jan 2022 15:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 10 Jan 2022 17:01:06 GMT
container.html
d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F209 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202201060907/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 10 Jan 2022 15:35:56 GMT
expires
Tue, 10 Jan 2023 15:35:56 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 57C0 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_59172a559156a275174986debedb08b4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=59801
expires
Tue, 11 Jan 2022 08:12:38 GMT
date
Mon, 10 Jan 2022 15:35:57 GMT
vary
Accept-Encoding
creatives-base-styles.d63dbc50.min.css
assets.bounceexchange.com/tag/css/ 		37 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/tag/css/creatives-base-styles.d63dbc50.min.css
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_59172a559156a275174986debedb08b4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ad1e6142ee4942d81f5db672be8ecbe0a3252751e92ee31d1167426fcb3b3f9b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 06:20:13 GMT
age
2106944
x-guploader-uploadid
ADPycdugt7ppSJcCXnOyx7YmH2Xh1OzefhmDZVG0b0nP1BFPiKZWvDEg2F-AsuYE4QQkFQc_nfTtLsuWAzYGbsxXk08
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37591
last-modified
Thu, 29 Apr 2021 19:42:40 GMT
server
UploadServer
etag
"b79200767ce874ab5c16c317f730a7c6"
x-goog-hash
crc32c=dfY1Tg==, md5=t5IAdnzodKtcFsMX9zCnxg==
x-goog-generation
1619725360267850
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
37591
accept-ranges
bytes
content-type
text/css
expires
Sat, 17 Dec 2022 06:20:13 GMT
visit
events.bouncex.net/track.gif/ 		42 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/visit?wklz=G4SwziAuBcCuYFMBOBDA5ggdpAvAWQHsAvEAG1JQFIAmAMQFYA6ABhuYAoB1ETAEwIDuYNgDkAKmwCMzFpQDMAITbdMANgAs8pdWYAPDQEo2AQQAOp0gk4IARgGkoNBnIDsjOarbs7ACTF4AGRoAYTZSEABrBDYAcQQAYwiCIx1ggAskAgBbaLoATjcZdVU86kYXSTYAZRQAMxQkECd6V3dVADJQCBgkBFrkXqQcTvAoaAo+HjRTdARYJFIcNMhIU2FqFuMaejptunjMggiwFD5whrBGeOy92h1qalvmSo26G1PMAkwAWjBv08gIG+wBQum+1yQvTApi+vCwkG+NgoOT+aXAI260ChBFIsEBX10OEkqmYzAxY2xuPxmAAnkSdGSumN4vBINkQY0UEiEGAcJQXEoXAARckwa5HEAIPkCmjUWrASCy+TGYnqSQADmo6ry9E81FCD1AvCVchVGg1Wp1qhccjykkkeRCspQBBNxlY+tlpFMbtly1W602t1uBwIRxOZxAFyuN1ed2YDyeLx2tHemE+Pz+AKBILBEKhML48MRyJ53zR60enoeKEryo9BuowFMwDdL0bxsTptlnarjaQvsTQ8b8QVbfNmu1uqdDwgveV33bsrQBzdJRn1CybobPZA8+7D2t1A0eXUckkLh2kmokha6+HXrHXbNasnVo38RQWRmIDQmDr3Yyg80gXiU6q+kBTats+O4PKQT6PKaqoWlOnjChu0hyMe6guBB2hQduG7wYqz7IW+07odWN7MFhJ54bKwDQYh7pEQhypkZaFFChhNHHvQLzMfy+GMYRVHEeOr6cWh3GUY2THKkJ-IySK8DILM2DQDYmRCMgODpJkOTtKpqAYBpwDIBAXw4AULCMMUpTlJIRmICZ8LQBYKCQLUBBIFkOAqPwQhSGSxnqTAcKgPECCQDSphSnCYARGypjtCyYBsjkSDQGktbXJg5lIJACC8DgZIYAQ0DXLA2BIDS1xwjgQoAKLtOVlUENVkC1fVCByI1TUAKqtQgFVVTVNKYF+UpxL5pw0sNFW9GgIBWcw9ALZVUB0rQqCYBEtTzCRzDGFuOh4CgPAbTC6UoKQPU4CStEbXlgKYPC92DRtS0remU04D4PKIJg7RZAQDVkgItjdAge44B4zyirDHGoTadoOu0EUgFFsNHieZ4XleN53nk7QzBgoAIAISPtIgACOsBYNjJVkvE4TwoCKKQF+phEhOnGXvQLNs9gKCmCABWWZgOBc2gcgYwgkXxTTHVIFFOCQzY7RhTgxlAA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:56 GMT
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
pageview
events.bouncex.net/track.gif/ 		42 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/pageview?wklz=A4Qw5gpgbglhDuAuArgJwDYF4AWAXXwAzgKQDMAgsQEwBi1NAxqgPbMDWhIAdgCbowhUhAHQNmAW3pUADFSr1pARnoAjbl2ZcAtIS3dcMLVBAAPLWNSoIhYJp4QuuLSvQhx1rdhiEAZKEiwCIgMyIS4EsaoAi7WmMQA7ABCCQAifuDQcEhi7HCEMABeEJgALIoAHOkBWYjcDNjMqIgAZszIvIiK0qRUAGwl8ZjSVZlBdQ1Nre08nd19JQCcmIojgUjjjS1tHV09vQCsiss+4sz2Qz7wECr5uBAwPJikvUo+sLcPy-0VVOUL+714qQFopFAsfPZYAx7o9AfMFiVSIp4vsqIo0ftnuD-KN4J8VoQIABHZAOaH4nwMfgOfAwdxhNzAL5lcq-f4o1GU6mOEDAGBQCBCGCaTC4cCkCGZaGYHg+QhtVDSq4qHwZRyYUKCoA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:57 GMT
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
sync
ssp.behave.com/
Redirect Chain
  • https://ssp.behave.com/push_sync
  • https://ssp.behave.com/ul_cb/push_sync
  • https://x.bidswitch.net/sync?ssp=bouncex
  • https://ums.acuityplatform.com/bum?tpid=29&uid=d0773446-703e-4748-9935-7778e55be987&bidswitch_ssp_id=bouncex
  • https://x.bidswitch.net/sync?dsp_id=236&user_id=&expires=30&user_group=1&ssp=bouncex
  • https://ssp.behave.com/sync?tp_id=2&tp_uid=d0773446-703e-4748-9935-7778e55be987
43 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.behave.com/sync?tp_id=2&tp_uid=d0773446-703e-4748-9935-7778e55be987
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
HTTP/1.1
Server
35.207.10.239 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
239.10.207.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
//ssp.behave.com/sync?tp_id=2&tp_uid=d0773446-703e-4748-9935-7778e55be987
Date
Mon, 10 Jan 2022 15:36:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cmp
events.bouncex.net/track.gif/ 		42 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/cmp?wklz=MYewdgzgpmAuBcsCWBbKBlWBDFAHAvAIwBsALIQBwBMFAnAKz3H0AMAZKJDAgBZYQBhcNDj4wIAKRUWwPGxQgAJlHzsA7lABGEJLChJF+AMzEWhNgDckO5IZLlqdJgHYjtQoVptlV4PsPEzlRktKRGhM70VITR9CZeuFgA5lBWUGoGRGzQAI4ArjB+mVQcADZI3MhoENh4RGSUNAyRxEZlFXBYuEgWUABOOuD42EltPkh++IrZIHl9kxqabMnc+HnQfUA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:56 GMT
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 6062
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YdxSXBt8uWyTtIAi9xXNZAAABHYAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YdxSXBt8uWyTtIAi9xXNZAAABHYAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YdxSXBt8uWyTtIAi9xXNZAAABHYAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:35:58 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
AWXFV3AEWGC4D3GMFG43
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:35:57 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
MBZEN10WMY51PEDA0ZTB
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YdxSXBt8uWyTtIAi9xXNZAAABHYAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 6062 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:57 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 6062 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YdxSXBt8uWyTtIAi9xXNZAAABHYAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6062
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YdxSXBt8uWyTtIAi9xXNZAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECRnvGpQ31a66EFFmekFnmA&google_cver=1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECRnvGpQ31a66EFFmekFnmA&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:35:58 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 10 Jan 2022 15:35:58 GMT

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECRnvGpQ31a66EFFmekFnmA&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
indexexchange
sync.adotmob.com/cookie/ Frame 6062 		0
0
ix
ad4m.at/ad/sim/ Frame 6062 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
ibs:dpid=23728&dpuuid=YdxSXBt8uWyTtIAi9xXNZAAA%261142
dpm.demdex.net/ Frame 6062 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YdxSXBt8uWyTtIAi9xXNZAAA%261142?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.109.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-109-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
index
dmp.brand-display.com/cm/api/ Frame 6062 		43 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.171.117 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-171-117.us-west-2.compute.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:58 GMT
last-modified
Mon, 10 Jan 2022 15:35:58 GMT
server
nginx/1.20.2
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 10 Jan 2022 15:35:59 GMT
ix-usync
router.infolinks.com/dyn/ Frame 6062 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/ix-usync?uid=YdxSXBt8uWyTtIAi9xXNZAAA%261142
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6cb6fa69d90c68fd-FRA
content-length
35
expires
Sun, 10 Jan 2021 15:35:57 GMT
summary
comments.yappaapp.com/comments/ Frame 0CA7 		61 B
858 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://comments.yappaapp.com/comments/summary?url=https:%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&contentId=&domainList[]=220&domainId=220
Requested by
Host: conversations.yappaapp.com
URL: https://conversations.yappaapp.com/js/chunk-vendors.1e365abc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e58a86fb73eafe94682b7f64bc34cb6df640779141f97804768b0dbc73dbc9b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://conversations.yappaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tQnxNcqeZyyx236DEYADc1pPOyC9hq2DhqDaKdxZsnF6HLz9a9SQJTrUN00%2Fky9ZKYD5U54628CHG%2Ff9lRNtk%2FaQFrru3siqGLhiXPoaIBWZ23%2FS%2BJI1UAih7CGe3Nw%2Bl4sgZ4Q2R314JRl37eKIW1B%2F8E8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-yappa-jwt, content-disposition
cf-ray
6cb6fa691d91047e-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-request-id
136522
view
securepubads.g.doubleclick.net/pcs/ Frame C076 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBGjbIIJOsrhg8sR0CY4z0pnk5cMrSVjTRyqIAK3OK9ZVRKcWiexLZKPM1B2nB2_f0qOhSgTYqRtMksTl0ujciLhTfR4DZi1cZplG6QjYEgNFO3NgKOyYObEkrmobCH8zLOj1lvgWA4Ljdlw4mYHrFQMCJLjedThqqCUl383kvxr-hvAfO0gAfazcGQWYBFDeHjqUIoBqLDVWbvHRL_QGvoenlQ4Ue4mvGoMlTo4iSqD7y4p8VeH2NaB18wpvyyqrqsJRNE9GvJCc1nGLqsqqXDAa6tw1jniJbv7BOKSzVNS-vtygoWt8-yYMsSC5SarRMYxe5JgY60g&sig=Cg0ArKJSzBsCwfPe07VcEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:35:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C076 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37632
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641385868096614"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 10 Jan 2022 15:35:57 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012111011823000/ Frame AA62 		189 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202201060907/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
10104
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55592
x-xss-protection
0
server
sffe
date
Mon, 10 Jan 2022 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"11dee2040f5fc1d7"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 10 Jan 2023 12:47:33 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame AA62 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202201060907/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
10104
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4992
x-xss-protection
0
server
sffe
date
Mon, 10 Jan 2022 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"858600ba27ef7413"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 10 Jan 2023 12:47:33 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame AA62 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202201060907/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
10104
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28555
x-xss-protection
0
server
sffe
date
Mon, 10 Jan 2022 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a64e482645fd262b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 10 Jan 2023 12:47:33 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame AA62 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202201060907/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
10104
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1731
x-xss-protection
0
server
sffe
date
Mon, 10 Jan 2022 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cb4f0e89d7d37d9b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 10 Jan 2023 12:47:33 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame AA62 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202201060907/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
10104
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12826
x-xss-protection
0
server
sffe
date
Mon, 10 Jan 2022 12:47:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"0f988502fa2967b0"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 10 Jan 2023 12:47:33 GMT
truncated
/ Frame AA62 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de740dfbf446e1e7877ff5efc5f341734505ba9ba51d742027003716056f8f73

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
4413887070261896371
tpc.googlesyndication.com/simgad/ Frame AA62 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4413887070261896371?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnm-FHeHxbGi7abwajul8Q6SHzZVw
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59563301bce57390efe2bba55a186c611fac7ff708e771ec0cd8b959970732b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 09:39:26 GMT
x-content-type-options
nosniff
age
366991
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100404
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 09:11:05 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 06 Jan 2023 09:39:26 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AA62 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 09 Jan 2022 20:15:16 GMT
x-content-type-options
nosniff
server
cafe
age
69641
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 10 Jan 2022 20:15:16 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AA62 		295 B
757 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 05:43:34 GMT
x-content-type-options
nosniff
server
cafe
age
35543
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 11 Jan 2022 05:43:34 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame AA62 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CNy1FXVLcYeWYCpfpgQfA76noCNHswNpn3_D02ZsPloLNhYgWEAEg2Oq2IGCVAqABh4O_9wPIAQLgAgCoAwHIAwiqBNcCT9D4e8qnctj-vdXPLWgF9Ik7XxrYij3jgOTUnpjpazhn_UwmSTKj1fco4jiQv2MhGPQ934TsoMv8HefydpKgEd6UoWcMvXsUwgN_HVKn3fbRvgXUFCo8kYZ2BNaJIMORkgPdExRCZ6r02k2DS0NrjsJCiBNIdG0WbYJg9aAvH8uIcXQ00nGKzC7sNanc_k1QRdnNJiXJnqkEnEJ0pFRupJNGTqCWWWKotfJxdBmDVWz5i6sB0mEoBwBVYiop6tPxDKOX2rJ7LkaiiRTfIvoj-qyGMy_1QzBN59Y3CQx3otUraoUXE4zxEOTawjXaxUPvahSKBb8lNDLPReubm8J0sdj-0XBeFd5Y-em--O6pB_ik8ff2cgKd0PYk25dAAshPQGUk2ezY_xZkD4F7DF67cDdBEoS-zSjzHOVkSmgD7IfYO58wLtQ2sgK501EXvb49QSRQA_-uncAE-JWwt7UD4AQBkgUECAQYAZIFBAgFGASgBgKAB6a7_oUBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQiJUG0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0xODg4MTAxMjcyMjE1NDA5gAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTY4OTc5MDIxOTE3MTQ4MzMY0JwS&sigh=ecJPPt2M5Zc&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
analytics.js
www.google-analytics.com/ Frame 0CA7 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-65028971-4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://conversations.yappaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2091
date
Mon, 10 Jan 2022 15:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 10 Jan 2022 17:01:06 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame BF17 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
18191afabdd55f31f8da7876213eb471318fcbff80cd186aba13bbe8d7461585

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:57 GMT
content-encoding
gzip
last-modified
Wed, 05 Jan 2022 15:01:11 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 11 Jan 2022 18:23:54 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 6776 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
18191afabdd55f31f8da7876213eb471318fcbff80cd186aba13bbe8d7461585

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:57 GMT
content-encoding
gzip
last-modified
Wed, 05 Jan 2022 15:01:11 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 11 Jan 2022 18:23:54 GMT
loader.js
soapps.net/live/loader/ 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://soapps.net/live/loader/loader.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.119.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-119-75.compute-1.amazonaws.com
Software
nginx/1.17.10 /
Resource Hash
16d6d7ba4006096fb536c7321f156e466e93bad8397ead0a325368974436037f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:35:57 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Wed, 17 Nov 2021 08:30:52 GMT
Server
nginx/1.17.10
ETag
W/"6194bdbc-1ef37"
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Type
application/javascript
Cache-Control
public, max-age=300
Transfer-Encoding
chunked
Connection
keep-alive
bc80dfa8-3b38-41b6-8558-e3ee71cdbff5
https://embed.crooksandliars.com/ Frame 49FB 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://embed.crooksandliars.com/bc80dfa8-3b38-41b6-8558-e3ee71cdbff5
Requested by
Host: embed.crooksandliars.com
URL: https://embed.crooksandliars.com/embed/dZAeyHMz
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
369.json
id5-sync.com/g/v2/ 		213 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/369.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.183 , France, ASN16276 (OVH, FR),
Reverse DNS
p08.id5-sync.com
Software
/
Resource Hash
7e5d71bf37926539e1b55691822f0e5e02304f73ba99d3cede0ffa2c1f3d5324
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://crooksandliars.com
Date
Mon, 10 Jan 2022 15:35:57 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ 		63 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-14-23.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a4e5a5c39be306c635d491912a54940830f24a3bfe31d321c031004035884d26

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:57 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://crooksandliars.com
cache-control
no-cache
x-server
10.45.0.17
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
rid
match.adsrvr.org/track/ 		108 B
652 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=mp4hjl8&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
49f9c7248bcacd2ce1f629f69e7a7c83e0549677f179aee7fe0fbc375438252a

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 10 Jan 2022 15:35:57 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Wed, 09 Feb 2022 15:35:57 GMT
0.mp4
vid.connatix.com/0f8c5ab0-5019-46db-b52f-0b43b776490b/ Frame 3C9B 		660 KB
661 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/0f8c5ab0-5019-46db-b52f-0b43b776490b/0.mp4
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b96e68dd88ef88d00c41a0e6322dcfdbacf5bd30508405278376ae97fcf889a6

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=1323-677370

Response headers

date
Mon, 10 Jan 2022 15:35:57 GMT
last-modified
Wed, 29 Dec 2021 18:17:02 GMT
age
495624
etag
"2828f2657694573cc80bf9d772e8d17d"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 1323-677370/3045194
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
676048
default.jpg
prod-static.yappaapp.com/media/thumbnails/ Frame 0CA7 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-static.yappaapp.com/media/thumbnails/default.jpg
Requested by
Host: conversations.yappaapp.com
URL: https://conversations.yappaapp.com/?url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&content-id=&disable-ads=false&enable-auth-token-exchange=false&widget-type=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c000:6:6801:f140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1110b1518b3a57618a438245bc322c16fe1a1e9d2e3b97929ca20d76b7bdaab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://conversations.yappaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 18:52:03 GMT
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
last-modified
Tue, 14 Dec 2021 12:10:17 GMT
server
AmazonS3
age
161034
etag
"37653b99d81e07760cc68d99318f400c"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=259200
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
26528
x-amz-cf-id
XBtKxBIwU269ck04ux0oaqOSwhoSoAxaxbw2hlPkmNEZnHS-WMIREA==
expires
Wed, 21 May 2025 00:00:00 GMT
picture-4.jpeg
prod-static.yappaapp.com/placeholder-profile-pics/ Frame 0CA7 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-static.yappaapp.com/placeholder-profile-pics/picture-4.jpeg
Requested by
Host: conversations.yappaapp.com
URL: https://conversations.yappaapp.com/?url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&content-id=&disable-ads=false&enable-auth-token-exchange=false&widget-type=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c000:6:6801:f140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01ce1bee94b62cf2f5a2126185610761dca98aa36e65758727f02a7186375271

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://conversations.yappaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 22:43:53 GMT
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
last-modified
Tue, 14 Dec 2021 12:10:17 GMT
server
AmazonS3
age
147131
etag
"3b75036f83beb7543ce12d7647cb5f71"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=259200
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
7559
x-amz-cf-id
UaFjfaIW4yZPJV64NmZQF454U9YdaoccpiVtbqEQRbRBCkqKXPKTXA==
expires
Wed, 21 May 2025 00:00:00 GMT
picture-24.jpeg
prod-static.yappaapp.com/placeholder-profile-pics/ Frame 0CA7 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-static.yappaapp.com/placeholder-profile-pics/picture-24.jpeg
Requested by
Host: conversations.yappaapp.com
URL: https://conversations.yappaapp.com/?url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&content-id=&disable-ads=false&enable-auth-token-exchange=false&widget-type=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c000:6:6801:f140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b5aae7e7331fb19ed584bc23aa60c439e41708b2b2f04adb687aff0dc90ad49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://conversations.yappaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 15:23:34 GMT
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
last-modified
Tue, 14 Dec 2021 12:10:17 GMT
server
AmazonS3
age
135382
etag
"bf4c65b6b3eb50eb0bdf5d15472adae4"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=259200
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
7885
x-amz-cf-id
4lEvI8iVq3DdmxL1GIQUChV8Qw3vYc7ymRfccdu3ULG_uV-oZ-_5kw==
expires
Wed, 21 May 2025 00:00:00 GMT
picture-9.jpeg
prod-static.yappaapp.com/placeholder-profile-pics/ Frame 0CA7 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-static.yappaapp.com/placeholder-profile-pics/picture-9.jpeg
Requested by
Host: conversations.yappaapp.com
URL: https://conversations.yappaapp.com/?url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&content-id=&disable-ads=false&enable-auth-token-exchange=false&widget-type=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c000:6:6801:f140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f1284bd89f02e092c5dade10cdc853d3f572964f6bb2960cd6e3a6a6e04ea373

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://conversations.yappaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 13:53:40 GMT
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
last-modified
Tue, 14 Dec 2021 12:10:17 GMT
server
AmazonS3
age
171950
etag
"a549a9ee15606ecb4fc25fa37492a0b7"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=259200
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
7819
x-amz-cf-id
VWLJMzz5uV6jtUTwlHD_K5t6ZynoTNUQcpw1Oklgoin-qoR0rHG3eA==
expires
Wed, 21 May 2025 00:00:00 GMT
picture-20.jpeg
prod-static.yappaapp.com/placeholder-profile-pics/ Frame 0CA7 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-static.yappaapp.com/placeholder-profile-pics/picture-20.jpeg
Requested by
Host: conversations.yappaapp.com
URL: https://conversations.yappaapp.com/?url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&content-id=&disable-ads=false&enable-auth-token-exchange=false&widget-type=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c000:6:6801:f140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
90f38fa2c7302d04056afb97c9c2e779f08b8c01ec2b5407d250e393a8f069cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://conversations.yappaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 23:46:22 GMT
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
last-modified
Tue, 14 Dec 2021 12:10:17 GMT
server
AmazonS3
age
229934
etag
"879b5a7aceb27ebf6f606dad333334fc"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=259200
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
9007
x-amz-cf-id
vjaRBr0qX2GOCN-OwxeNrjBd4QU7oxuDWCJJy3um4iP9jRrYjFJPng==
expires
Wed, 21 May 2025 00:00:00 GMT
picture-27.jpeg
prod-static.yappaapp.com/placeholder-profile-pics/ Frame 0CA7 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-static.yappaapp.com/placeholder-profile-pics/picture-27.jpeg
Requested by
Host: conversations.yappaapp.com
URL: https://conversations.yappaapp.com/?url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&content-id=&disable-ads=false&enable-auth-token-exchange=false&widget-type=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c000:6:6801:f140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af13a8d0ba0da59544535c897879a458ab82ee413cfcf7bf9d62bfe988859e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://conversations.yappaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 12:47:12 GMT
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
last-modified
Tue, 14 Dec 2021 12:10:17 GMT
server
AmazonS3
age
176514
etag
"111cd044bc09b54555b81a98dc6acb0f"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=259200
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
7219
x-amz-cf-id
C24p5Uk69VefM6doBJFNzrGDy7E8kWu4VolAySvApsC78jAQzpxBDA==
expires
Wed, 21 May 2025 00:00:00 GMT
picture-18.jpeg
prod-static.yappaapp.com/placeholder-profile-pics/ Frame 0CA7 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-static.yappaapp.com/placeholder-profile-pics/picture-18.jpeg
Requested by
Host: conversations.yappaapp.com
URL: https://conversations.yappaapp.com/?url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&content-id=&disable-ads=false&enable-auth-token-exchange=false&widget-type=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c000:6:6801:f140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72280a56f563c583ed3411579aa1cbf6f3f7b81a52d0d1ed1f68b609147414ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://conversations.yappaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 05:58:01 GMT
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
last-modified
Tue, 14 Dec 2021 12:10:17 GMT
server
AmazonS3
age
34785
etag
"9330fe4d3a0a2d0fb2b5e76330aeecab"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=259200
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
10726
x-amz-cf-id
4DhkiuIsJcFeINHy7vrMdqyI0TxnyFfT5WYsVaSHdaRyOF6oVYpOgg==
expires
Wed, 21 May 2025 00:00:00 GMT
picture-19.jpeg
prod-static.yappaapp.com/placeholder-profile-pics/ Frame 0CA7 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-static.yappaapp.com/placeholder-profile-pics/picture-19.jpeg
Requested by
Host: conversations.yappaapp.com
URL: https://conversations.yappaapp.com/?url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&content-id=&disable-ads=false&enable-auth-token-exchange=false&widget-type=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c000:6:6801:f140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eea4c76ed6cc7bb2bd1c4fd6146114b8f2a3901b078e51746eff6124b1aef2ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://conversations.yappaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 00:40:59 GMT
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
last-modified
Tue, 14 Dec 2021 12:10:17 GMT
server
AmazonS3
age
226519
etag
"77752d95616fde45c793ce35067b1104"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=259200
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
8437
x-amz-cf-id
4YDl45YNr5kilmuow4e52c4_lS65dRNH6-yuNvWuu23RPonGTR3lhg==
expires
Wed, 21 May 2025 00:00:00 GMT
generic
trends.newsmaxwidget.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.newsmaxwidget.com/event/generic
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.237.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-237-91.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Mon, 10 Jan 2022 15:35:57 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
strict-transport-security
max-age=931536000; includeSubDomains
generic
trends.newsmaxwidget.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.newsmaxwidget.com/event/generic
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.237.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-237-91.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Mon, 10 Jan 2022 15:35:57 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
strict-transport-security
max-age=931536000; includeSubDomains
getads.htm
rt3042.infolinks.com/action/ 		1 KB
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3042.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22articles%22%2C%22scs%22%3A%22yXUPNK5Pp3%22%7D%5D&rid=c644da4a-2944-43c0-ad78-118e34279cb9&jsv=1777.009-3.025&sr=1600X1200&rts=1641828957828&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=97.0.4692.71&dv=p&ce=t&purl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&tzo=-0000&c=c&strg=true&rsd=Ch3GmJccE2qLSsbmsdxIYR43IzMovFYw_rYewMl4FeCAmqxI2Il2FJZewCEXG_0Nh1rShztIOl_BgtID5jT9NvprsB-N_XcEpKGwfoissf4wsTo50Z-kd5fYfImm3EYh6SXjL9X2hyQVH6UC2qyrvluSiEUTn45w&rsk=36&rcs=dAwRzXdni1gm45szH5df9w&hbnr=false
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1777.009-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e501ed997f22eb67b34ec2b72799937179fa2a211678c88539bdca0b66ee5a45

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:58 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-language
de-DE
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
6cb6fa6a7aa068fd-FRA
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/j/ Frame 49FB 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=540678776&t=pageview&_s=1&dl=https%3A%2F%2Fembed.crooksandliars.com%2Fembed%2FdZAeyHMz&dr=https%3A%2F%2Fcrooksandliars.com%2F&ul=en-us&de=UTF-8&dt=Bannon%E2%80%99s%20Correspondent%20Blames%20His%20COVID%20On%20Democrats%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&sd=24-bit&sr=1600x1200&vp=765x431&je=0&_u=QACAAUABAAAAAC~&jid=800625754&gjid=1571994020&cid=228879631.1641828955&tid=UA-2640119-6&_gid=1682051791.1641828955&_r=1&gtm=2ou150&z=1682788339
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://embed.crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://embed.crooksandliars.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
embed.runtime.f00b23f12ac431a9b357.js
platform.twitter.com/embed/ Frame D222 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.runtime.f00b23f12ac431a9b357.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479540381872271362&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CDF) /
Resource Hash
89a3f1faa1fc642771515952c5434e58f0b983a4eb0297f3120a15c91901909a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479540381872271362&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:35:57 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jan 2022 19:46:17 GMT
Server
ECS (mil/6CDF)
Age
330520
Etag
"5c6a97b08bf7db64ab546a988839de77+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
3524
embed.modules.66e311263622456867b1.js
platform.twitter.com/embed/ Frame D222 		519 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.modules.66e311263622456867b1.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479540381872271362&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE2) /
Resource Hash
8e60f604f0ca5f472149b3e3a02c184ae1082ad59b54ce7eb26c1b6ff51ccfc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479540381872271362&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:35:57 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Dec 2021 20:09:13 GMT
Server
ECS (mil/6CE2)
Age
2747375
Etag
"d2a7d4d81994376470f2560f453ad37b+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
166772
embed.i18n.c052951fae9a0c2b4020.js
platform.twitter.com/embed/ Frame D222 		146 B
652 B 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.i18n.c052951fae9a0c2b4020.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479540381872271362&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CFA) /
Resource Hash
9863c7532e26b3e9a2e1ac1d7ee7d96bc03db512a2af9174aa5c1d07046376cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479540381872271362&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:35:57 GMT
Access-Control-Allow-Methods
GET
Last-Modified
Thu, 09 Dec 2021 20:09:13 GMT
Server
ECS (mil/6CFA)
Age
2747375
Etag
"ae3db27722181e85d0a069a920b4ed89"
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
Content-Length
146
embed.Tweet.f3a10180eb66ab611b47.js
platform.twitter.com/embed/ Frame D222 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.Tweet.f3a10180eb66ab611b47.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479540381872271362&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CEB) /
Resource Hash
c145340c60400acb9f4de271d0b14728863e8808ddfdd8d7f53c923b54d6aff9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479540381872271362&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:35:57 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jan 2022 19:46:17 GMT
Server
ECS (mil/6CEB)
Age
330516
Etag
"56934bbbe2ad1e407d82351bf43a0177+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
5777
vidice.js
resources.infolinks.com/js/vidice/1.0/ 		620 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/vidice/1.0/vidice.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1777.009-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
610a427b4b6da16af92fa70bc4ebc4bc85ab2fbfc59bfea7d01a58e78412c88a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray
6cb6fa6a9b0e68fd-FRA
date
Mon, 10 Jan 2022 15:35:57 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 10 Jul 2019 15:15:02 GMT
server
cloudflare
age
3780
etag
W/"9b0d4-58d552435a78c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
content-encoding
gzip
expires
Wed, 09 Feb 2022 14:32:57 GMT
embed.runtime.f00b23f12ac431a9b357.js
platform.twitter.com/embed/ Frame AFD7 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.runtime.f00b23f12ac431a9b357.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479530205513351170&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CDF) /
Resource Hash
89a3f1faa1fc642771515952c5434e58f0b983a4eb0297f3120a15c91901909a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479530205513351170&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:35:57 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jan 2022 19:46:17 GMT
Server
ECS (mil/6CDF)
Age
330520
Etag
"5c6a97b08bf7db64ab546a988839de77+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
3524
embed.modules.66e311263622456867b1.js
platform.twitter.com/embed/ Frame AFD7 		519 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.modules.66e311263622456867b1.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479530205513351170&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6725) /
Resource Hash
8e60f604f0ca5f472149b3e3a02c184ae1082ad59b54ce7eb26c1b6ff51ccfc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479530205513351170&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:35:57 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Dec 2021 20:09:13 GMT
Server
ECS (frb/6725)
Age
2747372
Etag
"d2a7d4d81994376470f2560f453ad37b+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
166772
embed.i18n.c052951fae9a0c2b4020.js
platform.twitter.com/embed/ Frame AFD7 		146 B
652 B 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.i18n.c052951fae9a0c2b4020.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479530205513351170&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CFA) /
Resource Hash
9863c7532e26b3e9a2e1ac1d7ee7d96bc03db512a2af9174aa5c1d07046376cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479530205513351170&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:35:57 GMT
Access-Control-Allow-Methods
GET
Last-Modified
Thu, 09 Dec 2021 20:09:13 GMT
Server
ECS (mil/6CFA)
Age
2747375
Etag
"ae3db27722181e85d0a069a920b4ed89"
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
Content-Length
146
embed.Tweet.f3a10180eb66ab611b47.js
platform.twitter.com/embed/ Frame AFD7 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.Tweet.f3a10180eb66ab611b47.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479530205513351170&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CEB) /
Resource Hash
c145340c60400acb9f4de271d0b14728863e8808ddfdd8d7f53c923b54d6aff9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479530205513351170&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:35:57 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jan 2022 19:46:17 GMT
Server
ECS (mil/6CEB)
Age
330516
Etag
"56934bbbe2ad1e407d82351bf43a0177+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
5777
truncated
/ Frame C076 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
198eeedfe64dd3f4d642f41078b1ea3e1072aed61407bb2db572238f8f685f42

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame C076 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvF6Nqg0hEE1jrw-gfl14OaFDgpcOaTrHCsHcoaskQnBXjcWHh-0C9fH7AUx4bOv1mAlvnwFa-47e6s4fdjLZup9MNIBqd25Y1OSU8nf0blxy1em-blXfOToVtIYbdm8LGDT4Dw_OE5K8fIBXe9v968wMPpXNbqoAd1oWe05YysFx4Tn9K3Rqnzg4BJWReelwOWvU6nxrNGLj9T8-aln2kLEIEtTjqlve3596PxTkBmNrubBwDQuH4U-beDOiqEJrYIzFPUu8G_JNDDWgSEQe6QYgrRvdJNy8ilt4kTwCtDuQpiUb_4xneA_aBJ2tBtzRXDEXl3foDN_nmC&sig=Cg0ArKJSzAnxxR33EAbwEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:35:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 10 Jan 2022 15:35:57 GMT
css2
fonts.googleapis.com/ Frame F7FC 		4 KB
634 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 13:55:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 10 Jan 2022 15:35:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Jan 2022 15:35:57 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F7FC 		205 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 08:45:35 GMT
x-content-type-options
nosniff
age
24622
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 10 Jan 2023 08:45:35 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F7FC 		604 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 14:52:20 GMT
x-content-type-options
nosniff
age
2617
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 10 Jan 2023 14:52:20 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/elements/html/ Frame F7FC 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d8693cddca8ef95b6b06ab98ad4ae68d7c7a30aa8d781e418c28b84bfcca7cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:09:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1616
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8415
x-xss-protection
0
server
cafe
etag
17051659159829090632
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 15:09:01 GMT
embed.runtime.f00b23f12ac431a9b357.js
platform.twitter.com/embed/ Frame A41E 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.runtime.f00b23f12ac431a9b357.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-2&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479436233357119489&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CDF) /
Resource Hash
89a3f1faa1fc642771515952c5434e58f0b983a4eb0297f3120a15c91901909a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-2&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479436233357119489&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:35:57 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jan 2022 19:46:17 GMT
Server
ECS (mil/6CDF)
Age
330520
Etag
"5c6a97b08bf7db64ab546a988839de77+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
3524
embed.modules.66e311263622456867b1.js
platform.twitter.com/embed/ Frame A41E 		519 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.modules.66e311263622456867b1.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-2&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479436233357119489&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE2) /
Resource Hash
8e60f604f0ca5f472149b3e3a02c184ae1082ad59b54ce7eb26c1b6ff51ccfc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-2&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479436233357119489&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:35:57 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Dec 2021 20:09:13 GMT
Server
ECS (mil/6CE2)
Age
2747375
Etag
"d2a7d4d81994376470f2560f453ad37b+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
166772
embed.i18n.c052951fae9a0c2b4020.js
platform.twitter.com/embed/ Frame A41E 		146 B
652 B 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.i18n.c052951fae9a0c2b4020.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-2&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479436233357119489&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CFA) /
Resource Hash
9863c7532e26b3e9a2e1ac1d7ee7d96bc03db512a2af9174aa5c1d07046376cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-2&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479436233357119489&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:35:57 GMT
Access-Control-Allow-Methods
GET
Last-Modified
Thu, 09 Dec 2021 20:09:13 GMT
Server
ECS (mil/6CFA)
Age
2747375
Etag
"ae3db27722181e85d0a069a920b4ed89"
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
Content-Length
146
embed.Tweet.f3a10180eb66ab611b47.js
platform.twitter.com/embed/ Frame A41E 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.Tweet.f3a10180eb66ab611b47.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-2&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479436233357119489&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CEB) /
Resource Hash
c145340c60400acb9f4de271d0b14728863e8808ddfdd8d7f53c923b54d6aff9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-2&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479436233357119489&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:35:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jan 2022 19:46:17 GMT
Server
ECS (mil/6CEB)
Age
330517
Etag
"56934bbbe2ad1e407d82351bf43a0177+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
5777
css
fonts.googleapis.com/ Frame 2EE3 		4 KB
619 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 13:57:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 10 Jan 2022 15:35:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Jan 2022 15:35:57 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 2EE3 		1 KB
880 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:30:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
338
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 15:30:19 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 2EE3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CjvNfW1LcYcWzBNvV7_UPpKGL4AfFpd6BZZP63d3uDdTjxJ7AJBABIJqVhAJgleKQgqAHoAHMjPWaA8gBCakCWoUNCBAAsz6oAwHIA8sEqgSrAk_QGwoBd9nonNP1zeO6rA3c6U7S8EWi-goIkH54LdFc0n3ZvgL71Ao-F0KIrfsf-OXIPnSuZN08fboZ0xXXw_TLfTKVQPIg4ZoSTB_tzBr-9B4Hj0imrlvLbHfooQ8CRkABv4-7bhWCxplXgCJmpXdJFG_REvoONscK3yjghDHtb8OGsLza1I08Redoj67IDxUTseDq0vmLGW1OrxOulvNaWD7PhczmKQT9N3TK5YxfdjDBjMm0s8vtUrYBS9lFgyPyqLDs37EhhOuKPN0KZFE1ZVfc72qK7uUTK5f9ac81_yohw_BZf2Hsc0k8bSDLrs1EvhVG5hep3BwtCojzSFTTAW2YAX9ixnw8WhCXH_Fut9q12XaOlZSv7NwvsdcT1Di36kmFiN_sSsfOwASX--7exwOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHnPOKZagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEOy4BdIICQiA4YAQEAEYH4AKAcgLAdgTDIgUB9AVAZgWAYAXAbIXHAoaCAASFHB1Yi01MTU1NjQzOTIwNDU1MTY5GAA&sigh=z9Nu9fJJ_5U&uach_m=[UACH]&template_id=484
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 10 Jan 2022 15:35:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/ Frame 2EE3 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8bb62feaca29c6331af00715eb59493562b5213706522a97cd6ada5e8316313
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:33:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
175
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7894
x-xss-protection
0
server
cafe
etag
10405968765291005445
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 15:33:02 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 2EE3 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:34:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1210
x-xss-protection
0
server
cafe
etag
9753579932288205849
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 15:34:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2EE3 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37632
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641385868096614"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 10 Jan 2022 15:35:57 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 2EE3 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:34:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6485
x-xss-protection
0
server
cafe
etag
13366392639478751132
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 15:34:26 GMT
6d065ef8aad4e53a06604e1059b7b7b3.js
www.gstatic.com/mysidia/ Frame 2EE3 		27 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:16:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
580758
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11408
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 07:52:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 03 Apr 2022 22:16:39 GMT
6592766407814317453
tpc.googlesyndication.com/simgad/16633905411750574998/ Frame 2EE3 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16633905411750574998/6592766407814317453
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d74ae3de04d8c55302d3ec3c4113bc5ffa32ea11040b56bc1e4ac3e6ee1cff56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 13:41:50 GMT
x-content-type-options
nosniff
age
438847
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36389
x-xss-protection
0
last-modified
Wed, 12 May 2021 10:19:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 05 Jan 2023 13:41:50 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/7488850785090934048/ Frame 2EE3 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7488850785090934048/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5053fd24623763276d63f41fc2f6c4e65a3a4fd3d55ed383e95d8a15a8e62996
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 04:48:56 GMT
x-content-type-options
nosniff
age
470821
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3176
x-xss-protection
0
last-modified
Fri, 19 Mar 2021 11:50:48 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 05 Jan 2023 04:48:56 GMT
moatad.js
z.moatads.com/revcontentdisplay556968265165/ 		298 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/revcontentdisplay556968265165/moatad.js
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b0a6edbce214b6e95daf7e93848732e2ce9e209f2d48dcce5a2962885c489384

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:58 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 16:35:10 GMT
server
AmazonS3
x-amz-request-id
PDP73WG1MB376E66
etag
"59f7a2722b8b3dd6197d8b8bd28043a9"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=39718
accept-ranges
bytes
content-length
103494
x-amz-id-2
ZuTnLYGw1hGNu9AwRBSKEtF9Bk/VaPQ51G3WYtjw04Eq5cT9ipsBKFjl43mY2tpdbx+CnrPmViM=
roboto-medium.d3e528d9.woff
conversations.yappaapp.com/fonts/ Frame 0CA7 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://conversations.yappaapp.com/fonts/roboto-medium.d3e528d9.woff
Requested by
Host: conversations.yappaapp.com
URL: https://conversations.yappaapp.com/css/chunk-vendors.18dab191.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c743a880dc0cfd9028f74d7b23db7131ff230f0927129418de147be4f556031

Request headers

Referer
https://conversations.yappaapp.com/css/chunk-vendors.18dab191.css
Origin
https://conversations.yappaapp.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11380
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
21184
last-modified
Tue, 14 Dec 2021 12:12:55 GMT
server
cloudflare
etag
"61b88a47-52c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5PwG69TJ6ty0SxlzrzlnDksVdISK5mTThQ6nAXWJ%2BOs2reQ9X92Acr87Bb8rQO26MySdGcujdnSUyjITgr6jbYIxQs0gqc6zWV2EBoDrN4ZxlL5GxmbOCXWl306JoyClCSBAC8lv%2BfozT7LNCeeUb5Cy1dj9KZZqFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6cb6fa6b4fe883b8-MXP
roboto-regular.b3be96cb.woff
conversations.yappaapp.com/fonts/ Frame 0CA7 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://conversations.yappaapp.com/fonts/roboto-regular.b3be96cb.woff
Requested by
Host: conversations.yappaapp.com
URL: https://conversations.yappaapp.com/css/chunk-vendors.18dab191.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7838acd6a8bd0836972523ffbe20c9745d03b07d89968d9cc9bc57f46e567895

Request headers

Referer
https://conversations.yappaapp.com/css/chunk-vendors.18dab191.css
Origin
https://conversations.yappaapp.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11382
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20924
last-modified
Tue, 14 Dec 2021 12:12:55 GMT
server
cloudflare
etag
"61b88a47-51bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lXtQWz6h1bIOHl1Qn6U%2FcTbby5O9ZVIv7gsTrgDMlLCFwNkvzenTW3FHzBwHjSnbzCOPIymzobJSvXbMDfMyq3hlL2th4WA9U8cUdT5Wf%2BdSdfjFeOOhCVaoc0TfayaNowlFt0WRCwU0u28lGeUWgKxcAzjZDNyD3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6cb6fa6b4feb83b8-MXP
collect
stats.g.doubleclick.net/j/ Frame 49FB 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-2640119-6&cid=228879631.1641828955&jid=800625754&gjid=1571994020&_gid=1682051791.1641828955&_u=QACAAUAAAAAAAC~&z=2688228
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://embed.crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 10 Jan 2022 15:35:57 GMT
content-type
text/plain
access-control-allow-origin
https://embed.crooksandliars.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
49279.jpg
crooksandliars.com/files/mediaposters/2022/01/ Frame 49FB 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/mediaposters/2022/01/49279.jpg?ts=1641606530
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
158c52a04fdfa34bcb90a320eb3a4a7ce24df58a3deb8bbc6b83996733ab5087

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://embed.crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:58 GMT
last-modified
Sat, 08 Jan 2022 01:48:50 GMT
server
nginx
etag
"61d8ed82-c1e0"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
49632
service-worker-allowed
/
expires
Thu, 31 Dec 2037 23:55:55 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame F209 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cy2FbXFLcYc-QNuO2x_APr-u54AaeoaGuXKH56P6fA8CNtwEQASAAYJUCggEXY2EtcHViLTc2MzA5NjExNjM2NDMxMzfIAQngAgCoAwGqBMwCT9CNa7__tk9cnS4qU6NCuy2-c7tl0BKy0ik-v6I-408iwB-9cDIVyrcblCsujIssKl6j1uOjwDz-Ag07YkXHsezaSLOwiy9x1WOCJolIGXnYIbC-WpObGv_dUhpSzwRd1dipuEnd26wEaONet7nWD5nzRmKV5sg9GnvcOHxFRIu5ZZpWbFrmCgByF8bjcHJVEAkR29VbgDFj3ie_S6Zys1fQFEPMYrEfA2NFSr4DoO8nHvNHlP-LIWby_2ISGSvJrCv9gJ_uhvi6zem04WoBOd_zBz3bXEPToRMcWRJGddiKLZ6HK1_0e0lJ5NOsuFirE-E6u2sGFZoCGqX4Rvq3xMvhV8EblutPJCEFYCuchJWsWMTasNMr1HqOyq_VlBwuKJr-a-fSC9sRFPGEFmy1rUmPjmApxql7xsb1r5_223iIrREgbinwOxQ2oMPgBAGABv22tsKN0qWIKaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0xMDEzMDIzMjgxNTkwMzAxgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTc2MzA5NjExNjM2NDMxMzcYob8V&sigh=ViaYO5ZS74k&uach_m=[UACH]&cid=CAQSOwCNIrLMQVL97o-ioUVkDODmTTNOeQV1RK8LMiuQbHZ0761yF2HmmIhm_WdSGgC9U8KpfH8XdGftcKsFGAE
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
/
track.adform.net/adfscript/ Frame F209 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=36796708;rtbwp=YdxSXAAAAACYWjLNkyU5oTqqRxYQhgWQBMog8g;rtbdata=1LLa4f0gt_HhMZ5-B24e4xhGQnrIZiPRh1gmyRWf9wiLkeSAy1Ryl71HzzoOmlsXZqtlexx74EyQ46P3k7ixSONHU44RzfCSUKuczeshBQP9T_9bqROc39v9jrP0a79h0RunnUg298tDBOM6P-o_lghUKotLelcbR8lcYmtqEI2KX-yo_mFBSE9gQylCQMs682vWBF-vlpeWrusI5ec7Q4pKfYRk6-xDmyRsseOJHtItf33bZ6ZD1Q_ULTHR8r5jwbiuV3K6kJsWrEO2cJ1he3c8TI8qqnubtukt6hYJ2JM1
Requested by
Host: d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com
URL: https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9668c68366824daa2560f50f5d7adff24f57898da99e096f6c8d571ab9cefed0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:58 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
908
expires
-1
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame F209 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/window_focus_fy2019.js
Requested by
Host: d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com
URL: https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:34:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
99
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1210
x-xss-protection
0
server
cafe
etag
9753579932288205849
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 15:34:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F209 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com
URL: https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37632
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641385868096614"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 10 Jan 2022 15:35:58 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame F209 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com
URL: https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:34:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6485
x-xss-protection
0
server
cafe
etag
13366392639478751132
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 15:34:26 GMT
l
www.google.com/ads/measurement/ Frame F209 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ8StK858202Vnu-nw2Iq59Eo7_HDLwAkz64Lu-Acg1MjA2KF6h27IfbTUtcBDOLa0ghykRqZbC0IFQD5yQCBMpNYbibA
Requested by
Host: d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com
URL: https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame F209 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com
URL: https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 18:05:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
163820
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 08 Jan 2023 18:05:38 GMT
v1
a4337.casalemedia.com/impression/ Frame F209 		43 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4337.casalemedia.com/impression/v1?bidID=205b5c5e-27f3-4f63-b093-8fb2c76032cf&traceID=c7e54n42aqlr4huplkf0&dspID=111&userID=&cmpro=0&ap=YdxSXAANiE8IEdtjAA51ryW-M9C3k1ScFxnu4A
Requested by
Host: d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com
URL: https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.170.63.49 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:35:58 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=100
Content-Length
43
Expires
0
pixel
protected-by.clarium.io/ Frame F209 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_RnNlZXpfLW5EeVdRWElKc2Jub0trS1RIWEM0LzQ1NTc3MDcwMzg6MzIweDUw&v=5&s=v31fp2a3fr6&id=eyJkZnAiOnsiYWQiOjQ0MjU0NjU4MDMsImMiOm51bGwsImwiOjAsIm8iOjIxMjQ4OTY1NjAsIkEiOiIvMjc3OTQxNjEvY3Jvb2tzYW5kbGlhcnMuY29tX1dlYl8zMDB4MjUwXzQiLCJ5IjoyMDk5MTgsImNvIjo0NTU3NzA3MDM4LCJzIjoiZGl2LWluc3RpY2F0b3ItYWQtNCJ9fQ%3D%3D&sb=undefined&cb=2446189&h=crooksandliars.com&d=eyJ3aCI6IlJuTmxaWHBmTFc1RWVWZFJXRWxLYzJKdWIwdHJTMVJJV0VNMEx6UTFOVGMzTURjd016ZzZNekl3ZURVdyIsIndkIjp7ImNvIjo0NTU3NzA3MDM4LCJ3IjoiMzIwIiwiaCI6IjUwIn0sIndyIjo2fQ==
Requested by
Host: d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com
URL: https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.247.85 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-247-85.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:35:58 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
clLOGO.png
embed.crooksandliars.com/images/ Frame 49FB 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://embed.crooksandliars.com/images/clLOGO.png?fd81949eaaa999ed9dbebde784d7a390
Requested by
Host: embed.crooksandliars.com
URL: https://embed.crooksandliars.com/css/theme.css?1591398763000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.238.37.138 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
dean.crooksandliars.com
Software
nginx / Express
Resource Hash
2154e018e59aeb164b2295468e97a6699e83bf981ba46114801980a471b99ef7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://embed.crooksandliars.com/css/theme.css?1591398763000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:58 GMT
last-modified
Fri, 05 Jun 2020 23:12:43 GMT
server
nginx
x-powered-by
Express
etag
W/"222a-17286c209f8"
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
content-length
8746
truncated
/ Frame 49FB 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
da30cd9898ddf2651fcd39478f65313a7d10e5fa824d81203ca5aec839b540c9

Request headers

Referer
Origin
https://embed.crooksandliars.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 49FB 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://embed.crooksandliars.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 13:39:48 GMT
x-content-type-options
nosniff
age
266170
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 07 Jan 2023 13:39:48 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 57C0 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=25821201&p=156512&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
cd596b89160f57911ac5c63cf77f0a1c66bca24f96fd1760d640f296329014e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:56 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
bidding
bids.proper.io/api/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.proper.io/api/bidding
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.210.253.33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-210-253-33.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 10 Jan 2022 15:35:58 GMT
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
collect
www.google-analytics.com/j/ Frame 0CA7 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=834342196&t=pageview&_s=1&dl=https%3A%2F%2Fconversations.yappaapp.com%2F%3Furl%3Dhttps%253A%252F%252Fcrooksandliars.com%252F2022%252F01%252Fbannon-s-anti-vax-correspondent-blames-his%26content-id%3D%26disable-ads%3Dfalse%26enable-auth-token-exchange%3Dfalse%26widget-type%3Dundefined&dr=https%3A%2F%2Fcrooksandliars.com%2F&ul=en-us&de=UTF-8&dt=Vue%20App&sd=24-bit&sr=1600x1200&vp=765x240&je=0&_u=4GBAAUABAAAAAC~&jid=605045465&gjid=1609899924&cid=1590539365.1641828958&tid=UA-65028971-4&_gid=1970791673.1641828958&_r=1&gtm=2ou150&cd3=1590539365.1641828958&z=537014011
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://conversations.yappaapp.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://conversations.yappaapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame 0CA7 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=834342196&t=event&_s=2&dl=https%3A%2F%2Fconversations.yappaapp.com%2F%3Furl%3Dhttps%253A%252F%252Fcrooksandliars.com%252F2022%252F01%252Fbannon-s-anti-vax-correspondent-blames-his%26content-id%3D%26disable-ads%3Dfalse%26enable-auth-token-exchange%3Dfalse%26widget-type%3Dundefined&dr=https%3A%2F%2Fcrooksandliars.com%2F&ul=en-us&de=UTF-8&dt=Vue%20App&sd=24-bit&sr=1600x1200&vp=765x240&je=0&ec=3.0_widget_comment_list_empty&ea=comment_list_empty_action&_u=4GBAAUABAAAAAC~&jid=&gjid=&cid=1590539365.1641828958&tid=UA-65028971-4&_gid=1970791673.1641828958&gtm=2ou150&cd2=NULL&cd3=1590539365.1641828958&z=1195437172
Requested by
Host: conversations.yappaapp.com
URL: https://conversations.yappaapp.com/?url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&content-id=&disable-ads=false&enable-auth-token-exchange=false&widget-type=undefined
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://conversations.yappaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 04:23:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
40378
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
49279.mp4_high.mp4
media.crooksandliars.com/2022/01/ Frame 49FB 		0
0
/
track.adform.net/adfserve/ Frame BF17 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=46688788;rtbwp=YdxSXAAAAAAIIElMYxlwdP5bz4GeEjF0GsMWKA;rtbdata=bN-gJ_rN8wXYmLEfnT1L8jWldT_tslZIiIR98NwVlXShlV4_GhkZWpZ29P050fuYZqtlexx74EyQ46P3k7ixSONHU44RzfCSUKuczeshBQP9T_9bqROc39v9jrP0a79h0RunnUg298tDBOM6P-o_lghUKotLelcbR8lcYmtqEI0qHMckcoZdiIBE0K4F8zM66PJdBbokhs1XurCCTKxqyzKahT1VEHmsgqkTyjm8WxErZmEv5Q4g_SmJ_IU6mQ8yZbviwnvRADMnYfX9AcMSX6uJiUApLKFLomN1-c6UvUo1;js=1;adfxid=1x;75;set=en-US|en-US|1600X1200|0|300|100|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
73f2ca310ea243effe01df47375783b630646fff06c885ef9e8a818d49b03454
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:58 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2464
expires
-1
ga-audiences
www.google.com/ads/ Frame 49FB 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2640119-6&cid=228879631.1641828955&jid=800625754&_u=QACAAUAAAAAAAC~&z=1278160931
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://embed.crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ Frame 49FB 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2640119-6&cid=228879631.1641828955&jid=800625754&_u=QACAAUAAAAAAAC~&z=1278160931
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://embed.crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/adfserve/ Frame 6776 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=36796705;rtbwp=YdxSXAAAAAB_hxGm11uAtxhSpYKRmQPT8k33Gw;rtbdata=-tyE_VEosu5KoaypkrgWT5xba6JP2eZvzludDmwMoZAYzXsebAu70xBS9tOuhzZ1Zqtlexx74EyQ46P3k7ixSONHU44RzfCSUKuczeshBQP9T_9bqROc39v9jrP0a79h0RunnUg298tDBOM6P-o_lghUKotLelcbR8lcYmtqEI0qHMckcoZdiKmS-MwLyzEI6PJdBbokhs1XurCCTKxqy21H07YFavlfxppwppddD8mHfuzNXtEdZSmJ_IU6mQ8yZbviwnvRADMnYfX9AcMSX6uJiUApLKFLvvk7P4m62a81;js=1;adfxid=2x;1481;set=en-US|en-US|1600X1200|0|300|100|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
51f2c4f64b90c4ab7373996bb4fbe847ac17813c6dca8eceb66ee2f82eb07a5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:58 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2456
expires
-1
si
googleads.g.doubleclick.net/pagead/drt/ Frame AA62
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H3
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

date
Mon, 10 Jan 2022 15:35:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ Frame 0CA7 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-65028971-4&cid=1590539365.1641828958&jid=605045465&gjid=1609899924&_gid=1970791673.1641828958&_u=4GBAAUAAAAAAAC~&z=1694180669
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://conversations.yappaapp.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 10 Jan 2022 15:35:58 GMT
content-type
text/plain
access-control-allow-origin
https://conversations.yappaapp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
61bef83e4d7a69-15702349.jpg
images.newsmaxwidget.com/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.newsmaxwidget.com/content/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.newsmaxwidget.com/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.newsmaxwidget.com/content/images/61bef83e4d7a69-15702349.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
2a5b1dce23395f1bb97fd821142b7602a6ffca17477fab09a1817f22268bb9c3
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:58 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=1;cpu=0;start=2022-01-09T04:22:26.054Z;desc=hit,rtt;dur=0
content-length
6389
x-request-id
481ab6339f50810db0652aa02f89dc4a
last-modified
Sun, 09 Jan 2022 03:43:17 GMT
server
Cloudinary
etag
"e2faa09dd48152149dae54e97cf102be"
vary
Save-Data
x-hw
1641828958.cds158.fr8.hn,1641828958.cds125.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
616d602687ea18-68788310.jpg
images.newsmaxwidget.com/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.newsmaxwidget.com/content/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.newsmaxwidget.com/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.newsmaxwidget.com/content/images/616d602687ea18-68788310.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
fbf1090e91d4df14521c1ff28fdcdc604d28abb8cb7b508bf8b9e318c82fb9b4
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:58 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=150;cpu=1;start=2021-12-31T13:03:02.963Z;desc=miss,rtt;dur=0,cloudinary;dur=52;start=2021-12-31T13:03:03.009Z
content-length
5689
last-modified
Wed, 01 Dec 2021 13:13:20 GMT
server
Cloudinary
etag
"e2c0e94cbac1ac72380597aef01f16b4"
vary
Save-Data
x-hw
1641828958.cds158.fr8.hn,1641828958.cds248.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
6165111e2e8712-72997412.jpeg
images.newsmaxwidget.com/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.newsmaxwidget.com/content/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.newsmaxwidget.com/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.newsmaxwidget.com/content/images/6165111e2e8712-72997412.jpeg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
88749e1046b7c581e4cf3b693d5662da7ff482b195e561688c843c0890ee95bb
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:58 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=162;cpu=1;start=2021-11-30T12:03:59.461Z;desc=miss,rtt;dur=0,cloudinary;dur=63;start=2021-11-30T12:03:59.511Z
content-length
6313
last-modified
Tue, 30 Nov 2021 11:30:21 GMT
server
Cloudinary
etag
"ed4b7c0ecf4cf625df74c6fba744d961"
vary
Save-Data
x-hw
1641828958.cds158.fr8.hn,1641828958.cds226.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
5ef2c62a778e86-00915583.JPEG
images.newsmaxwidget.com/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.newsmaxwidget.com/content/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.newsmaxwidget.com/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.newsmaxwidget.com/content/images/5ef2c62a778e86-00915583.JPEG
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
62bd6969eaf7d4b12f45d086623a97ff1edacd912a77a514bc9a1b8a4640a46c
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:58 GMT
x-content-type-options
nosniff
server-timing
fastly;dur=1;start=2022-01-10T15:35:58.265Z;desc=hit,rtt;dur=0
vary
Save-Data
content-length
6239
last-modified
Thu, 11 Nov 2021 17:40:11 GMT
server
Cloudinary
etag
"19a63bcff662fa17040c3fb4da248ad7"
strict-transport-security
max-age=604800
x-hw
1641828958.cds158.fr8.hn,1641828958.cds002.fr8.sc,1641828958.cds002.fr8.p
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
5ee95bbc4a3133-36342159.jpeg
images.newsmaxwidget.com/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.newsmaxwidget.com/content/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.newsmaxwidget.com/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.newsmaxwidget.com/content/images/5ee95bbc4a3133-36342159.jpeg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
6509fc300d5da31fac0a3f658bad6a07ff2aa4095be874d8e096b783a40169bb
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:58 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=1;cpu=0;start=2022-01-03T19:38:10.216Z;desc=hit,rtt;dur=0
content-length
5063
last-modified
Thu, 11 Nov 2021 17:41:00 GMT
server
Cloudinary
etag
"edd7d496c504c0106e2d6be4dab0d443"
vary
Save-Data
x-hw
1641828958.cds158.fr8.hn,1641828958.cds133.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
615b9f9ab94e13-65559433.jpg
images.newsmaxwidget.com/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.newsmaxwidget.com/content/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.newsmaxwidget.com/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.newsmaxwidget.com/content/images/615b9f9ab94e13-65559433.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
51bb5424ac5dc34ffb15ebf3c46c064a2d72efb7791a15598367a14c95933fe9
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:58 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=1;cpu=0;start=2021-12-16T13:57:40.321Z;desc=hit,rtt;dur=0
content-length
6914
last-modified
Mon, 29 Nov 2021 13:29:08 GMT
server
Cloudinary
etag
"2b8963f90c6b46b88f15d0c58b03ffcd"
vary
Save-Data
x-hw
1641828958.cds158.fr8.hn,1641828958.cds145.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
49279.mp4_high.mp4
media.crooksandliars.com/2022/01/ Frame 49FB 		3 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://media.crooksandliars.com/2022/01/49279.mp4_high.mp4
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.238.37.138 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
dean.crooksandliars.com
Software
nginx /
Resource Hash

Request headers

Referer
https://embed.crooksandliars.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-9958462/9958463
date
Mon, 10 Jan 2022 15:35:58 GMT
last-modified
Sat, 08 Jan 2022 01:49:06 GMT
server
nginx
etag
"61d8ed92-97f43f"
Content-Length
9958463
content-type
video/mp4
99bb3d092bf68d1d775a9b786f692710.jpeg
images.newsmaxwidget.com/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.newsmaxwidget.com/content/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.newsmaxwidget.com/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.newsmaxwidget.com/content/images/99bb3d092bf68d1d775a9b786f692710.jpeg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
12560714dff96817e6da55eefc53a537ac7f9361fb8e3fd4fa24143777d281fb
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:58 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=142;cpu=1;start=2021-11-11T19:59:36.840Z;desc=miss,rtt;dur=0,cloudinary;dur=48;start=2021-11-11T19:59:36.890Z
content-length
7895
last-modified
Thu, 11 Nov 2021 17:40:11 GMT
server
Cloudinary
etag
"ebfe51fc615f139088ce13b87362ca43"
vary
Save-Data
x-hw
1641828958.cds158.fr8.hn,1641828958.cds041.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
61d4ed63cf7d23-29507566.jpg
images.newsmaxwidget.com/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.newsmaxwidget.com/content/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.newsmaxwidget.com/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.newsmaxwidget.com/content/images/61d4ed63cf7d23-29507566.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
f6ceb15916d30de858e8421153406106d460b029f0a5fc14153539c410d4bf91
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:58 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=1;cpu=0;start=2022-01-10T11:38:48.815Z;desc=hit,rtt;dur=0
content-length
6568
last-modified
Sun, 09 Jan 2022 08:06:16 GMT
server
Cloudinary
etag
"76069ffafe739929002dcd0541fc89a2"
vary
Save-Data
x-hw
1641828958.cds158.fr8.hn,1641828958.cds140.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame F209 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
18191afabdd55f31f8da7876213eb471318fcbff80cd186aba13bbe8d7461585

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:58 GMT
content-encoding
gzip
last-modified
Wed, 05 Jan 2022 15:01:11 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 11 Jan 2022 18:23:54 GMT
getContentIdByUrl
soapps.net/live/comments/api/comments/ 		79 B
458 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://soapps.net/live/comments/api/comments/getContentIdByUrl?integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&extPageId=173440&imageUrl=http://crooksandliars.com/files/mediaposters/2022/01/49279.jpg
Requested by
Host: soapps.net
URL: https://soapps.net/live/loader/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.119.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-119-75.compute-1.amazonaws.com
Software
nginx/1.17.10 /
Resource Hash
00a96008a7dc2241ecdd204793579f09c36810f3f42f86e21cac8636c9690ffc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:35:58 GMT
Vary
Origin
Server
nginx/1.17.10
RequestId
3bfaaf24-2894-4dc5-9e63-5365c395428b
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Type
application/json
Access-Control-Allow-Origin
https://crooksandliars.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
79
embed.vendors~ondemand.horizon-web.en-js.b7421551ee3ebed56e9a.js
platform.twitter.com/embed/ Frame D222 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.horizon-web.en-js.b7421551ee3ebed56e9a.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.f00b23f12ac431a9b357.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF8) /
Resource Hash
95c423bf8171e23d66d1b74a7f5bd90ad1806e8a3bea717280f9d71577389230

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479540381872271362&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:35:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Dec 2021 20:09:13 GMT
Server
ECS (mil/6CF8)
Age
2747375
Etag
"243d823d043564092099acd4323c5b02+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
9316
embed.ondemand.i18n.en-js.fb6631eca93bbc99287c.js
platform.twitter.com/embed/ Frame D222 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.fb6631eca93bbc99287c.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.f00b23f12ac431a9b357.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674D) /
Resource Hash
015fe53a47903430d7d5cdeea266d92571be3e535ed9321bf1db9ea2c6363746

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479540381872271362&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:35:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Dec 2021 20:09:13 GMT
Server
ECS (frb/674D)
Age
2747373
Etag
"03f1f219cd32073181398d1f998ecb57+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
1733
embed.vendors~ondemand.horizon-web.en-js.b7421551ee3ebed56e9a.js
platform.twitter.com/embed/ Frame AFD7 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.horizon-web.en-js.b7421551ee3ebed56e9a.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.f00b23f12ac431a9b357.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6725) /
Resource Hash
95c423bf8171e23d66d1b74a7f5bd90ad1806e8a3bea717280f9d71577389230

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479530205513351170&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:35:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Dec 2021 20:09:13 GMT
Server
ECS (frb/6725)
Age
2747373
Etag
"243d823d043564092099acd4323c5b02+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
9316
embed.ondemand.i18n.en-js.fb6631eca93bbc99287c.js
platform.twitter.com/embed/ Frame AFD7 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.fb6631eca93bbc99287c.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.f00b23f12ac431a9b357.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE7) /
Resource Hash
015fe53a47903430d7d5cdeea266d92571be3e535ed9321bf1db9ea2c6363746

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479530205513351170&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:35:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Dec 2021 20:09:13 GMT
Server
ECS (mil/6CE7)
Age
2747376
Etag
"03f1f219cd32073181398d1f998ecb57+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
1733
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=REVCONTENT_DISPLAY1&hp=1&wf=1&ra=1&pxm=&sgs=3&vb=13&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1641828958508&de=80176946616&m=0&ar=cc97a930ec1-clean&iw=bdef476&q=2&cb=0&ym=0&cu=1641828958508&ll=2&lm=0&ln=0&em=0&en=0&d=144849%3A167087%3A5813719%3Aundefined&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=revcontentdisplay556968265165&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1370%3A1370%3A0%3A1579&fs=195926&na=1618492860&cs=0
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:58 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 10 Jan 2022 15:35:58 GMT
truncated
/ Frame BF17 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5195742b5ef26f87ce37381c7aaf211c2679755961206aea2eae5097a108df17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame BF17 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMAwiG2foFgsLaEKJPOXCNEnin4tD8NlNqxUN9GmKc_Rpzx-dAbAdZcnvjCB4UeKfrmDaxh5iOlxsrsFPfX5ydhLCs8c81j8xxWYYQJek5EFaQ27YQCjb3oRAp33XJ_uJj9QfcoUcRzrFaeYYni8J9Ps_u2lzxRkoM7Q_6T_1AL8BoBtzgludWoeEW4dwla15gesvn0VegSR2_LcyjmxSOh6tFt7xBYo3WAfsgOH1wUF9bAiBcO7m3Gv5iJAQ6QJe7_fz1YNGctCUXfE9ELB989eIvtF8ffmMfZHinjoLjumWON6EY2rddTEVDZt-DlJLf3qiWEBYsuQvMektnut9Z9P_5&sig=Cg0ArKJSzKQZjq4g56XZEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:35:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 10 Jan 2022 15:35:58 GMT
embed.vendors~ondemand.horizon-web.en-js.b7421551ee3ebed56e9a.js
platform.twitter.com/embed/ Frame A41E 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.horizon-web.en-js.b7421551ee3ebed56e9a.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.f00b23f12ac431a9b357.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF8) /
Resource Hash
95c423bf8171e23d66d1b74a7f5bd90ad1806e8a3bea717280f9d71577389230

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-2&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479436233357119489&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:35:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Dec 2021 20:09:13 GMT
Server
ECS (mil/6CF8)
Age
2747375
Etag
"243d823d043564092099acd4323c5b02+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
9316
embed.ondemand.i18n.en-js.fb6631eca93bbc99287c.js
platform.twitter.com/embed/ Frame A41E 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.fb6631eca93bbc99287c.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.f00b23f12ac431a9b357.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE7) /
Resource Hash
015fe53a47903430d7d5cdeea266d92571be3e535ed9321bf1db9ea2c6363746

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-2&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479436233357119489&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:35:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Dec 2021 20:09:13 GMT
Server
ECS (mil/6CE7)
Age
2747376
Etag
"03f1f219cd32073181398d1f998ecb57+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
1733
d47cea7d-c40d-45b2-a173-70bcd6633df5.js
product.instiengage.com/ceu-code/ Frame D788 		358 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://product.instiengage.com/ceu-code/d47cea7d-c40d-45b2-a173-70bcd6633df5.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:3800:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
837ff30ab885bbd308d80aa091da1b292265376efa0582db599cc3d0b4fcad31

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
1IS2iHDGx1POBCgN4yNyd5oo5fODepzz
content-encoding
br
last-modified
Mon, 10 Jan 2022 08:56:50 GMT
server
AmazonS3
age
1858
etag
W/"b56061ccb200babffd477a6fc5885367"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
date
Mon, 10 Jan 2022 15:09:51 GMT
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
0LbTvRUMDUhFAMmramdVE0tlqumR3uPElVV3Cd4UjtGpr21F25BIFQ==
match
c1.adform.net/serving/cookie/ Frame 01D2 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=E684F5E9-3B0B-4B8B-B14B-8556B772469D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 10 Jan 2022 15:35:58 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 2127
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4697919638350014267
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4697919638350014267
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 10 Jan 2022 15:35:59 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug001:0:753
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4697919638350014267
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 4CDA 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 10 Jan 2022 15:35:57 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Mon, 10 Jan 2022 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
689566
strict-transport-security
max-age=31536000; preload;
Pug
simage2.pubmatic.com/AdServer/ Frame A359
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7051601680259414171
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7051601680259414171
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 10 Jan 2022 15:35:59 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug003:0:502
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Mon, 10 Jan 2022 15:35:58 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7051601680259414171
Pug
simage2.pubmatic.com/AdServer/ Frame 4978
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YdxSXgAElBbmSAAm&gdpr=0&gdpr_consent=&_test=YdxSXgAElBbmSAAm
1 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YdxSXgAElBbmSAAm&gdpr=0&gdpr_consent=&_test=YdxSXgAElBbmSAAm
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 10 Jan 2022 15:35:58 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
lhrpug017:0:528
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YdxSXgAElBbmSAAm&gdpr=0&gdpr_consent=&_test=YdxSXgAElBbmSAAm
accept-ranges
bytes
date
Mon, 10 Jan 2022 15:35:58 GMT
via
1.1 varnish
x-served-by
cache-cdg20770-CDG
x-cache
HIT
x-cache-hits
0
x-timer
S1641828959.980094,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 694D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3fMiE1AvSWZy7lUS9PyGn8EbDis
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3fMiE1AvSWZy7lUS9PyGn8EbDis
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 10 Jan 2022 15:36:00 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug013:0:429
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Mon, 10 Jan 2022 15:36:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=3fMiE1AvSWZy7lUS9PyGn8EbDis
Content-Length
159
Connection
keep-alive
redir
rtb-csync.smartadserver.com/ Frame 84F0
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGX2RFN0R1S1VBQUVGb29NQVhmdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAF_dE7DuKUAAEFooMAXfw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...
43 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAF_dE7DuKUAAEFooMAXfw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.144 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 10 Jan 2022 15:35:59 GMT
content-type
image/gif
transfer-encoding
chunked

Redirect headers

Date
Mon, 10 Jan 2022 15:35:59 GMT
location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAF_dE7DuKUAAEFooMAXfw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 8C45
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
107 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 10 Jan 2022 15:35:59 GMT
content-type
text/html; charset=utf-8
x-lat
lhrpug005:2:411
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Mon, 10 Jan 2022 15:35:58 GMT
server
_
Pug
image2.pubmatic.com/AdServer/ Frame E0CF
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=mtoD5EyevcP1gN00aHF9YISn
42 B
389 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=mtoD5EyevcP1gN00aHF9YISn
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 10 Jan 2022 15:35:58 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug020:0:394
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Mon, 10 Jan 2022 15:35:58 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=mtoD5EyevcP1gN00aHF9YISn
strict-transport-security
max-age=0; includeSubDomains;
i.match
s.tribalfusion.com/z/ Frame F289
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
423 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 10 Jan 2022 15:35:59 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6cb6fa724a293750-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Mon, 10 Jan 2022 15:35:59 GMT
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
1623
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6cb6fa70ceaf3750-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame C525
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=d597ba91-ae8e-4b9c-8974-0a6aae682d94-tuct8d5d7de&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=d597ba91-ae8e-4b9c-8974-0a6aae682d94-tuct8d5d7de&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Mon, 10 Jan 2022 15:35:59 GMT
via
1.1 varnish
x-served-by
cache-hhn4022-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1641828959.009079,VS0,VE11
content-length
0

Redirect headers

server
nginx
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=d597ba91-ae8e-4b9c-8974-0a6aae682d94-tuct8d5d7de&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Mon, 10 Jan 2022 15:35:58 GMT
via
1.1 varnish
x-served-by
cache-fra19157-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1641828959.817033,VS0,VE9
x-vcl-time-ms
9
content-length
0
dpe
ad4m.at/ad/ Frame DD16 		15 B
910 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 10 Jan 2022 15:35:58 GMT
content-type
text/plain; charset=utf-8
content-length
15
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6cb6fa709d8183ac-MXP
Pug
simage2.pubmatic.com/AdServer/ Frame DAA4
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-e72ddd07-3f01-4cbe-916a-c61e06ab6cd8-003&rndcb=5886358246
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=d0773446-703e-4748-9935-7778e55be987&google_hm=ZDA3NzM0NDYtNzAzZS00NzQ4LTk5MzUtNzc3OGU1NWJl...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEHY7xeQo2grf8xVJVFU8DUI&google_cver=1&ssp=adconductor&bsw_param=d0773446-703e-4748-9935-7778e55be987
  • https://sync.1rx.io/usersync/bidswitch/d0773446-703e-4748-9935-7778e55be987?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-e72ddd07-3f01-4cbe-916a-c61e06ab6cd8-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e72ddd07-3f01-4cbe-916a-c61e06ab6cd8-003
42 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e72ddd07-3f01-4cbe-916a-c61e06ab6cd8-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 10 Jan 2022 15:35:59 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug017:0:464
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Mon, 10 Jan 2022 15:35:59 GMT
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-e72ddd07-3f01-4cbe-916a-c61e06ab6cd8-003
etag
RXe72ddd073f014cbe916ac61e06ab6cd8003
bridge
cm.adgrx.com/ Frame EB87 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.165 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Date
Mon, 10 Jan 2022 15:35:58 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-9
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
cookiesync
core.iprom.net/ Frame FC75 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Vary
Accept-Encoding
X-adserver-worker
komodo-463ae304b005@version_1.366v3
Connection
close
X-server-arch
v2
Content-Type
image/gif
Content-Length
43
X-core-time
0ms
Date
Mon, 10 Jan 2022 15:35:59 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 57C0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5oT16TsLS4uxS4VWt3JGnQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:59 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=59799
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Tue, 11 Jan 2022 08:12:38 GMT

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 57C0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ca1a61dc-525e-4800-b5d3-f47e5f72a1a6
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ca1a61dc-525e-4800-b5d3-f47e5f72a1a6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:58 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 10 Jan 2022 15:35:58 GMT
Server
MT3 4133 baa842e master zrh-pixel-x8 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ca1a61dc-525e-4800-b5d3-f47e5f72a1a6
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 10 Jan 2022 15:35:57 GMT
mw
mwzeom.zeotap.com/ Frame 57C0
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=E684F5E9-3B0B-4B8B-B14B-8556B772469D
  • https://spl.zeotap.com/?zdid=1332&zcluid=13e38d5abdd85fcc
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=c6c32a08-0416-4e63-7293-4d103ae50c25&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEFLtHxNUcocwx1gvXVwBns4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=c6c32a08-0416-4e63-7293-4d1...
95 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEFLtHxNUcocwx1gvXVwBns4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=c6c32a08-0416-4e63-7293-4d103ae50c25&zcluid=13e38d5abdd85fcc&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6cb6fa7afade59d1-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEFLtHxNUcocwx1gvXVwBns4&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=c6c32a08-0416-4e63-7293-4d103ae50c25&zcluid=13e38d5abdd85fcc&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 57C0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKTT7TCCLRZc_eTUgY08CLI&google_cver=1
42 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKTT7TCCLRZc_eTUgY08CLI&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:59 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug004:0:418
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKTT7TCCLRZc_eTUgY08CLI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 57C0 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:58 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 09 Jan 2022 15:35:58 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 57C0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:ee3861dc-525e-4500-ba51-154383c5c538&gdpr=0&gdpr_consent=
42 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:ee3861dc-525e-4500-ba51-154383c5c538&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:59 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug016:0:454
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 10 Jan 2022 15:35:58 GMT
Server
MT3 4133 baa842e master zrh-pixel-x11 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:ee3861dc-525e-4500-ba51-154383c5c538&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 10 Jan 2022 15:35:57 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 57C0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=563268403423191541
42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=563268403423191541
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:59 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug005:0:465
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:58 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=563268403423191541
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 57C0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=200dd76c-6183-49d6-9fb9-08410ca8a1c3
42 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=200dd76c-6183-49d6-9fb9-08410ca8a1c3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:59 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug024:0:467
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=200dd76c-6183-49d6-9fb9-08410ca8a1c3
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 57C0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1899464560870372694&gdpr=0&gdpr_consent=
42 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1899464560870372694&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:58 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug012:0:452
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:35:58 GMT
X-Proxy-Origin
193.27.14.43; 193.27.14.43; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
6fc61aab-6a41-4c1a-a521-794d19b20c08
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1899464560870372694&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 57C0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E684F5E9-3B0B-4B8B-B14B-8556B772469D&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-T5TC1X9E2uXBw5ilgMr6w0jh5F3j45c-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-T5TC1X9E2uXBw5ilgMr6w0jh5F3j45c-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:57 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-T5TC1X9E2uXBw5ilgMr6w0jh5F3j45c-~A&gdpr=0&gdpr_consent=
date
Mon, 10 Jan 2022 15:35:58 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
E684F5E9-3B0B-4B8B-B14B-8556B772469D
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 57C0 		43 B
873 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/E684F5E9-3B0B-4B8B-B14B-8556B772469D?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:74fc:7750:9e36:ae36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:58 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
Pug
image2.pubmatic.com/AdServer/ Frame 57C0
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XFztm19fvJpHDLvKCFWky1sLucBHX77BXlj5paDe
42 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XFztm19fvJpHDLvKCFWky1sLucBHX77BXlj5paDe
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:59 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug022:0:596
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:58 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=XFztm19fvJpHDLvKCFWky1sLucBHX77BXlj5paDe
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 57C0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=2019934808504257040&expires=30&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d0773446-703e-4748-9935-7778e55be987&gdpr=&gdpr_consent=&gdpr_pd=
1 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d0773446-703e-4748-9935-7778e55be987&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:59 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug020:0:486
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d0773446-703e-4748-9935-7778e55be987&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 10 Jan 2022 15:35:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 57C0
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=6947168936938911157&gdpr=0&gdpr_consent=&us_privacy=
1 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=6947168936938911157&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:59 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug004:0:371
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=6947168936938911157&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 10 Jan 2022 15:35:58 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 57C0 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=E684F5E9-3B0B-4B8B-B14B-8556B772469D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:59 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame 57C0
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:00 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug024:0:611
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:59 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 57C0
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3a94958b-0851-40c1-ac07-d6206c9c3ba5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3a94958b-0851-40c1-ac07-d6206c9c3ba5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:00 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug003:0:767
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3a94958b-0851-40c1-ac07-d6206c9c3ba5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 10 Jan 2022 15:35:59 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 57C0
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1899464560870372694
42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1899464560870372694
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:00 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:393
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:00 GMT
X-Proxy-Origin
193.27.14.43; 193.27.14.43; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
d4547425-1f88-448a-812f-72f674667ad2
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1899464560870372694
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
d1ba4609
rtb.gumgum.com/getuid/ Frame 57C0 		35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:59 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
css
fonts.googleapis.com/ Frame 0655 		3 KB
579 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 13:55:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 10 Jan 2022 15:35:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Jan 2022 15:35:58 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 0655 		1 KB
880 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:30:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
339
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 15:30:19 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/ Frame 0655 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8bb62feaca29c6331af00715eb59493562b5213706522a97cd6ada5e8316313
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:33:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
176
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7894
x-xss-protection
0
server
cafe
etag
10405968765291005445
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 15:33:02 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 0655 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:34:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
99
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1210
x-xss-protection
0
server
cafe
etag
9753579932288205849
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 15:34:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0655 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37632
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641385868096614"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 10 Jan 2022 15:35:58 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 0655 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:34:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6485
x-xss-protection
0
server
cafe
etag
13366392639478751132
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 15:34:26 GMT
6d065ef8aad4e53a06604e1059b7b7b3.js
www.gstatic.com/mysidia/ Frame 0655 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 22:16:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
580759
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11408
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 07:52:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 03 Apr 2022 22:16:39 GMT
truncated
/ Frame 6776 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd1b66bc123fb56b869fc687bdd1fd077b7a4b375dc326c2b00dd1d1b2d46b51

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 6776 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssaxOeUYV1T_zxbmVQpTlBO5IU-WNSeUnLyQBOpPQgxKK9B_CEGZ0xnhvLzrgCyo1-9WQiKG83VNsM8KSUPeeurEjy1BbkjhK77UQgO0-iAAl9sVw0B4RnlHfHg4UkZ85JaX1Sj6yNFGp_r78oy6ZQ9DgZBbgqTFbQfLfxFiy_UJkmi2WR5pDath8CLHwWWP8chwvTiLqw1702XgMMXXlvMEsMWPENm7BG9xdqqS0meTq8OKCp6PUjx8LK--aU8O3e0k3ei11JhbmqQpX-tg7wWjBsvJ60Z14cc0Mtpe6LlYaeqFoMfQF1KCvBRxPOiMYyfUazRDkE991Olwyfpm03FqGNph9umcA&sig=Cg0ArKJSzPRy28e8SOT6EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:35:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 10 Jan 2022 15:35:58 GMT
/
track.adform.net/adfserve/ Frame F209 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=36796708;rtbwp=YdxSXAAAAACYWjLNkyU5oTqqRxYQhgWQBMog8g;rtbdata=1LLa4f0gt_HhMZ5-B24e4xhGQnrIZiPRh1gmyRWf9wiLkeSAy1Ryl71HzzoOmlsXZqtlexx74EyQ46P3k7ixSONHU44RzfCSUKuczeshBQP9T_9bqROc39v9jrP0a79h0RunnUg298tDBOM6P-o_lghUKotLelcbR8lcYmtqEI2KX-yo_mFBSE9gQylCQMs682vWBF-vlpeWrusI5ec7Q4pKfYRk6-xDmyRsseOJHtItf33bZ6ZD1Q_ULTHR8r5jwbiuV3K6kJsWrEO2cJ1he3c8TI8qqnubtukt6hYJ2JM1;js=1;adfxid=1x;256;set=en-US|en-US|1600X1200|0|300|50|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fcrooksandliars.com
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4ff74492a820e9959aaa54aa9fb84c2bf338038c76f41db4d7c81b3fe5ba942e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:58 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2203
expires
-1
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.215/e/.gSBgiDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame BF17 		86 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.215/e/.gSBgiDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4e1e3534cd3dc977db196bf47b9c20924218aa39a5db8181261b4429f40b56bb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:58 GMT
content-encoding
gzip
last-modified
Wed, 05 Jan 2022 15:01:11 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 11 Jan 2022 19:03:17 GMT
09ecdc48-4b2b-4d6e-8968-408e7fa759c5
https://crooksandliars.com/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://crooksandliars.com/09ecdc48-4b2b-4d6e-8968-408e7fa759c5
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
truncated
/ Frame 2EE3 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6cc7182c107a7e7fba05121efc87fc19f24191cd77e3adae71a22b1a40755d81

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=REVCONTENT_DISPLAY1&hp=1&wf=1&ra=1&pxm=&sgs=3&vb=13&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1641828958583&de=318595127800&m=0&ar=cc97a930ec1-clean&iw=bdef476&q=5&cb=0&ym=0&cu=1641828958583&ll=2&lm=0&ln=0&em=0&en=0&d=144849%3A167087%3A5856622%3Aundefined&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=revcontentdisplay556968265165&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1370%3A1370%3A0%3A1579&fs=195926&na=661296872&cs=0
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:59 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 10 Jan 2022 15:35:59 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.215/e/.gSBgiDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 6776 		86 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.215/e/.gSBgiDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4e1e3534cd3dc977db196bf47b9c20924218aa39a5db8181261b4429f40b56bb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:59 GMT
content-encoding
gzip
last-modified
Wed, 05 Jan 2022 15:01:11 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 11 Jan 2022 19:03:17 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C076 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssbTvqpYsB8mhz0k3B-e4wKXSp_uNe60C-5fGTuJOJv4EDejbjDS5GKiETBowKzZ2G-jvjUqIDf_0jILUtvJTfvaLj34P94mUwHscfkP6E3IuNWskug&sig=Cg0ArKJSzLlGq8pRT6VtEAE&id=lidar2&mcvt=1195&p=44,800,45,801&mtos=1195,1195,1195,1195,1195&tos=1195,0,0,0,0&v=20220105&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3278398655&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1641828957643&rpt=242&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 9C9B 		156 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2C1010624%2FCNXORTEST%2F8566&description_url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2283927336835277&cust_params=domains%3Dcrooksandliars.com&ad_type=video&sdkv=h.3.494.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3749406522&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.494.0&sid=17802A2D-DA1A-481F-A706-ED5BE598022E&nel=1&eid=44750604%2C44752657&top=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&loc=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&dt=1641828959136&cookie=ID%3D3e7e576597cad971-22ee45191acd00bc%3AT%3D1641828955%3ART%3D1641828955%3AS%3DALNI_MZEL4o_273NeNMaJ7CTsFfwUaxsZg&scor=2936328269784091&ged=timeout
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview.htm
rt3042.infolinks.com/action/ 		0
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rt3042.infolinks.com/action/adview.htm?rid=c644da4a-2944-43c0-ad78-118e34279cb9&bdc=1&midx=0&emd=NDI0fmFwaS5hcHB0YXAuY29t&rts=1641828959210&prod_t=d&jsv=1777.009-3.025&skin=sidebar&theme=nologo&sdata=articles&scs=yXUPNK5Pp3&rsd=Ch3GmJccE2qLSsbmsdxIYR43IzMovFYw_rYewMl4FeCAmqxI2Il2FJZewCEXG_0Nh1rShztIOl_BgtID5jT9NvprsB-N_XcEpKGwfoissf4wsTo50Z-kd5fYfImm3EYh6SXjL9X2hyQVH6UC2qyrvluSiEUTn45w&rsk=36&rcs=dAwRzXdni1gm45szH5df9w
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
6cb6fa732f5b68fd-FRA
content-length
0
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
node221.impressionssl.adshop.infolinks.com/impression/ 		37 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://node221.impressionssl.adshop.infolinks.com/impression/?vh=521412837&agy=414981&aid=637313&cid=640282&gid=643136&id=643138&st=1641828957&kwid=0&skw=articles&sid=3325427_1&sip=3239775744&img=643138&pid=15&tid=2&dev=0&mtyp=502&agtyp=0&rid=c644da4a-2944-43c0-ad78-118e34279cb9&idfa=&gaid=&site_cat=16&pixel=1
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.212.255.247 , Canada, ASN25948 (FHMNET, CA),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:59 GMT
x-replied-from
199.212.255.225:26080
server
nginx/1.16.1
content-type
image/gif
cache-control
no-cache, max-age=0, must-revalidate, no-store, post-check=0, pre-check=0
content-length
37
expires
0
/
node221.impressionssl.adshop.infolinks.com/impression/ 		246 KB
246 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://node221.impressionssl.adshop.infolinks.com/impression/?vh=521412837&agy=414981&aid=637313&cid=640282&gid=643136&id=643138&st=1641828957&kwid=0&skw=articles&sid=3325427_1&sip=3239775744&img=643138&pid=15&tid=2&dev=0&mtyp=502&agtyp=0&rid=c644da4a-2944-43c0-ad78-118e34279cb9&idfa=&gaid=&site_cat=16&mime=image/png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.212.255.247 , Canada, ASN25948 (FHMNET, CA),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
22a56f65d6148542e21c487ea42b104b05167ffd2c24a89b400fe3565c5e16ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:59 GMT
x-replied-from
199.212.255.227:26080
server
nginx/1.16.1
content-type
image/png
cache-control
no-cache, max-age=0, must-revalidate, no-store, post-check=0, pre-check=0
content-length
251602
expires
0
page
soapps.net/live/comments/api/ Frame 97A0 		318 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://soapps.net/live/comments/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&extPageId=173440&contentId=68acbe83-2c92-47e9-b8ad-be33fc593fd4&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=886de358-7f35-4af0-b0c5-495d4ba57907
Requested by
Host: soapps.net
URL: https://soapps.net/live/loader/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.119.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-119-75.compute-1.amazonaws.com
Software
nginx/1.17.10 /
Resource Hash
da66c7f365019f52169e77ecea62d44c64ee9100d9c8e294a17e7f61f7467fa8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

Server
nginx/1.17.10
Date
Mon, 10 Jan 2022 15:36:00 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Origin
RequestId
a335163b-6a79-4cfe-b5de-59eee28e8c30
Access-Control-Allow-Credentials
true
ETag
W/"4f832-vi0RG81fBh9I07UrVXIuP8UfIdI"
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Encoding
gzip
event
event.instiengage.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_embed-loaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.173.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-173-84.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://crooksandliars.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 10 Jan 2022 15:35:59 GMT
content-length
0
vary
Origin
access-control-max-age
3600
access-control-allow-origin
https://crooksandliars.com
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-credentials
true
css
fonts.googleapis.com/ Frame D788 		4 KB
508 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
468bd6764eff264452e2cd22f06d3ccb569941caceff828cd1bc0374a4774eff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 14:47:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 10 Jan 2022 15:35:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Jan 2022 15:35:59 GMT
all.css
use.fontawesome.com/releases/v5.5.0/css/ Frame D788 		50 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:35:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16226902
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
MD3W2M9AJ7N91H82
x-amz-id-2
88s6UgLClUOvut0dinL15y9LyHKM4IXzztjPVfG/s6eyrsZH2O3bw4ozEDO1eEaACTw9Ob05QFc=
last-modified
Wed, 30 Jun 2021 15:43:32 GMT
server
cloudflare
etag
W/"1cc6c92172d124fbd305ba3d8e263333"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLXi8G0mb5eS78TB%2BOQJJr2yLJk9%2F4urOb36bHbvQO%2Fpv%2FZTOUJu3HB4e5toHVYGz28KmCN9NvpY4lsQT8HDUYFvNzSVVmrv3JH4ALgmoyClxfJEo1zCpDo2UNFsA1Mevq8LrlspG5VVlPOloAYTn9ea"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
6cb6fa779aa8f937-MXP
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=671282525&t=pageview&_s=1&dl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&dp=%2Fbf354797-2feb-4d2a-ad39-b31b027bc5f3&ul=en-us&de=UTF-8&dt=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAUABAAAAAC~&jid=1529734141&gjid=81410043&cid=228879631.1641828955&tid=UA-123718506-11&_gid=1682051791.1641828955&_r=1&_slc=1&z=801052195
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:35:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://crooksandliars.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
geoip.instiengage.com/json/ Frame D788 		240 B
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.instiengage.com/json/
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/d47cea7d-c40d-45b2-a173-70bcd6633df5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.173.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-173-84.compute-1.amazonaws.com
Software
/
Resource Hash
2bffd27deccc4940c0be1a637adfdc98a16fb615ac0b0a8a6909624224ed65e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Mon, 10 Jan 2022 15:35:59 GMT
access-control-allow-credentials
true
x-database-date
Sun, 09 Jan 2022 22:25:18 GMT
content-length
240
vary
Origin
content-type
application/json
event
event.instiengage.com/v1/ Frame D788 		0
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_embed-loaded
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/d47cea7d-c40d-45b2-a173-70bcd6633df5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.173.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-173-84.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Mon, 10 Jan 2022 15:36:00 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
logo-insticator-light-opt.png
static.instiengage.com/files/images/embed4.0/app/ Frame D788 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/files/images/embed4.0/app/logo-insticator-light-opt.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b943ac9eb37bac5937d3fdec8a4295e7e330f8c1ff4b481fb2810d3ae4bca8dd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
w7gtQSz9AStQdiIs3IcLPUYoKdf9yCiw
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 18:59:06 GMT
server
AmazonS3
age
392
etag
"b5cc01468ea9b242e6354798d28874df"
x-cache
Hit from cloudfront
content-type
image/png
date
Mon, 10 Jan 2022 15:34:05 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
2129
x-amz-cf-id
hn6f-INAVbnWz3BOGGXi3tjIcma5upEBTxPd8AiynP3PKeK0C4BlRg==
icon-check.png
static.instiengage.com/files/images/embed4.0/app/ Frame D788 		649 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/files/images/embed4.0/app/icon-check.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
151c4c52c25dd28c33321aaaeabe879c4814087d4eaf7545d93f5d81d4d1c4f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
LAzj2T9To4nJbbC7ZHWfpQpTuFxrgcvY
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 18:59:06 GMT
server
AmazonS3
age
372
etag
"b673377b664a0b33454c267d911fcfc1"
x-cache
Hit from cloudfront
content-type
image/png
date
Mon, 10 Jan 2022 15:33:55 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
649
x-amz-cf-id
FceewSVvjLqyynxwSsuA9pduieG07JdZbJiZiPkwqviUm3RdQmtGqw==
graphic-ooc-opt.png
static.instiengage.com/files/images/embed4.0/app/ Frame D788 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/files/images/embed4.0/app/graphic-ooc-opt.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
695ce10188e5306fcbf679b7cc125b6eac681d124a85a5908bbd8d0079a47e9a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
eOMnJSzBI81wb4OK.n4S.oHVD4IqRrSP
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 18:59:05 GMT
server
AmazonS3
age
256
etag
"3b5c1361f893cc23b07c2f3cc48cee32"
x-cache
Hit from cloudfront
content-type
image/png
date
Mon, 10 Jan 2022 15:34:00 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
4833
x-amz-cf-id
N4yeWMAlZ0KUIpIyZOdtiqHskvOEVzly2zlIruxjmRklZncLhRXSww==
3f5ed2b9-1550-435b-9c83-a179594cab72
static.instiengage.com/client_logos/ecf2723f-6eaf-4718-a72f-4d6205343dab/ Frame D788 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/client_logos/ecf2723f-6eaf-4718-a72f-4d6205343dab/3f5ed2b9-1550-435b-9c83-a179594cab72
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e10667a93b0cb2e23efa1f03b79c612419f7515fce81b9a968dfbae5d454481a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
TBWHK6EZfBs9iMkqBYge9dCI.G5cipy8
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 15:11:08 GMT
server
AmazonS3
age
369
etag
"8e11d93f80b2b8b4d0f72d722ea4bec8"
x-cache
Hit from cloudfront
content-type
application/octet-stream
cache-control
max-age=3600,public
date
Mon, 10 Jan 2022 15:29:50 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
54747
x-amz-cf-id
7O1vTG_pokYVm7iwZVpBNoew9khqehzXqTjSwyT46PwoS-8tsmokog==
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=REVCONTENT_DISPLAY1&hp=1&wf=1&ra=1&pxm=&sgs=3&vb=13&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1641828958596&de=280257727663&m=0&ar=cc97a930ec1-clean&iw=bdef476&q=8&cb=0&ym=0&cu=1641828958596&ll=2&lm=0&ln=0&em=0&en=0&d=144849%3A167087%3A5763777%3Aundefined&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=revcontentdisplay556968265165&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1370%3A1370%3A0%3A1579&fs=195926&na=125988775&cs=0
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:00 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 10 Jan 2022 15:36:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-123718506-11&cid=228879631.1641828955&jid=1529734141&gjid=81410043&_gid=1682051791.1641828955&_u=aADAAUABAAAAAC~&z=676677103
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 10 Jan 2022 15:36:00 GMT
content-type
text/plain
access-control-allow-origin
https://crooksandliars.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.29715ca2e27538cc4c88.js
platform.twitter.com/embed/ Frame D222 		383 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.29715ca2e27538cc4c88.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.f00b23f12ac431a9b357.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE6) /
Resource Hash
7abdd47254800f35ffef0fc434fa7fcf432e13651b27670b2e6f8e08143d4b00

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479540381872271362&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Dec 2021 20:09:13 GMT
Server
ECS (mil/6CE6)
Age
2746066
Etag
"28a37f9b17808aa66f17b1c227be059e+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
96013
embed.vendors~ondemand.Tweet.215918e9c83880e27bc2.js
platform.twitter.com/embed/ Frame D222 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.215918e9c83880e27bc2.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.f00b23f12ac431a9b357.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE9) /
Resource Hash
0e8670554443313b972c10ae1a34baeb408d060fc5e82c6a358f77d7e98dd15e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479540381872271362&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Dec 2021 20:09:13 GMT
Server
ECS (mil/6CE9)
Age
2747377
Etag
"c247e426d2ec154064a87aaff54defce+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
5857
embed.ondemand.Tweet.e3e733bb7e8701cd3aaa.js
platform.twitter.com/embed/ Frame D222 		65 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.Tweet.e3e733bb7e8701cd3aaa.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.f00b23f12ac431a9b357.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6739) /
Resource Hash
b70a2e8691e6a71a2a41f52c0ce2140b420fe995fbfa64d1727e8d4255dc5ebf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479540381872271362&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jan 2022 19:46:17 GMT
Server
ECS (frb/6739)
Age
330574
Etag
"7284bcab05295aac35e33b62038b8469+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
15709
embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.29715ca2e27538cc4c88.js
platform.twitter.com/embed/ Frame AFD7 		383 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.29715ca2e27538cc4c88.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.f00b23f12ac431a9b357.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE6) /
Resource Hash
7abdd47254800f35ffef0fc434fa7fcf432e13651b27670b2e6f8e08143d4b00

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479530205513351170&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Dec 2021 20:09:13 GMT
Server
ECS (mil/6CE6)
Age
2746066
Etag
"28a37f9b17808aa66f17b1c227be059e+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
96013
embed.vendors~ondemand.Tweet.215918e9c83880e27bc2.js
platform.twitter.com/embed/ Frame AFD7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.215918e9c83880e27bc2.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.f00b23f12ac431a9b357.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE9) /
Resource Hash
0e8670554443313b972c10ae1a34baeb408d060fc5e82c6a358f77d7e98dd15e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479530205513351170&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Dec 2021 20:09:13 GMT
Server
ECS (mil/6CE9)
Age
2747377
Etag
"c247e426d2ec154064a87aaff54defce+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
5857
embed.ondemand.Tweet.e3e733bb7e8701cd3aaa.js
platform.twitter.com/embed/ Frame AFD7 		65 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.Tweet.e3e733bb7e8701cd3aaa.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.f00b23f12ac431a9b357.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF2) /
Resource Hash
b70a2e8691e6a71a2a41f52c0ce2140b420fe995fbfa64d1727e8d4255dc5ebf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479530205513351170&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jan 2022 19:46:17 GMT
Server
ECS (mil/6CF2)
Age
330515
Etag
"7284bcab05295aac35e33b62038b8469+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
15709
um
cs.emxdgt.com/ Frame 565A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

content-type
text/html
date
Mon, 10 Jan 2022 15:36:00 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame A432 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

content-type
image/png
date
Mon, 10 Jan 2022 15:36:00 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
beacon
ap.lijit.com/ Frame 51E0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406715
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

Server
nginx
Date
Mon, 10 Jan 2022 15:36:00 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap7ams1
usersync
rtb.gumgum.com/ Frame B216
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=geJsLSnkhaNu0i8XlHkg&pi=gumgum&tc=1
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=geJsLSnkhaNu0i8XlHkg&pi=gumgum&tc=1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

date
Mon, 10 Jan 2022 15:36:00 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Mon, 10 Jan 2022 15:36:00 GMT Mon, 10 Jan 2022 15:36:00 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=geJsLSnkhaNu0i8XlHkg&pi=gumgum&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
2b9d395f79fd97a5
sync.e-planning.net/uspd/1/ Frame 956D
Redirect Chain
  • https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D%24UID
  • https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D%24UID
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D%24UID
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
b4d227fc02e20acc5fe46199f6f0f1333190dc5e24822679fb2d19bb6962b3de

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

server
openresty
date
Mon, 10 Jan 2022 15:36:00 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
expires
Mon, 10 Jan 2022 15:36:00 GMT
x-sid
AMS-731
content-encoding
gzip

Redirect headers

server
openresty
date
Mon, 10 Jan 2022 15:36:00 GMT
content-type
text/html; charset=iso-8859-1
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D%24UID
x-sid
AMS-731
generic
match.adsrvr.org/track/cmf/ Frame 35F6 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

date
Mon, 10 Jan 2022 15:36:00 GMT
content-type
image/gif
content-length
70
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
onetag-sys.com/usync/ Frame 1A16 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1641828956308
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
URnmbSKM
sync-tm.everesttech.net/upi/pid/ Frame 3059 		85 B
259 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

content-type
image/png
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
server
Jetty(9.4.35.v20201120)
accept-ranges
bytes
date
Mon, 10 Jan 2022 15:36:00 GMT
via
1.1 varnish
x-served-by
cache-cdg20770-CDG
x-cache
MISS
x-cache-hits
0
x-timer
S1641828960.127858,VS0,VE80
cache-control
no-cache
pragma
no-cache
content-length
85
/
onetag-sys.com/usync/ Frame 274A 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5649f68000b2f63&gdpr_consent=%7C0cf87ec8-f669-4bc0-9e9d-61689914b320&gdpr=0
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
usersync
rtb.gumgum.com/ Frame 46F2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=ee3861dc-525e-4500-ba51-154383c5c538&gdpr=1&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=ee3861dc-525e-4500-ba51-154383c5c538&gdpr=1&gdpr_consent=
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

date
Mon, 10 Jan 2022 15:36:00 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Mon, 10 Jan 2022 15:36:00 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4133 baa842e master zrh-pixel-x14 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb.gumgum.com/usersync?b=mmh&i=ee3861dc-525e-4500-ba51-154383c5c538&gdpr=1&gdpr_consent=
Expires
Mon, 10 Jan 2022 15:35:59 GMT
usync.html
eus.rubiconproject.com/ Frame A798 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 10 Jan 2022 15:36:00 GMT
Connection
keep-alive
Vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame DF19 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=baGR9kdWur64rQaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP004 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

x-33x-status
2000208
server
33XP004
date
Mon, 10 Jan 2022 15:35:59 GMT
um
cs.emxdgt.com/ Frame 119E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

content-type
text/html
date
Mon, 10 Jan 2022 15:36:00 GMT
content-length
0
generic
match.adsrvr.org/track/cmf/ Frame 9F47 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

date
Mon, 10 Jan 2022 15:36:00 GMT
content-type
image/gif
content-length
70
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
ssc-cms.33across.com/ps/ Frame 98F7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=a7MD9EdWur64rQaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP005 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

x-33x-status
2000208
server
33XP005
date
Mon, 10 Jan 2022 15:35:59 GMT
usermatch
ssum-sec.casalemedia.com/ Frame EBD8 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
86efdef3bf366b1dc2ece37d5e9495613882c35eddad9df966f77cf25c1ed914

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
46|73|130|88|4|196|230|40
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1573
Expires
Mon, 10 Jan 2022 15:36:00 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:00 GMT
Connection
keep-alive
generic
match.adsrvr.org/track/cmf/ Frame E90F 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

date
Mon, 10 Jan 2022 15:36:00 GMT
content-type
image/gif
content-length
70
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame D667 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

content-type
image/png
date
Mon, 10 Jan 2022 15:36:00 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
usersync
rtb.gumgum.com/ Frame 59C0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=ee3861dc-525e-4500-ba51-154383c5c538&gdpr=1&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=ee3861dc-525e-4500-ba51-154383c5c538&gdpr=1&gdpr_consent=
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

date
Mon, 10 Jan 2022 15:36:00 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Mon, 10 Jan 2022 15:36:00 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4133 baa842e master zrh-pixel-x2 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb.gumgum.com/usersync?b=mmh&i=ee3861dc-525e-4500-ba51-154383c5c538&gdpr=1&gdpr_consent=
Expires
Mon, 10 Jan 2022 15:35:59 GMT
URnmbSKM
sync-tm.everesttech.net/upi/pid/ Frame EEDC 		85 B
145 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

content-type
image/png
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
server
Jetty(9.4.35.v20201120)
accept-ranges
bytes
date
Mon, 10 Jan 2022 15:36:00 GMT
via
1.1 varnish
x-served-by
cache-cdg20770-CDG
x-cache
MISS
x-cache-hits
0
x-timer
S1641828960.135918,VS0,VE81
cache-control
no-cache
pragma
no-cache
content-length
85
generic
match.adsrvr.org/track/cmf/ Frame 8B50 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

date
Mon, 10 Jan 2022 15:36:00 GMT
content-type
image/gif
content-length
70
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
ssc-cms.33across.com/ps/ Frame 9C97 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bi21t-dWur64rQaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP001 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

x-33x-status
2000208
server
33XP001
date
Mon, 10 Jan 2022 15:36:00 GMT
usersync
rtb.gumgum.com/ Frame 7FA3
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=geJsLSnkhaNu0i8XlHkg&pi=gumgum&tc=1
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=geJsLSnkhaNu0i8XlHkg&pi=gumgum&tc=1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

date
Mon, 10 Jan 2022 15:36:00 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Mon, 10 Jan 2022 15:36:00 GMT Mon, 10 Jan 2022 15:36:00 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=geJsLSnkhaNu0i8XlHkg&pi=gumgum&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 8F8C 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

content-type
image/png
date
Mon, 10 Jan 2022 15:36:00 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
usersync
rtb.gumgum.com/ Frame 2DAB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=ee3861dc-525e-4500-ba51-154383c5c538&gdpr=1&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=ee3861dc-525e-4500-ba51-154383c5c538&gdpr=1&gdpr_consent=
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

date
Mon, 10 Jan 2022 15:36:00 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Mon, 10 Jan 2022 15:36:00 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4133 baa842e master zrh-pixel-x24 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb.gumgum.com/usersync?b=mmh&i=ee3861dc-525e-4500-ba51-154383c5c538&gdpr=1&gdpr_consent=
Expires
Mon, 10 Jan 2022 15:35:59 GMT
pixel
cm.g.doubleclick.net/ Frame FA24 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=&gdpr=1&gdpr_consent=
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

content-type
image/png
date
Mon, 10 Jan 2022 15:36:00 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
async_usersync.html
acdn.adnxs.com/dmp/ Frame 95B2 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 10 Jan 2022 02:32:36 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Mon, 10 Jan 2022 15:36:00 GMT
Age
47003
X-Served-By
cache-lga21931-LGA, cache-hhn4070-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 792773
X-Timer
S1641828960.192981,VS0,VE0
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame E5FC 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Mon, 10 Jan 2022 15:36:00 GMT
Connection
keep-alive
usersync
rtb.gumgum.com/ Frame 2084
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=ee3861dc-525e-4500-ba51-154383c5c538&gdpr=1&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=ee3861dc-525e-4500-ba51-154383c5c538&gdpr=1&gdpr_consent=
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

date
Mon, 10 Jan 2022 15:36:00 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Mon, 10 Jan 2022 15:36:00 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4133 baa842e master zrh-pixel-x31 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb.gumgum.com/usersync?b=mmh&i=ee3861dc-525e-4500-ba51-154383c5c538&gdpr=1&gdpr_consent=
Expires
Mon, 10 Jan 2022 15:35:59 GMT
/
ssc-cms.33across.com/ps/ Frame 47C4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bfg5H-dWur64rQaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP004 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

x-33x-status
2000208
server
33XP004
date
Mon, 10 Jan 2022 15:35:59 GMT
URnmbSKM
sync-tm.everesttech.net/upi/pid/ Frame AE77 		85 B
145 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

content-type
image/png
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
server
Jetty(9.4.35.v20201120)
accept-ranges
bytes
date
Mon, 10 Jan 2022 15:36:00 GMT
via
1.1 varnish
x-served-by
cache-cdg20770-CDG
x-cache
MISS
x-cache-hits
0
x-timer
S1641828960.153392,VS0,VE81
cache-control
no-cache
pragma
no-cache
content-length
85
usersync
rtb.gumgum.com/ Frame BF8E
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=geJsLSnkhaNu0i8XlHkg&pi=gumgum&tc=1
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=geJsLSnkhaNu0i8XlHkg&pi=gumgum&tc=1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

date
Mon, 10 Jan 2022 15:36:00 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Mon, 10 Jan 2022 15:36:00 GMT Mon, 10 Jan 2022 15:36:00 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=geJsLSnkhaNu0i8XlHkg&pi=gumgum&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame D71A
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=geJsLSnkhaNu0i8XlHkg&pi=gumgum&tc=1
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=geJsLSnkhaNu0i8XlHkg&pi=gumgum&tc=1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

date
Mon, 10 Jan 2022 15:36:00 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Mon, 10 Jan 2022 15:36:00 GMT Mon, 10 Jan 2022 15:36:00 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=geJsLSnkhaNu0i8XlHkg&pi=gumgum&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
pd
u.openx.net/w/1.0/ Frame BA95 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.0.0
date
Mon, 10 Jan 2022 15:36:00 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
um
cs.emxdgt.com/ Frame D9B3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

content-type
text/html
date
Mon, 10 Jan 2022 15:36:00 GMT
content-length
0
um
cs.emxdgt.com/ Frame D564 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

content-type
text/html
date
Mon, 10 Jan 2022 15:36:00 GMT
content-length
0
usersync.html
ad-cdn.technoratimedia.com/html/ Frame B05A 		20 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.43.4
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frd/E2F8) /
Resource Hash
836ab705526221b8f0c5006c7e16a6cd4a26eb9e1c1533e73520e82fad6b2c43

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

content-encoding
gzip
accept-ranges
bytes
access-control-allow-origin
*
age
444
cache-control
max-age=900
content-type
text/html; charset=UTF-8
date
Mon, 10 Jan 2022 15:36:00 GMT
etag
"4e55-5d218fd2a2900"
expires
Mon, 10 Jan 2022 15:51:00 GMT
last-modified
Wed, 01 Dec 2021 17:27:32 GMT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
server
ECAcc (frd/E2F8)
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-varnish
250073242 248759696
content-length
6086
usync.html
eus.rubiconproject.com/ Frame FE73
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?endpoint=us-east&p=insticator
  • https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 10 Jan 2022 15:36:00 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
date
Mon, 10 Jan 2022 15:36:00 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
ps
ssc-cms.33across.com/ Frame 34B0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps?m=xch&rt=html&id=0010b00001rrPUnAAM&ru=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2F33across%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D33XUSERID33X
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP003 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

x-33x-status
2000208
server
33XP003
date
Mon, 10 Jan 2022 15:35:59 GMT
index.html
cdn.districtm.io/ids/ Frame 7E95 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

date
Mon, 10 Jan 2022 15:36:00 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6cb6fa790d0b4e98-FRA
check.html
biddr.brealtime.com/ Frame 2386 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

Date
Mon, 10 Jan 2022 15:36:00 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
64a2/mMiEAEcE6A0Bt+2Erlf5G8/Vr6F+aKm35SudGm/mhDDMsfdh3kdR47hqOgX9Nj5IT4Nh94=
x-amz-request-id
WMCZ1XWCTS57FSV5
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
2448
Expires
Mon, 10 Jan 2022 15:37:00 GMT
Cache-Control
public, max-age=60
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6cb6fa79ba3440c9-CDG
Content-Encoding
gzip
0cf87ec8-f669-4bc0-9e9d-61689914b320
ex.ingage.tech/v1/sync/amx/
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Famx%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D
  • https://ex.ingage.tech/v1/sync/amx/0cf87ec8-f669-4bc0-9e9d-61689914b320?uid=ed09afd3-c9f1-4a43-8ab5-b0f0d8220ec9&gdpr=0
0
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/sync/amx/0cf87ec8-f669-4bc0-9e9d-61689914b320?uid=ed09afd3-c9f1-4a43-8ab5-b0f0d8220ec9&gdpr=0
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Server
2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
cache-control
private, max-age=1296000
access-control-allow-credentials
true
cf-ray
6cb6fa7b5903374a-MXP

Redirect headers

location
https://ex.ingage.tech/v1/sync/amx/0cf87ec8-f669-4bc0-9e9d-61689914b320?uid=ed09afd3-c9f1-4a43-8ab5-b0f0d8220ec9&gdpr=0
date
Mon, 10 Jan 2022 15:36:00 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
usersync
rtb.gumgum.com/
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%...
  • https://rtb.gumgum.com/usersync?b=vnt&i=033b22e7-722b-11ec-9250-59e8f3a3eea6
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=033b22e7-722b-11ec-9250-59e8f3a3eea6
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:00 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=033b22e7-722b-11ec-9250-59e8f3a3eea6
Date
Mon, 10 Jan 2022 15:36:00 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
033b49f8-722b-11ec-9250-59e8f3a3eea6
usersync
rtb.gumgum.com/
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=&gdpr=1&gdpr_consent=&us_privacy=
  • https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:00 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
78
Content-Type
text/html; charset=utf-8
sync
x.bidswitch.net/ 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=gumgum2&user_id=&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.179.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-179-172.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
usersync
rtb.gumgum.com/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=acC9uNGcyFYe&ev=1&pid=558355
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=acC9uNGcyFYe&ev=1&pid=558355
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:00 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
location
https://rtb.gumgum.com/usersync?b=pln&i=acC9uNGcyFYe&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-stage-0
expires
-1
usersync
rtb.gumgum.com/
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=0b41250e-3f31-4fd1-926c-4fe9710ed238
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=0b41250e-3f31-4fd1-926c-4fe9710ed238
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:00 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=0b41250e-3f31-4fd1-926c-4fe9710ed238
date
Mon, 10 Jan 2022 15:36:00 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
9.gif
id5-sync.com/s/441/ 		43 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.183 , France, ASN16276 (OVH, FR),
Reverse DNS
p08.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:35:59 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
usersync
rtb.gumgum.com/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=1899464560870372694
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=1899464560870372694
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:00 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:00 GMT
X-Proxy-Origin
193.27.14.43; 193.27.14.43; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
6731c9f9-0e90-4353-b46b-3e098be91105
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=1899464560870372694
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/usync/ 		0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
services
sync.technoratimedia.com/ 		0
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=90&uid=0cf87ec8-f669-4bc0-9e9d-61689914b320&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsynacor%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D%5BUSER_ID%5D
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:00 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
320998009
access-control-allow-origin
https://crooksandliars.com/
access-control-allow-credentials
true
usa
sync.go.sonobi.com/ 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsonobi%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:00 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
0cf87ec8-f669-4bc0-9e9d-61689914b320
ex.ingage.tech/v1/sync/sovrn/
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsovrn%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D%24UID
  • https://ex.ingage.tech/v1/sync/sovrn/0cf87ec8-f669-4bc0-9e9d-61689914b320?uid=30b961211246323ef130f0ec
0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/sync/sovrn/0cf87ec8-f669-4bc0-9e9d-61689914b320?uid=30b961211246323ef130f0ec
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Server
2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:00 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
cache-control
private, max-age=1296000
access-control-allow-credentials
true
cf-ray
6cb6fa7ae80a374a-MXP

Redirect headers

Date
Mon, 10 Jan 2022 15:36:00 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ex.ingage.tech/v1/sync/sovrn/0cf87ec8-f669-4bc0-9e9d-61689914b320?uid=30b961211246323ef130f0ec
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
0cf87ec8-f669-4bc0-9e9d-61689914b320
ex.ingage.tech/v1/sync/acuityads/
Redirect Chain
  • https://cs.admanmedia.com/sync/insticator_ssp?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Facuityads%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D%7B%24UID%7D
  • https://ex.ingage.tech/v1/sync/acuityads/0cf87ec8-f669-4bc0-9e9d-61689914b320?uid=18e646373b7f9f7e6fd2a32fa3ae10c0d31399c8
0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/sync/acuityads/0cf87ec8-f669-4bc0-9e9d-61689914b320?uid=18e646373b7f9f7e6fd2a32fa3ae10c0d31399c8
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Server
2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
cache-control
private, max-age=1296000
access-control-allow-credentials
true
cf-ray
6cb6fa7cabf8374a-MXP

Redirect headers

Location
https://ex.ingage.tech/v1/sync/acuityads/0cf87ec8-f669-4bc0-9e9d-61689914b320?uid=18e646373b7f9f7e6fd2a32fa3ae10c0d31399c8
Date
Mon, 10 Jan 2022 15:36:00 GMT
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
X-Frame-Options
DENY
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
0cf87ec8-f669-4bc0-9e9d-61689914b320
ex.ingage.tech/v1/sync/bidswitch/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=insticator&custom_data=0cf87ec8-f669-4bc0-9e9d-61689914b320
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=insticator
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=insticator
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=e3ddabf9-0695-4a08-8cde-44688370592d&ssp=insticator
  • https://ex.ingage.tech/v1/sync/bidswitch/0cf87ec8-f669-4bc0-9e9d-61689914b320?uid=d0773446-703e-4748-9935-7778e55be987&gdpr=&gdpr_consent=&us_privacy=
0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/sync/bidswitch/0cf87ec8-f669-4bc0-9e9d-61689914b320?uid=d0773446-703e-4748-9935-7778e55be987&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Server
2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
cache-control
private, max-age=1296000
access-control-allow-credentials
true
cf-ray
6cb6fa814f04374a-MXP

Redirect headers

Location
//ex.ingage.tech/v1/sync/bidswitch/0cf87ec8-f669-4bc0-9e9d-61689914b320?uid=d0773446-703e-4748-9935-7778e55be987&gdpr=&gdpr_consent=&us_privacy=
Date
Mon, 10 Jan 2022 15:36:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v13/ Frame D788 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v13/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://crooksandliars.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 13:26:13 GMT
x-content-type-options
nosniff
age
266987
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48480
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:05:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 07 Jan 2023 13:26:13 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame EC1E 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2C1010624%2FCNXORTEST%2F8566&description_url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2736760022939282&cust_params=domains%3Dcrooksandliars.com&ad_type=video&sdkv=h.3.494.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=2575873076&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.494.0&sid=0300AAAF-7E8C-485C-A53A-4E8BD8B605F9&nel=1&eid=44750604&top=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&loc=about%3Ablank&dt=1641828960174&cookie=ID%3D3e7e576597cad971%3AT%3D1641828955%3AS%3DALNI_Mb-g-aisSADHlzIcH_gZBftKV8cmg&scor=3228161691109968&ged=timeout
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/csimpr/ Frame BF17 		35 B
471 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=46688788&csi=Ieg3VTwCEnfDGrOmMP3DByCZcMDSkJweIBoP8xSwoSDrygPkIxxfk8PvTaFBvTzZHGVB1lBsXzHRLWWHj62MiGQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:00 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://crooksandliars.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
45677495.jpg
s1.adform.net/Banners/45677495/ Frame BF17 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/45677495/45677495.jpg?bv=2
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
349f8aadb10eede699236f9a996020d6d634dffdba301e73d971f3aa05281b3d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:00 GMT
last-modified
Thu, 03 Jun 2021 09:17:39 GMT
server
nginx
etag
"60b89e33-74cf"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
29903
r8nbwAJIoZCxWYvDNzL2FR480laaoV7LX6_itKNPK9o.js
pagead2.googlesyndication.com/bg/ Frame 67F1 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/r8nbwAJIoZCxWYvDNzL2FR480laaoV7LX6_itKNPK9o.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
afc9dbc00248a190b1598bc33732f6151e3cd2569aa15ecb5fafe2b4a34f2bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 14:51:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
89075
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13292
x-xss-protection
0
last-modified
Tue, 21 Dec 2021 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 09 Jan 2023 14:51:25 GMT
embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.29715ca2e27538cc4c88.js
platform.twitter.com/embed/ Frame A41E 		383 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.29715ca2e27538cc4c88.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.f00b23f12ac431a9b357.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE6) /
Resource Hash
7abdd47254800f35ffef0fc434fa7fcf432e13651b27670b2e6f8e08143d4b00

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-2&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479436233357119489&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Dec 2021 20:09:13 GMT
Server
ECS (mil/6CE6)
Age
2746066
Etag
"28a37f9b17808aa66f17b1c227be059e+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
96013
embed.vendors~ondemand.Tweet.215918e9c83880e27bc2.js
platform.twitter.com/embed/ Frame A41E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.215918e9c83880e27bc2.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.f00b23f12ac431a9b357.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE9) /
Resource Hash
0e8670554443313b972c10ae1a34baeb408d060fc5e82c6a358f77d7e98dd15e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-2&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479436233357119489&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Dec 2021 20:09:13 GMT
Server
ECS (mil/6CE9)
Age
2747377
Etag
"c247e426d2ec154064a87aaff54defce+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
5857
embed.ondemand.Tweet.e3e733bb7e8701cd3aaa.js
platform.twitter.com/embed/ Frame A41E 		65 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.Tweet.e3e733bb7e8701cd3aaa.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.f00b23f12ac431a9b357.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF2) /
Resource Hash
b70a2e8691e6a71a2a41f52c0ce2140b420fe995fbfa64d1727e8d4255dc5ebf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-2&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479436233357119489&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jan 2022 19:46:17 GMT
Server
ECS (mil/6CF2)
Age
330515
Etag
"7284bcab05295aac35e33b62038b8469+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
15709
usertracking
b2c.instiengage.com/v3/pages/ Frame 9242 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b2c.instiengage.com/v3/pages/usertracking
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/d47cea7d-c40d-45b2-a173-70bcd6633df5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.142.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-142-247.compute-1.amazonaws.com
Software
/
Resource Hash
984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 10 Jan 2022 15:36:00 GMT
content-type
text/html; charset=UTF-8
content-length
2821
etag
16d094af-dabf-4109-96d0-660c7d65b0f9
vary
Accept-Encoding,Origin
pragma
max-age=3600
cache-control
max-age=3600
content-encoding
gzip
bannon-s-anti-vax-correspondent-blames-his
crooksandliars.com/2022/01/ 		16 B
373 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his?checkupdates=1641828960322
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/sites/all/themes/cl_theme21/public/resources/theme21.js?v=d89e696ee944254344d8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
3ad88cfeb51231ef2c348b1fdf4af5dc9b828dc2e87546b1b01951063649f278

Request headers

Referer
https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 10 Jan 2022 15:36:00 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, HEAD, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
token, Content-Type
service-worker-allowed
/
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.215/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame F209 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.215/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
1f647589f081c26a24954bf8f32fb7ea1b828fe3a41cebc760154191a167efea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:00 GMT
content-encoding
gzip
last-modified
Wed, 05 Jan 2022 15:01:11 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 11 Jan 2022 19:19:23 GMT
usermatch
ssum-sec.casalemedia.com/ Frame ABED 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=187482&us_privacy=&gdpr_consent=&gdpr=1
Requested by
Host: d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com
URL: https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
514cc5597f0501916af66e54fc446da3d134a936f55295b408b73234799bc1fd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
206|3|65|81|57|90|111|5
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1494
Expires
Mon, 10 Jan 2022 15:36:00 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:00 GMT
Connection
keep-alive
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9419 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com
URL: https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 10 Jan 2022 05:53:44 GMT
expires
Tue, 11 Jan 2022 05:53:44 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
34936
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame F209 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2bdb25de1aa97fe8cdfc5476db721396756d3300346e6a2863a6230899be149e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-123718506-11&cid=228879631.1641828955&jid=1529734141&_u=aADAAUABAAAAAC~&z=1616364953
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-123718506-11&cid=228879631.1641828955&jid=1529734141&_u=aADAAUABAAAAAC~&z=1616364953
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=REVCONTENT_DISPLAY1&hp=1&wf=1&ra=1&pxm=&sgs=3&vb=13&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1641828958608&de=891387009598&m=0&ar=cc97a930ec1-clean&iw=bdef476&q=11&cb=0&ym=0&cu=1641828958608&ll=2&lm=0&ln=0&em=0&en=0&d=144849%3A167087%3A6589296%3Aundefined&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=revcontentdisplay556968265165&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1370%3A1370%3A0%3A1579&fs=195926&na=2033810206&cs=0
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:00 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 10 Jan 2022 15:36:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AA62 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst_X1n9CEMFJRte8GBXbcjzvd9QqEa-biqzjxplNdFykjj6KlzE3eoYl-EQKJHi3hs-SRSVH3WLvdshAiXYIa7X2dBwp-TzLwz6oMinnsjQHmVjxWR_-w&sai=AMfl-YRUDzadaSgUjnf4hK0zsrB7A0qK-07JtGOyUDkZP5ADL19WdfHW8NXzDQRg2jaXeUfV-zbz7KmihkSAUqpHBnsJIMPRhKoMD4ex2rX-vXUqGgWTLxME5yG_kzs&sig=Cg0ArKJSzCzR-_kmp2sDEAE&cid=CAASF-Roy36gfWUA3ARupo4jrWvc9S-0efoL&id=ampim&o=1055,828&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1289&mtos=0,0,1289,1289,1289&tos=0,0,1289,0,0&tfs=921&tls=2210&g=62.00000047683716&h=62.00000047683716&tt=2210&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=3583374100
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
r8nbwAJIoZCxWYvDNzL2FR480laaoV7LX6_itKNPK9o.js
pagead2.googlesyndication.com/bg/ Frame 8A12 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/r8nbwAJIoZCxWYvDNzL2FR480laaoV7LX6_itKNPK9o.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
afc9dbc00248a190b1598bc33732f6151e3cd2569aa15ecb5fafe2b4a34f2bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 14:51:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
89075
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13292
x-xss-protection
0
last-modified
Tue, 21 Dec 2021 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 09 Jan 2023 14:51:25 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=crooksandliars.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:36:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=crooksandliars.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:36:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
v2cbaiGnkfsC-t_kAshj-OJX6qRiN0Dx0qZTVJlCAXHHK1fRG6AAxcIe5ONzHfRB12XE8SKoGWHes3qpzUg
glisteningguide.com/ 		209 B
608 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glisteningguide.com/v2cbaiGnkfsC-t_kAshj-OJX6qRiN0Dx0qZTVJlCAXHHK1fRG6AAxcIe5ONzHfRB12XE8SKoGWHes3qpzUg
Requested by
Host: glisteningguide.com
URL: https://glisteningguide.com/v2svfVFmfR692y-_LnnShhl08-248o3qFh5AJHol-9kA088r9prIfWE8vFc-u44i_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.74.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.74.190.35.bc.googleusercontent.com
Software
/
Resource Hash
c9eea1b694f6cefdb979aa9f57be5abe565d198ec9a60b7911d5726486409555
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Mon, 10 Jan 2022 15:36:00 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
26187baf
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
209
expires
Mon, 10 Jan 2022 15:35:59 GMT
abt
capi.connatix.com/tr/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/abt?v=144775
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.50.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-50-229.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 10 Jan 2022 15:36:00 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
/
track.adform.net/csimpr/ Frame 6776 		35 B
471 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=36796705&csi=lfIDc2sVVP_dYPDMSZeUFYPutCJx0lrM4LM0drfOelzrygPkIxxfkz1HBnU_TJGtVMzQDobrq49PagGWBwAFpGQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:00 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://crooksandliars.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
45358436.gif
s1.adform.net/Banners/45358436/ Frame 6776 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/45358436/45358436.gif?bv=2
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f1ba5ca9ae3eebdc575cda57fbce8793068707ae93cc750abab1216e8d36fa5d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:00 GMT
last-modified
Mon, 24 May 2021 19:41:11 GMT
server
nginx
etag
"60ac0157-8392"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/gif
content-length
33682
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame AC65 		995 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

Connection
keep-alive
Content-Length
506
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Thu, 06 May 2021 05:24:22 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Mon, 10 Jan 2022 15:36:00 GMT
Age
21550295
X-Served-By
cache-lga21980-LGA, cache-hhn4070-HHN
X-Cache
HIT, HIT
X-Cache-Hits
194520, 683875
X-Timer
S1641828961.796310,VS0,VE0
Vary
Accept-Encoding
iframe
mantodea.mantisadnetwork.com/prebid/ Frame 6BB4 		241 B
478 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1641828955263&secure=true&version=9&mobile=false&title=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.147.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-147-122.compute-1.amazonaws.com
Software
/ Express
Resource Hash
b796165ed3148a5530acf9ab582506a9c43f81c62aba9ac6c57c3bd8c5662e97

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

date
Mon, 10 Jan 2022 15:36:00 GMT
content-type
text/html; charset=utf-8
content-length
241
x-powered-by
Express
vary
Origin
access-control-allow-credentials
true
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
expires
-1
etag
W/"f1-qkJslwhNzUbeBFinzYy9/wAy3pY"
check.html
biddr.brealtime.com/ Frame 605E 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

Date
Mon, 10 Jan 2022 15:36:00 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
64a2/mMiEAEcE6A0Bt+2Erlf5G8/Vr6F+aKm35SudGm/mhDDMsfdh3kdR47hqOgX9Nj5IT4Nh94=
x-amz-request-id
WMCZ1XWCTS57FSV5
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
2448
Expires
Mon, 10 Jan 2022 15:37:00 GMT
Cache-Control
public, max-age=60
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6cb6fa7d1b1a40c9-CDG
Content-Encoding
gzip
showad.js
ads.pubmatic.com/AdServer/js/ Frame 3B26 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

last-modified
Tue, 19 Oct 2021 10:00:01 GMT
etag
"1302647-96ae-5ceb1b98ba7c4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13882
content-type
text/html; charset=UTF-8
cache-control
public, max-age=31485
expires
Tue, 11 Jan 2022 00:20:45 GMT
date
Mon, 10 Jan 2022 15:36:00 GMT
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame C3FA 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 10 Jan 2022 15:36:00 GMT
Connection
keep-alive
Vary
Accept-Encoding
integrator.js
adservice.google.com/adsid/ Frame 3C9B 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:36:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
getuid
secure.adnxs.com/ Frame EBD8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
YdxSXBt8uWyTtIAi9xXNZAAABHYAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame EBD8 		43 B
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YdxSXBt8uWyTtIAi9xXNZAAABHYAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:74fc:7750:9e36:ae36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:00 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame EBD8
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAF_dE7DuKUAAEFooMAXfw&expiration=1643038561&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAF_dE7DuKUAAEFooMAXfw&expiration=1643038561&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:01 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 10 Jan 2022 15:36:01 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAF_dE7DuKUAAEFooMAXfw&expiration=1643038561&gdpr=1
Date
Mon, 10 Jan 2022 15:36:01 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame EBD8 		85 B
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:01 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1641828961.080224,VS0,VE81
x-served-by
cache-cdg20770-CDG
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame EBD8
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=6947168936938911157
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=6947168936938911157
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:01 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 10 Jan 2022 15:36:01 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=6947168936938911157
pragma
no-cache
date
Mon, 10 Jan 2022 15:36:00 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame EBD8
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 10 Jan 2022 15:36:02 GMT

Redirect headers

date
Mon, 10 Jan 2022 15:36:01 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
pixel
cm.g.doubleclick.net/ Frame EBD8 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YdxSXBt8uWyTtIAi9xXNZAAABHYAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0cf87ec8-f669-4bc0-9e9d-61689914b320
ex.ingage.tech/v1/sync/ix/ Frame EBD8 		0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/sync/ix/0cf87ec8-f669-4bc0-9e9d-61689914b320?uid=YdxSXBt8uWyTtIAi9xXNZAAABHYAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
cache-control
private, max-age=604800
access-control-allow-credentials
true
cf-ray
6cb6fa7ec8f5374a-MXP
usync.js
eus.rubiconproject.com/ Frame A798 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d6c1a2f9215ebefb6d1860b25295492273b42b2c9dde336ea04bf0687d020ad6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:00 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=44740
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9702
Expires
Tue, 11 Jan 2022 04:01:40 GMT
um
u-ams02.e-planning.net/ Frame 956D
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Dd952d2dc72c9603b
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=d952d2dc72c9603b
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=d952d2dc72c9603b
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D%24UID
Protocol
H2
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:01 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:00 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=d952d2dc72c9603b
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
dataxpand_28122020.js
s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/ Frame 956D 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/dataxpand_28122020.js
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:00 GMT
content-encoding
gzip
last-modified
Mon, 28 Dec 2020 16:45:03 GMT
server
openresty
etag
W/"5fea0b8f-9a72"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sat, 09 Jan 2027 15:36:00 GMT
prebid
rtb.openx.net/sync/ Frame 956D 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Dd952d2dc72c9603b%26uid%3D%24%7BUID%7D
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:01 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
drmkdqo61kovd183lomt5tib7mdsibct
ptag
a.audrte.com/ Frame 956D 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.222.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-222-206.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
1eab91be691fbe6e9b973e814c30249e2c1db45a4edb65884adb0924fe428cee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:01 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1680
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame 956D 		266 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:00 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sat, 09 Jan 2027 15:36:00 GMT
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 956D
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3Dd952d2dc72c9603b
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fsync.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fsync.e-planning.net%2F
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D%24UID
Protocol
H2
Server
168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:01 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fsync.e-planning.net%2F
date
Mon, 10 Jan 2022 15:36:01 GMT
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame 956D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dd952d2dc72c9603b%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=d952d2dc72c9603b&uid=1899464560870372694
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=d952d2dc72c9603b&uid=1899464560870372694
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D%24UID
Protocol
H2
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:01 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:01 GMT
X-Proxy-Origin
193.27.14.43; 193.27.14.43; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
1ef92a65-00c8-4d5a-94d8-7dbd8b76b206
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=d952d2dc72c9603b&uid=1899464560870372694
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame FE73 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d6c1a2f9215ebefb6d1860b25295492273b42b2c9dde336ea04bf0687d020ad6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:01 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=44739
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9702
Expires
Tue, 11 Jan 2022 04:01:40 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=REVCONTENT_DISPLAY1&hp=1&wf=1&ra=1&pxm=&sgs=3&vb=13&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1641828958616&de=386977822700&m=0&ar=cc97a930ec1-clean&iw=bdef476&q=14&cb=0&ym=0&cu=1641828958616&ll=2&lm=0&ln=0&em=0&en=0&d=144849%3A167087%3A6489770%3Aundefined&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=revcontentdisplay556968265165&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1370%3A1370%3A0%3A1579&fs=195926&na=1190236671&cs=0
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:00 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 10 Jan 2022 15:36:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 57C0 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156512&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:00 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
track.adform.net/csimpr/ Frame F209 		35 B
494 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=36796708&csi=Ye6wUnpl7lBTHNFDQnAtueVR68Ca8_MS7vr6wHdDkh7ZKGWOLEEutt6vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:01 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
41278445.gif
s1.adform.net/Banners/41278445/ Frame F209 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/41278445/41278445.gif?bv=2
Requested by
Host: d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com
URL: https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
2c3c2d7dd5ca1f4534c63319a72806487aeb5b74f094056798aad56dedd94d3d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:00 GMT
last-modified
Tue, 23 Nov 2021 14:59:57 GMT
server
nginx
etag
"619d01ed-4505"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/gif
content-length
17669
sync
ups.analytics.yahoo.com/ups/55940/ Frame ABED 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YdxSXBt8uWyTtIAi9xXNZAAABHYAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=187482&us_privacy=&gdpr_consent=&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:01 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame ABED
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=ee3861dc-525e-4500-ba51-154383c5c538&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=ee3861dc-525e-4500-ba51-154383c5c538&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=187482&us_privacy=&gdpr_consent=&gdpr=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:01 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 10 Jan 2022 15:36:01 GMT

Redirect headers

Date
Mon, 10 Jan 2022 15:36:01 GMT
Server
MT3 4133 baa842e master zrh-pixel-x13 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=ee3861dc-525e-4500-ba51-154383c5c538&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 10 Jan 2022 15:36:00 GMT
rum
dsum.casalemedia.com/ Frame ABED
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1641915361&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1641915361&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=187482&us_privacy=&gdpr_consent=&gdpr=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 10 Jan 2022 15:36:02 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1641915361&gdpr=1
pragma
no-cache
date
Mon, 10 Jan 2022 15:36:01 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame ABED
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=VrfcelW0jXtN54orAr6VKlHgiCFNtI8gVLMdo9-_
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=VrfcelW0jXtN54orAr6VKlHgiCFNtI8gVLMdo9-_
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=187482&us_privacy=&gdpr_consent=&gdpr=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:01 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 10 Jan 2022 15:36:01 GMT

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:01 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=VrfcelW0jXtN54orAr6VKlHgiCFNtI8gVLMdo9-_
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame ABED
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2019934808504257040
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2019934808504257040
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=187482&us_privacy=&gdpr_consent=&gdpr=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 10 Jan 2022 15:36:02 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2019934808504257040
Date
Mon, 10 Jan 2022 15:36:01 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
no_match_opted_out
um.simpli.fi/ Frame ABED
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=187482&us_privacy=&gdpr_consent=&gdpr=1
Protocol
H2
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 10 Jan 2022 15:36:01 GMT
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Mon, 10 Jan 2022 15:36:01 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sun, 09 Jan 2022 15:36:01 GMT
match
c1.adform.net/serving/cookie/ Frame ABED 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=187482&us_privacy=&gdpr_consent=&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:01 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
ix
ad4m.at/ad/sim/ Frame ABED 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=187482&us_privacy=&gdpr_consent=&gdpr=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
htw-pixel.gif
js-sec.indexww.com/ht/ Frame ABED 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YdxSXBt8uWyTtIAi9xXNZAAABHYAAAIB?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=187482&us_privacy=&gdpr_consent=&gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:01 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1490
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 10 Jan 2022 16:00:51 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame 4ADF
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.10.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-10-151.compute-1.amazonaws.com
Software
/
Resource Hash
09d7f52f9853a4bceabae389f3a70b61a292b7d5c8280b7276ed73a917503ea1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/

Response headers

date
Mon, 10 Jan 2022 15:36:01 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Mon, 10 Jan 2022 15:36:01 GMT
pragma
no-cache

Redirect headers

date
Mon, 10 Jan 2022 15:36:01 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
async_usersync
ib.adnxs.com/ Frame 95B2 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:01 GMT
X-Proxy-Origin
193.27.14.43; 193.27.14.43; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
50178906-213d-4cf0-8147-9a85b40fdae5
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 1492
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 10 Jan 2022 15:36:01 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
date
Mon, 10 Jan 2022 15:36:01 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 020F 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dd952d2dc72c9603b%26uid%3D
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=59797
expires
Tue, 11 Jan 2022 08:12:38 GMT
date
Mon, 10 Jan 2022 15:36:01 GMT
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 6F77 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://crooksandliars.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
088e29b57af9f0dba09c8f44bc0259822e55ada489ef8352908ea809fb6b2a96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
64|41|47|105|206|195|188|57
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1485
Expires
Mon, 10 Jan 2022 15:36:01 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:01 GMT
Connection
keep-alive
ads
pubads.g.doubleclick.net/gampad/ Frame 8989 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2C1010624%2FCNXORTEST%2F8566&description_url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4010378033741942&cust_params=domains%3Dcrooksandliars.com&ad_type=video&sdkv=h.3.494.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3790153939&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.494.0&sid=8C003BA7-F2EB-4E05-A52C-8024E13FDF4B&nel=1&eid=420706097%2C44750604%2C44750823&top=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&loc=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&dlt=1641828954568&idt=3816&dt=1641828961178&cookie=ID%3D3e7e576597cad971%3AT%3D1641828955%3AS%3DALNI_Mb-g-aisSADHlzIcH_gZBftKV8cmg&scor=3932636542720019&ged=timeout
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
abt
capi.connatix.com/tr/ Frame 3C9B 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/abt?v=144775
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.50.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-50-229.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 10 Jan 2022 15:36:00 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
activeview
pagead2.googlesyndication.com/pcs/ Frame 2EE3 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuXW0u8bvDAwi6e-tlZtTb7haWpo6IHHmAJOuRhPVFlm0_HIfwBshAfQ4GoKSguu7Mq-811j2CK4NHQYcRwP6lXJrM81hF2SybVCpnFOLUnhmVAOeYq_w&sai=AMfl-YRVWeofwwgQNEjmqhk1c_ol975kPbr_Oqjr3aFTZzkSk-SsUFACyBLs5uczwPDRICL3rqDDGEbgF562&sig=Cg0ArKJSzG_E_TmW7ibPEAE&id=lidar2&mcvt=1400&p=0,0,124,1005&mtos=1400,1400,1400,1400,1400&tos=1400,0,0,0,0&v=20220105&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1641828957315&rpt=2661&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ Frame 97A0 		4 KB
510 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;600;700&display=block
Requested by
Host: soapps.net
URL: https://soapps.net/live/comments/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&extPageId=173440&contentId=68acbe83-2c92-47e9-b8ad-be33fc593fd4&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=886de358-7f35-4af0-b0c5-495d4ba57907
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8eb55a5a836670be78c05907572caf0901b0f7f627f4af90e3949eec45a0cd76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://soapps.net/
Origin
https://soapps.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 15:36:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 10 Jan 2022 15:36:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Jan 2022 15:36:01 GMT
73afd1a3-67ba-4903-9d0c-b6d7168df690
static.instiengage.com/comments-service/images/69a75830-25c2-11eb-9ed2-87bb071a9ad5/ Frame 97A0 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/comments-service/images/69a75830-25c2-11eb-9ed2-87bb071a9ad5/73afd1a3-67ba-4903-9d0c-b6d7168df690
Requested by
Host: soapps.net
URL: https://soapps.net/live/comments/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&extPageId=173440&contentId=68acbe83-2c92-47e9-b8ad-be33fc593fd4&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=886de358-7f35-4af0-b0c5-495d4ba57907
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f595aad54b0770323cfc1a7b544d992ab6dea7a85ab698712243913f53bfbfbc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:02 GMT
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified
Mon, 10 Jan 2022 02:09:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
etag
"ea212529e57a6fbbfa1a8278ff2160ce"
x-cache
Miss from cloudfront
x-amz-version-id
BNRKQ0RzADiDaTbLhhZ0nhdunY1f2rer
accept-ranges
bytes
content-type
image/jpeg
content-length
73057
x-amz-cf-id
vA2v4dYDHbYUZ7ehEGC4UgPElCfrDbJArYAImvpzKoWUehsoT2FxAg==
ads
pubads.g.doubleclick.net/gampad/ Frame 5F3B 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2C1010624%2FCNXORTEST%2F8566&description_url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1855859872802605&cust_params=domains%3Dcrooksandliars.com&ad_type=video&sdkv=h.3.494.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=4005993418&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.494.0&sid=F7541C89-DB31-4253-9C98-A0E4DBEB93FD&nel=1&eid=44750604%2C44752657&top=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&loc=about%3Ablank&dlt=1641828954740&idt=4317&dt=1641828961856&cookie=ID%3D3e7e576597cad971%3AT%3D1641828955%3AS%3DALNI_Mb-g-aisSADHlzIcH_gZBftKV8cmg&scor=2624585229864918&ged=timeout
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:02 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
tweet
cdn.syndication.twimg.com/ Frame AFD7 		952 B
760 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/tweet?features=tfw_experiments_cookie_expiration%3A1209600%3Btfw_horizon_tweet_embed_9555%3Ahte%3Btfw_space_card%3Aoff&id=1479530205513351170&lang=en
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.66e311263622456867b1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_f / Express
Resource Hash
048a133d4651b77595e7fcbb30d01cafe69c887c9af5beda4d71cae4c300b754
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding
gzip
etag
W/"3b8-0eTeTCsMLwkRJ8NgMGWz101vBpE"
x-powered-by
Express
access-control-allow-methods
GET
strict-transport-security
max-age=631138519
content-length
631
x-xss-protection
0
x-response-time
160
server
tsa_f
x-frame-options
SAMEORIGIN
date
Mon, 10 Jan 2022 15:36:02 GMT
vary
Origin, Accept-Encoding
x-tw-cdn
VZ, VZ
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=60
access-control-allow-credentials
true
x-connection-hash
b96d159288c3380b708fe2683d9d9c2dce69b199099c40fc93ae8963dfe01ef6
x-content-type-options
nosniff
access-contol-allow-origin
platform.twitter.com
tweet
cdn.syndication.twimg.com/ Frame D222 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/tweet?features=tfw_experiments_cookie_expiration%3A1209600%3Btfw_horizon_tweet_embed_9555%3Ahte%3Btfw_space_card%3Aoff&id=1479540381872271362&lang=en
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.66e311263622456867b1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_f / Express
Resource Hash
a6a1f1f8b7123f3df0bd479f657c951c6dfd5e3c9c22b0bf897efea3e97b214e
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding
gzip
etag
W/"789-WCIv96Mc6LXZSfXTkeMKpBL0ljk"
x-powered-by
Express
access-control-allow-methods
GET
strict-transport-security
max-age=631138519
x-xss-protection
0
x-response-time
143
server
tsa_f
x-frame-options
SAMEORIGIN
date
Mon, 10 Jan 2022 15:36:02 GMT
vary
Origin, Accept-Encoding
x-tw-cdn
VZ, VZ
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=60
access-control-allow-credentials
true
x-connection-hash
67a1c138878585a8c964770524f4e165fabf53dcf365c36dca63b79126a88518
x-content-type-options
nosniff
access-contol-allow-origin
platform.twitter.com
usync.js
eus.rubiconproject.com/ Frame C3FA 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d6c1a2f9215ebefb6d1860b25295492273b42b2c9dde336ea04bf0687d020ad6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:01 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=44739
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9702
Expires
Tue, 11 Jan 2022 04:01:40 GMT
css2
fonts.googleapis.com/ Frame 97A0 		4 KB
510 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;600;700&display=block
Requested by
Host: soapps.net
URL: https://soapps.net/live/comments/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&extPageId=173440&contentId=68acbe83-2c92-47e9-b8ad-be33fc593fd4&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=886de358-7f35-4af0-b0c5-495d4ba57907
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8eb55a5a836670be78c05907572caf0901b0f7f627f4af90e3949eec45a0cd76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 15:36:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 10 Jan 2022 15:36:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Jan 2022 15:36:02 GMT
truncated
/ Frame 97A0 		812 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3930c59a0de8f6716415416a01a3ef8ea72e4df5f9145d39f19164db53658d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 97A0 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5b40ab15c9b4fd99052ca5af37ce22f2379f8d2722d8e64f41bb3dc5389c75d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 97A0 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a8a07129f0d6c3c3ec92530b2fb31362c48bc4b6058f8d784c5df763232a0fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 97A0 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd6de22bea23412c07dea5014cb261e95a237556c30b6f3ec0a032d787faf0c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 97A0 		721 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
47f939d447b1f96bd45972df4f933992f168f2a4d34d981a225023cc0559f37b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 97A0 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca0d58f9456f1f20979712848b65b0311c245676094d710c2b274136b9ea5170

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 97A0 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf176d3ca578ff933382af1d53e31f4ea489f6fb170b4f9428c191d84bfc55c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 97A0 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de1d71710ebc6ffb20b84b7d507ecd8bb524210aa4d184cf139b16965cfd6911

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 97A0 		881 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d64fcf3d7439beb92086ade76b81a353e72f4293fd0bdfcdc140fff05a7688f1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
21fc94fa-4d9c-41f1-b325-c0a96a753311
static.instiengage.com/comments-service/images/39628ee0-3ee7-11eb-8b52-ddfe341506c4/ Frame 97A0 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/comments-service/images/39628ee0-3ee7-11eb-8b52-ddfe341506c4/21fc94fa-4d9c-41f1-b325-c0a96a753311
Requested by
Host: soapps.net
URL: https://soapps.net/live/comments/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&extPageId=173440&contentId=68acbe83-2c92-47e9-b8ad-be33fc593fd4&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=886de358-7f35-4af0-b0c5-495d4ba57907
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
147fdc981f995669d8cc3fb86665e6577c4010a20d6d89dcb3358816f5d943a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified
Sun, 09 Jan 2022 18:21:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
etag
"04048b216032827b8f11900087a356d2"
x-cache
Miss from cloudfront
x-amz-version-id
keMFLo91emp9_5JS0ctL2ajzFW80ozr7
accept-ranges
bytes
content-type
image/jpeg
content-length
21061
x-amz-cf-id
8rETeurTpU7F9NykyrumqCtyDphy16xupj5pTUnsq-j-5bdlJo5I6Q==
0150372c-b27b-4987-ae31-12e2a0efe01c
static.instiengage.com/comments-service/images/7d0ff6f0-5a94-11eb-a047-f1c870979c00/ Frame 97A0 		111 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/comments-service/images/7d0ff6f0-5a94-11eb-a047-f1c870979c00/0150372c-b27b-4987-ae31-12e2a0efe01c
Requested by
Host: soapps.net
URL: https://soapps.net/live/comments/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&extPageId=173440&contentId=68acbe83-2c92-47e9-b8ad-be33fc593fd4&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=886de358-7f35-4af0-b0c5-495d4ba57907
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fae15250c020a98cd1e28cb1db970dd8116a80e43f395fff1f2f8530d808e869

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
nhlttZLobz37Du.NKg4AcP8pQ8ETELJM
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified
Sun, 09 Jan 2022 17:24:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
etag
"df35e60359fced97d4a2c752bcdd4d0e"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
date
Mon, 10 Jan 2022 15:36:03 GMT
accept-ranges
bytes
content-length
113703
x-amz-cf-id
atjQndjEBWWGejGLofsjWyR2wLxzRSzTWOYZd1yMG--P-ViRZofnHA==
09890416-b984-422e-939c-8ddb84dc6c9f
static.instiengage.com/comments-service/images/69a75830-25c2-11eb-9ed2-87bb071a9ad5/ Frame 97A0 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/comments-service/images/69a75830-25c2-11eb-9ed2-87bb071a9ad5/09890416-b984-422e-939c-8ddb84dc6c9f
Requested by
Host: soapps.net
URL: https://soapps.net/live/comments/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&extPageId=173440&contentId=68acbe83-2c92-47e9-b8ad-be33fc593fd4&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=886de358-7f35-4af0-b0c5-495d4ba57907
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
903064921db670aa11375e08bf10fd18296b6bbe8e86496d89e3f1160b3d43ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
MjFhxVcZx9nbxT_fh7Dd0tovY1iwCO0M
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified
Sun, 09 Jan 2022 17:17:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
etag
"8058a39833ad7cda35e3865dd5bdf3d6"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
date
Mon, 10 Jan 2022 15:36:03 GMT
accept-ranges
bytes
content-length
13938
x-amz-cf-id
1brAb1tvC4AQIs6S6UofuKluQzUEV18R-a7Aoe2kz8Y4_pI3ljdRMQ==
1966658d-6746-4f7b-bca7-a7c8e0d859f3
static.instiengage.com/comments-service/images/69a75830-25c2-11eb-9ed2-87bb071a9ad5/ Frame 97A0 		91 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/comments-service/images/69a75830-25c2-11eb-9ed2-87bb071a9ad5/1966658d-6746-4f7b-bca7-a7c8e0d859f3
Requested by
Host: soapps.net
URL: https://soapps.net/live/comments/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&extPageId=173440&contentId=68acbe83-2c92-47e9-b8ad-be33fc593fd4&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=886de358-7f35-4af0-b0c5-495d4ba57907
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d77ba1508c7261da2ddeaaa98c7596cdf467aed4e0b68914d597316eb939e963

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
jXlbPPdFi_emSxd.yG5BGQRwcIQSZi0p
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified
Sun, 09 Jan 2022 17:15:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
etag
"7524920cbe7cf0d9eacdbee0d0339967"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
date
Mon, 10 Jan 2022 15:36:03 GMT
accept-ranges
bytes
content-length
93532
x-amz-cf-id
mC3Wo4I1ZQQ6GIYN90ZYJjWk4Dybz6La-_iKiqkNVJWYoGyjz5-t3A==
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=REVCONTENT_DISPLAY1&hp=1&wf=1&ra=1&pxm=&sgs=3&vb=13&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1641828958625&de=868605631901&m=0&ar=cc97a930ec1-clean&iw=bdef476&q=17&cb=0&ym=0&cu=1641828958625&ll=2&lm=0&ln=0&em=0&en=0&d=144849%3A167087%3A6584147%3Aundefined&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=revcontentdisplay556968265165&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1370%3A1370%3A0%3A1579&fs=195926&na=1605852498&cs=0
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:02 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 10 Jan 2022 15:36:02 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame FE73 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=insticator&khaos=KY8UKI0F-Q-BGJM
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
Content-Type
image/gif
fltiu.js
pixel.yabidos.com/ Frame 6BB4 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/fltiu.js?qid=83233313f553333313f513430313&cid=1041&p=undefined&s=crooksandliars.com
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1641828955263&secure=true&version=9&mobile=false&title=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:02 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 09 Jan 2022 14:20:06 GMT
server
cloudflare
age
3045
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6cb6fa868fb05b38-FRA
content-length
1168
expires
Mon, 10 Jan 2022 17:36:02 GMT
query
ecs.mantisadnetwork.com/sync/pixel/ Frame 6BB4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1
  • https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=200dd76c-6183-49d6-9fb9-08410ca8a1c3
35 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=200dd76c-6183-49d6-9fb9-08410ca8a1c3
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1641828955263&secure=true&version=9&mobile=false&title=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Server
54.80.147.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-147-122.compute-1.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:02 GMT
x-powered-by
Express
etag
W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
content-length
35
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:02 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=200dd76c-6183-49d6-9fb9-08410ca8a1c3
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
241
tweet
cdn.syndication.twimg.com/ Frame A41E 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/tweet?features=tfw_experiments_cookie_expiration%3A1209600%3Btfw_horizon_tweet_embed_9555%3Ahte%3Btfw_space_card%3Aoff&id=1479436233357119489&lang=en
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.66e311263622456867b1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_f / Express
Resource Hash
94f2d998919340c0c7393bb4e8a41e58741417d9329255e39674a94a57d75729
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding
gzip
etag
W/"72a-KcX8lLt/VY5uPgPv8kPF+Tu4wvs"
x-powered-by
Express
access-control-allow-methods
GET
strict-transport-security
max-age=631138519
x-xss-protection
0
x-response-time
238
server
tsa_f
x-frame-options
SAMEORIGIN
date
Mon, 10 Jan 2022 15:36:02 GMT
vary
Origin, Accept-Encoding
x-tw-cdn
VZ, VZ
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=60
access-control-allow-credentials
true
x-connection-hash
7ba20eb1cca8ccd6c58b462553c1a400d654f579b9b7e25af932a2b254179bc9
x-content-type-options
nosniff
access-contol-allow-origin
platform.twitter.com
usermatch
ssum.casalemedia.com/ Frame 89B6 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd952d2dc72c9603b%26uid%3D
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e23f902d6e4516d77eb8bf9a88b89a790dc646af511cfd26f75768a77ef4c029

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
176|156|51|31|206|152|241|105
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1501
Expires
Mon, 10 Jan 2022 15:36:02 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:02 GMT
Connection
keep-alive
navegg_2022_01.html
i.e-planning.net/esb/4/1/3fb8/a54faea9d0608df9/ Frame 7F0E 		1 KB
981 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/a54faea9d0608df9/navegg_2022_01.html
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
83c0617525366a4c29fe5a998aaf4bbf72d3aa1dc2f48f032b5ab719ef171e33

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/

Response headers

date
Mon, 10 Jan 2022 15:36:02 GMT
content-type
text/html
content-length
618
x-cff
B
last-modified
Fri, 07 Jan 2022 17:55:34 GMT
etag
W/"61d87e96-5f2"
expires
Wed, 06 Jan 2027 18:06:40 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
x-cf-rand
6.770
x-cf3
H
cf4age
2
x-cf-tsc
1641578804
cf4ttl
157680000.000
content-encoding
gzip
x-cf2
H
accept-ranges
bytes
server
CFS 0215
x-cf1
29080:dA.waw1:co:1585621119:cacheN.waw1-01:D
/
onetag-sys.com/usync/ Frame 0A02 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 24DC 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ad74d61563c99368b518f7d5ac4d8165f6be7c2a6a5d3026bfd95cbb2add80c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/

Response headers

date
Mon, 10 Jan 2022 15:36:02 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://sync.e-planning.net
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6cb6fa866e3f59d1-MXP
content-encoding
br
709414.gif
id.rlcdn.com/ Frame A798 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame A798
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1k4VUtJMEYtUS1CR0pN
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1k4VUtJMEYtUS1CR0pN
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1k4VUtJMEYtUS1CR0pN
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
dbbc2dbf689859fb5870b364473d5441
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame A798
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPX8BZ7uhD5O-IzoSoJfdfI&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPX8BZ7uhD5O-IzoSoJfdfI&google_cver=1
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
HTTP/1.1
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6683ee3a8662a9679fcacb9fe223a3f8
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPX8BZ7uhD5O-IzoSoJfdfI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
ads.yahoo.com/cms/ Frame A798
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KY8UKI0F-Q-BGJM&sigv=1&esig=2~0c7f4f978cb9e112e2bdc495f08927e2ce07d84d
0
615 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KY8UKI0F-Q-BGJM&sigv=1&esig=2~0c7f4f978cb9e112e2bdc495f08927e2ce07d84d
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KY8UKI0F-Q-BGJM&sigv=1&esig=2~0c7f4f978cb9e112e2bdc495f08927e2ce07d84d
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
dbbc2dbf689859fb5870b364473d5441
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame A798
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ee3861dc-525e-4500-ba51-154383c5c538&expires=28
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ee3861dc-525e-4500-ba51-154383c5c538&expires=28
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
HTTP/1.1
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
5daa34953a867809056448757b76591b
Content-Type
image/gif

Redirect headers

Date
Mon, 10 Jan 2022 15:36:02 GMT
Server
MT3 4133 baa842e master zrh-pixel-x26 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ee3861dc-525e-4500-ba51-154383c5c538&expires=28
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 10 Jan 2022 15:36:01 GMT
tap.php
pixel.rubiconproject.com/ Frame A798
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/U_4dgcJEwdpjty5bYjigQg?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4155275327102725949
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4155275327102725949
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
HTTP/1.1
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6683ee3a8662a9679fcacb9fe223a3f8
Content-Type
image/gif

Redirect headers

date
Mon, 10 Jan 2022 15:36:03 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4155275327102725949
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame A798
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjgyZTc5OWNhNDkxYjgwYzhmNDVmODY3NmU5M2QwZjJjMDVkNWM0Yw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjgyZTc5OWNhNDkxYjgwYzhmNDVmODY3NmU5M2QwZjJjMDVkNWM0Yw
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjgyZTc5OWNhNDkxYjgwYzhmNDVmODY3NmU5M2QwZjJjMDVkNWM0Yw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
dbbc2dbf689859fb5870b364473d5441
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame A798
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YdxSXgAElBbmSAAm
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YdxSXgAElBbmSAAm
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
HTTP/1.1
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6683ee3a8662a9679fcacb9fe223a3f8
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:02 GMT
via
1.1 varnish
server
Varnish
x-timer
S1641828962.329670,VS0,VE0
x-served-by
cache-cdg20770-CDG
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YdxSXgAElBbmSAAm
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
v2roiIN_E_W4A0QFHN-eG2BAsJIHEI1DBuOt3wzZnQtUKjwz9z3i6U4eBJnbR2N6B8EraSr7BU1kEp5daww
glisteningguide.com/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glisteningguide.com/v2roiIN_E_W4A0QFHN-eG2BAsJIHEI1DBuOt3wzZnQtUKjwz9z3i6U4eBJnbR2N6B8EraSr7BU1kEp5daww
Requested by
Host: glisteningguide.com
URL: https://glisteningguide.com/v2svfVFmfR692y-_LnnShhl08-248o3qFh5AJHol-9kA088r9prIfWE8vFc-u44i_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.74.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.74.190.35.bc.googleusercontent.com
Software
/
Resource Hash
d59d44534b47f73fe8b5b5c463f3ef53b22b3bd47816b8083e560cb1c8dab990
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
x-datacenter
gce-europe-west1
date
Mon, 10 Jan 2022 15:36:03 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
x-hostname
26187baf
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
1368
current
dclk-match.dotomi.com/match/bounce/ Frame 9419 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEAkdHC0i0dskujThrNJ0Ou4&google_cver=1&google_push=AYg5qPJlymMlJe0kTnWedvUmLZv-dQ4DOCRz5Y2Nz1qdlFsfeorIA_DwvnsimA5DiipV2cGZYa5ogfgdPDzvEDneTymPbpuW1sZ1
Requested by
Host: d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com
URL: https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:02 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
dds
rtb.openx.net/sync/ Frame 9419 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEN6hPKBInx-fdOHBWRkmVf4&google_cver=1&google_push=AYg5qPIXFVBdUiqoL7752dwCzB7PyBaObqLmHKC2Y4-IjUWrfktX_iVwgf-1FtSSSDhHeB4MTNNK14wI90gg3QlqlmC9MXrpmoA
Requested by
Host: d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com
URL: https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:01 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
h7ecikhckno540p77bb6jl1700s7m6je
pixel
cm.g.doubleclick.net/ Frame 9419
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5oT16TsLS4uxS4VWt3JGnQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5oT16TsLS4uxS4VWt3JGnQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKbndW2Sd9HcnLreo9lkZZwMdG68QAnAUL21D0yuKCkdCnIUkPbL-ooyPS3ch8kE-ooKhPfI2EFh61QC87FrK6W7PYmfMgT
Requested by
Host: d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com
URL: https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5oT16TsLS4uxS4VWt3JGnQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKbndW2Sd9HcnLreo9lkZZwMdG68QAnAUL21D0yuKCkdCnIUkPbL-ooyPS3ch8kE-ooKhPfI2EFh61QC87FrK6W7PYmfMgT
date
Mon, 10 Jan 2022 15:36:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 9419
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEpWsGQAWbkYY64liMMEfoM&google_cver=1&google_push=AYg5qPJIR62812JGrR5iH3J4c843amv1RQL3h-T8jOFU-l95bdq3OEH-tUvIAo1VuY8NakgawKH...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1k4VUtJMEYtUS1CR0pN&google_push=AYg5qPJIR62812JGrR5iH3J4c843amv1RQL3h-T8jOFU-l95bdq3OEH-tUvIAo1VuY8NakgawKH_yOl9eN7c4SzwGzxfOVksukn9
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1k4VUtJMEYtUS1CR0pN&google_push=AYg5qPJIR62812JGrR5iH3J4c843amv1RQL3h-T8jOFU-l95bdq3OEH-tUvIAo1VuY8NakgawKH_yOl9eN7c4SzwGzxfOVksukn9
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1k4VUtJMEYtUS1CR0pN&google_push=AYg5qPJIR62812JGrR5iH3J4c843amv1RQL3h-T8jOFU-l95bdq3OEH-tUvIAo1VuY8NakgawKH_yOl9eN7c4SzwGzxfOVksukn9
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6683ee3a8662a9679fcacb9fe223a3f8
Expires
0
us
sync.go.sonobi.com/ Frame 9419 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPJc1p8TAnDwaJTsxLJTjayyvuTGGt-ezPahVbTfZuvdbrHEmL_an-jnBHArtLd-WylM8ZbH99pYyibCFHnIuWkifoY9n1cp%26google_hm%3D%5BUID%5D&google_gid=CAESELSpZ1JHQOjcEIa7cWMDHmg&google_cver=1
Requested by
Host: d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com
URL: https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:02 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9419
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKxoWliVegjUP3JIDLmqSVQ&google_cver=1&google_push=AYg5qPIfG7LwdbTdfJ4NQAk3kLoSY24uN9u6USLjTmSt9btfcyrbMN3fDYuhJz_y7-DsUfk2U_Jc-cj4o-PjkO2Kp...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIfG7LwdbTdfJ4NQAk3kLoSY24uN9u6USLjTmSt9btfcyrbMN3fDYuhJz_y7-DsUfk2U_Jc-cj4o-PjkO2Kpl5PZwFSCpeT&google_hm=30b961211246323ef130f0ec
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIfG7LwdbTdfJ4NQAk3kLoSY24uN9u6USLjTmSt9btfcyrbMN3fDYuhJz_y7-DsUfk2U_Jc-cj4o-PjkO2Kpl5PZwFSCpeT&google_hm=30b961211246323ef130f0ec
Requested by
Host: d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com
URL: https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 10 Jan 2022 15:36:02 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIfG7LwdbTdfJ4NQAk3kLoSY24uN9u6USLjTmSt9btfcyrbMN3fDYuhJz_y7-DsUfk2U_Jc-cj4o-PjkO2Kpl5PZwFSCpeT&google_hm=30b961211246323ef130f0ec
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
sync
ssbsync.smartadserver.com/api/ Frame 9419 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEO1dcAXon5-APjfrPBTQARQ&google_cver=1&google_push=AYg5qPI6SGsKUgk5zFiMzNn8xVobpW4GTi5hoKkF-9LeCtwe8cFF8zOIHHVo-LfUJc34HvdfAc0dwxViVY4gdDj8kkC-fYgToFuH
Requested by
Host: d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com
URL: https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.107 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:01 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 9419 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JfNjbkfwZV_WcgzyhfFXZrokEpvNkPHTiuGM3uTlLd_p3TLJiEMYajyW5SND3_A8uPZTjq
Requested by
Host: d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com
URL: https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
PugMaster
image6.pubmatic.com/AdServer/ Frame 3B26 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=83236081&p=109126&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
53123902e82d3866b54be6c77545d856b9a2ba7ca1a07f31d6b4181dd2ccfd1e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1605
content-type
text/html; charset=UTF-8
contents
cms.instiengage.com/v3/ Frame D788 		18 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cms.instiengage.com/v3/contents?embed_uuid=d47cea7d-c40d-45b2-a173-70bcd6633df5&cookie_id=null&content_order=RANDOM&for_embed=true&content_count=20
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/d47cea7d-c40d-45b2-a173-70bcd6633df5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.173.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-173-84.compute-1.amazonaws.com
Software
/
Resource Hash
aea40ee29d20a605d1700651de80f47ac7741dfc4b2074817f7a2c222b766e90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Mon, 10 Jan 2022 15:36:02 GMT
access-control-allow-credentials
true
content-length
17985
vary
Origin
content-type
application/json
async_usersync
ib.adnxs.com/ Frame 95B2 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:02 GMT
X-Proxy-Origin
193.27.14.43; 193.27.14.43; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
8b678219-f85c-4aa2-8120-a084917d6e68
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=crooksandliars.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:36:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=crooksandliars.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:36:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
truncated
/ Frame 97A0 		836 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ea21fcaf145d663c5436dab743625556a2621d339a8e953eb5ea8c8ff7fc914

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
d9405173-540c-4983-9c96-a52f80a8cc29
static.instiengage.com/comments-service/images/e1785d30-13cc-11eb-a703-853f80042206/ Frame 97A0 		109 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/comments-service/images/e1785d30-13cc-11eb-a703-853f80042206/d9405173-540c-4983-9c96-a52f80a8cc29
Requested by
Host: soapps.net
URL: https://soapps.net/live/comments/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&extPageId=173440&contentId=68acbe83-2c92-47e9-b8ad-be33fc593fd4&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=886de358-7f35-4af0-b0c5-495d4ba57907
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf6961f0eaa23456720fd5ac71dd70aeb468a5fafa4b4a7372027c924dbf5f8d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified
Sun, 09 Jan 2022 18:49:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
etag
"6f47931fee0338b076d602a1ad650399"
x-cache
Miss from cloudfront
x-amz-version-id
OCFedK0nLBuIAzetVvX8mKijBq14BKBv
accept-ranges
bytes
content-type
image/jpeg
content-length
111934
x-amz-cf-id
X8hH516wXmgicT0qip83J9gA9HeIt22VY8fOipkruuiDcyR09VTL1w==
vendors~app.js
soapps.net/live/comments/static/ Frame 97A0 		2 MB
388 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://soapps.net/live/comments/static/vendors~app.js?v=0.0.72
Requested by
Host: soapps.net
URL: https://soapps.net/live/comments/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&extPageId=173440&contentId=68acbe83-2c92-47e9-b8ad-be33fc593fd4&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=886de358-7f35-4af0-b0c5-495d4ba57907
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.119.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-119-75.compute-1.amazonaws.com
Software
nginx/1.17.10 /
Resource Hash
4db03aa022984d6d1aaf8d974052e001563b598b2d5431c88f463b3ac0cc5b9e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/live/comments/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&extPageId=173440&contentId=68acbe83-2c92-47e9-b8ad-be33fc593fd4&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=886de358-7f35-4af0-b0c5-495d4ba57907
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:02 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, Origin
Last-Modified
Fri, 17 Dec 2021 18:48:06 GMT
Server
nginx/1.17.10
ETag
W/"190d67-17dc9b90670"
RequestId
db9ce10c-1f9e-4c7c-bfb9-f4d0a9cf4425
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=300
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
app.js
soapps.net/live/comments/static/ Frame 97A0 		294 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://soapps.net/live/comments/static/app.js?v=0.0.72
Requested by
Host: soapps.net
URL: https://soapps.net/live/comments/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&extPageId=173440&contentId=68acbe83-2c92-47e9-b8ad-be33fc593fd4&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=886de358-7f35-4af0-b0c5-495d4ba57907
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.119.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-119-75.compute-1.amazonaws.com
Software
nginx/1.17.10 /
Resource Hash
96d6cf72c977b8465ce4a8dfc1db34cbac31e01f3f94cf2bde327c08e98a3648
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/live/comments/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&extPageId=173440&contentId=68acbe83-2c92-47e9-b8ad-be33fc593fd4&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=886de358-7f35-4af0-b0c5-495d4ba57907
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:02 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, Origin
Last-Modified
Fri, 17 Dec 2021 18:48:06 GMT
Server
nginx/1.17.10
ETag
W/"49805-17dc9b90670"
RequestId
7290e369-989e-49e1-94af-f2617ab2755a
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=300
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
sync
eb2.3lift.com/ Frame 7C38
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
4fb768542d08fc59e0564e5caf6ba0ea254588001bc4b78e52147ddac7e60972

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

date
Mon, 10 Jan 2022 15:36:02 GMT
content-type
text/html; charset=utf-8
content-length
456
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Mon, 10 Jan 2022 15:36:02 GMT
content-length
0
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usersync.html
cdn.undertone.com/js/ Frame BD2E 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:7400:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4dc1d1b418bfb18f455005f0eb43c89dae82cf1280af88b91d8933f26b9d6361

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

content-type
text/html
date
Sun, 09 Jan 2022 15:49:22 GMT
x-amz-replication-status
COMPLETED
last-modified
Wed, 05 Jan 2022 10:17:25 GMT
etag
W/"f520ddb6218bcc07733678cd5d317567"
x-amz-version-id
ylgGIYdArb1ivZtEz34sGgXRJt60mmyU
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
S0wEHUf4cU58TxBJSLTyLcp4BBFppqYqKCA7chxJh-fio2Iu67LVlQ==
age
85601
pd
u.openx.net/w/1.0/ Frame 746A 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.0.0
date
Mon, 10 Jan 2022 15:36:02 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
v2
de.tynt.com/deb/ Frame 93B4 		75 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=cz9gnCic0r6OzzaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

cache-control
max-age=86400
expires
Tue, 11 Jan 2022 15:36:02 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Mon, 10 Jan 2022 15:36:02 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
v2
de.tynt.com/deb/ Frame 9B36 		75 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=ch-UKEic0r6OzzaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

cache-control
max-age=86400
expires
Tue, 11 Jan 2022 15:36:02 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Mon, 10 Jan 2022 15:36:01 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.TweetVideo.46e12661dbb2b14c5a43.js
platform.twitter.com/embed/ Frame D222 		146 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.TweetVideo.46e12661dbb2b14c5a43.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.f00b23f12ac431a9b357.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE6) /
Resource Hash
817f24491ee782887a93ac57e51e2d055224b2b47259664675cf59c80491510b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479540381872271362&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:02 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Dec 2021 20:09:13 GMT
Server
ECS (mil/6CE6)
Age
2746068
Etag
"f2efeb4bea7eecfee95d070deaa0713a+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
37723
embed.vendors~ondemand.TweetVideo.838feb59e0bd1aca17b5.js
platform.twitter.com/embed/ Frame D222 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.TweetVideo.838feb59e0bd1aca17b5.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.f00b23f12ac431a9b357.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF6) /
Resource Hash
efb4ee9d952dfc92350440acada2536d7246f1ad576e20ac4f0fdffb3cce081c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479540381872271362&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:02 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Dec 2021 20:09:13 GMT
Server
ECS (mil/6CF6)
Age
2747380
Etag
"78f39558c6fce552c50dbc429f81ede9+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
13183
embed.ondemand.TweetVideo.82fcf89aa55788551587.js
platform.twitter.com/embed/ Frame D222 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.TweetVideo.82fcf89aa55788551587.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.f00b23f12ac431a9b357.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE9) /
Resource Hash
d8690f36fe580430c8a28b6006fde816dee9aa330ac93ce8e23af15537763f10

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479540381872271362&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Nov 2021 23:20:58 GMT
Server
ECS (mil/6CE9)
Age
2747354
Etag
"5d9a5aa9ed687d26818f862e5a213758+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
1815
jot
syndication.twitter.com/i/ Frame D222 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1641828962458%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%229fd78d5%3A1638479056965%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22CrooksandLiars%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22NewsHoundEllen%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%227682a19%3A1641492969721%22%2C%22item_ids%22%3A%5B%221479540381872271362%22%5D%2C%22item_details%22%3A%7B%221479540381872271362%22%3A%7B%22item_type%22%3A0%7D%7D%7D
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
111
pragma
no-cache
last-modified
Mon, 10 Jan 2022 15:36:02 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
822b764e599040dfe6fb65eec88c99a443962becfad9e71aed8f10e94e303c93
x-transaction
0bc1a1b4b777cd57
expires
Tue, 31 Mar 1981 05:00:00 GMT
logo-insticator-light-opt.png
static.instiengage.com/files/images/embed4.0/app/ Frame D788 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/files/images/embed4.0/app/logo-insticator-light-opt.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b943ac9eb37bac5937d3fdec8a4295e7e330f8c1ff4b481fb2810d3ae4bca8dd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
w7gtQSz9AStQdiIs3IcLPUYoKdf9yCiw
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 18:59:06 GMT
server
AmazonS3
age
395
etag
"b5cc01468ea9b242e6354798d28874df"
x-cache
Hit from cloudfront
content-type
image/png
date
Mon, 10 Jan 2022 15:34:05 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
2129
x-amz-cf-id
u8veivx1M2h6BgYnMRjozK2rhzRVljWNonG-CBX-Be9m072hZuNOkg==
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v13/ Frame D788 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v13/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://crooksandliars.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 13:26:13 GMT
x-content-type-options
nosniff
age
266989
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48480
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:05:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 07 Jan 2023 13:26:13 GMT
d0860d10-408b-11eb-8b52-ddfe341506c4.png
static.instiengage.com/auth-service/profile/39628ee0-3ee7-11eb-8b52-ddfe341506c4/ Frame 97A0 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/auth-service/profile/39628ee0-3ee7-11eb-8b52-ddfe341506c4/d0860d10-408b-11eb-8b52-ddfe341506c4.png
Requested by
Host: soapps.net
URL: https://soapps.net/live/comments/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&extPageId=173440&contentId=68acbe83-2c92-47e9-b8ad-be33fc593fd4&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=886de358-7f35-4af0-b0c5-495d4ba57907
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
26c646d0039ed7c861015503f11779e53e41edc1e9c620729f3cfa5784abef95

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
jA1gtD7gQXl4w8IuKKP2Wy2Xl2KLeKcM
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified
Wed, 17 Nov 2021 10:24:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
etag
"fd6b6631dbb450b3db6a28ab7626b093"
x-cache
RefreshHit from cloudfront
content-type
binary/octet-stream
date
Mon, 10 Jan 2022 15:36:03 GMT
accept-ranges
bytes
content-length
22596
x-amz-cf-id
53sBym3UzVxGBDI0nh3p5OjVN_kVCnrddvOLmTbCs5sb_QhukF2VhQ==
13%20-%20news.svg
static.instiengage.com/avatars/ Frame 97A0 		968 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/avatars/13%20-%20news.svg
Requested by
Host: soapps.net
URL: https://soapps.net/live/comments/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&extPageId=173440&contentId=68acbe83-2c92-47e9-b8ad-be33fc593fd4&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=886de358-7f35-4af0-b0c5-495d4ba57907
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4182666b867c3a3a51a46d83c47655c8b6371ac57666a87d998e06bf4387771b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
5Mm33eg6KcLDGah576gVAwu8A6WBZLdb
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified
Mon, 22 Nov 2021 12:30:48 GMT
server
AmazonS3
age
453
etag
"62fd24cfe6cd321a1b07baf3119d06e5"
x-cache
Hit from cloudfront
content-type
image/svg+xml
date
Mon, 10 Jan 2022 15:31:07 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
968
x-amz-cf-id
qd0WE-zcllWE1lgk9b_kdDwqI3bVuMbY3UJZRCkBN645h0tREixBEw==
9fda7d10-22c5-11eb-800c-f7311e111e83.png
static.instiengage.com/auth-service/profile/e1785d30-13cc-11eb-a703-853f80042206/ Frame 97A0 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/auth-service/profile/e1785d30-13cc-11eb-a703-853f80042206/9fda7d10-22c5-11eb-800c-f7311e111e83.png
Requested by
Host: soapps.net
URL: https://soapps.net/live/comments/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&extPageId=173440&contentId=68acbe83-2c92-47e9-b8ad-be33fc593fd4&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=886de358-7f35-4af0-b0c5-495d4ba57907
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
724cbce1a1c2578fb46d5f9a1400d76654cc184064a793508134372bcdbb7ec3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
o.phzpcRlA0vI7klQD7qWSiKW9YEP.da
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified
Wed, 17 Nov 2021 10:26:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
etag
"7ec31a7789d387792d49b5629d6c42ad"
x-cache
RefreshHit from cloudfront
content-type
binary/octet-stream
date
Mon, 10 Jan 2022 15:36:03 GMT
accept-ranges
bytes
content-length
22580
x-amz-cf-id
NqSThT8NMV-k_TmZrZZjIXRCo379egNJiRZsf4aDbRW9vue7uUc5zw==
14%20-%20news.svg
static.instiengage.com/avatars/ Frame 97A0 		716 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/avatars/14%20-%20news.svg
Requested by
Host: soapps.net
URL: https://soapps.net/live/comments/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&extPageId=173440&contentId=68acbe83-2c92-47e9-b8ad-be33fc593fd4&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=886de358-7f35-4af0-b0c5-495d4ba57907
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8745f08ab7e1f2986c6a6c6fe710f5f3289f05d8ea6f5a935630de85fae14db4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
hHllXUgHQFEEC04xX.MbumV.T7pJf7Qp
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified
Mon, 22 Nov 2021 12:30:38 GMT
server
AmazonS3
age
175
etag
"5edc02e2c06cfa93cfe37934c5e0b467"
x-cache
Hit from cloudfront
content-type
image/svg+xml
date
Mon, 10 Jan 2022 15:33:28 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
716
x-amz-cf-id
zf-3VSWwPOy0ar9lykYvi7LHkuLRs5ONfG78Ef3mxgsKJ1_r6dZDRA==
40931940-2ec1-11eb-bb89-f14dfe87f81b.png
static.instiengage.com/auth-service/profile/d6e82020-1517-11eb-9551-891c0e7c2f1a/ Frame 97A0 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/auth-service/profile/d6e82020-1517-11eb-9551-891c0e7c2f1a/40931940-2ec1-11eb-bb89-f14dfe87f81b.png
Requested by
Host: soapps.net
URL: https://soapps.net/live/comments/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&extPageId=173440&contentId=68acbe83-2c92-47e9-b8ad-be33fc593fd4&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=886de358-7f35-4af0-b0c5-495d4ba57907
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
52b651ec0b12dbeee0b4a867db39d362320383c372b7f02fc58eff1f54bca16f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
cLcsAzpV4iaK49tL_uXyy1Pcqu0I6fnx
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified
Wed, 17 Nov 2021 10:34:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
etag
"e73490dabaf185a85e7b6829e45acc68"
x-cache
RefreshHit from cloudfront
content-type
binary/octet-stream
date
Mon, 10 Jan 2022 15:36:03 GMT
accept-ranges
bytes
content-length
13093
x-amz-cf-id
3oZM1dHoz0_HvqglDkOhbRLxXl7Le_aLsRXQrsEFtkjNtfqy5Lgdwg==
80712800-287b-11eb-becf-c90379cce595.png
static.instiengage.com/auth-service/profile/5c1dfd30-248d-11eb-ad56-47fe95f71f4a/ Frame 97A0 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/auth-service/profile/5c1dfd30-248d-11eb-ad56-47fe95f71f4a/80712800-287b-11eb-becf-c90379cce595.png
Requested by
Host: soapps.net
URL: https://soapps.net/live/comments/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&extPageId=173440&contentId=68acbe83-2c92-47e9-b8ad-be33fc593fd4&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=886de358-7f35-4af0-b0c5-495d4ba57907
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f1f421d21e296096c7938237a3164834899e3ea35867e6d2274fd249a9b3c5a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
Q.2JHgY2PuQC9U4N8ZVrGgacQ_c3BdQA
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified
Wed, 17 Nov 2021 10:58:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
etag
"4f0d38fecffd295bba75675fe3276413"
x-cache
RefreshHit from cloudfront
content-type
binary/octet-stream
date
Mon, 10 Jan 2022 15:36:03 GMT
accept-ranges
bytes
content-length
4038
x-amz-cf-id
O7GxnWWdiV5w4NZfteRi6_dQlb54cDnMXyi6YyUs9Q7y4w4H0c4GNQ==
11%20-%20news.svg
static.instiengage.com/avatars/ Frame 97A0 		1 KB
823 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/avatars/11%20-%20news.svg
Requested by
Host: soapps.net
URL: https://soapps.net/live/comments/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&extPageId=173440&contentId=68acbe83-2c92-47e9-b8ad-be33fc593fd4&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=886de358-7f35-4af0-b0c5-495d4ba57907
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5de1d1b3bb2946f6e2a697ff3c94d88f9bc4622c34cb7945ff348314fe703c0f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
xnmJ2rz5VDhAlqRIgCZw9EpUcPZryat2
content-encoding
br
last-modified
Mon, 22 Nov 2021 12:31:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
etag
W/"74ad127eb7b9e59b496e1afc6c7eba25"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/svg+xml
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
date
Mon, 10 Jan 2022 15:36:03 GMT
x-amz-cf-id
eHExYRfTD5loNEmQ0qvAokIfw5y9dUyBaSLtyeKtkgKh25COtQP6Ww==
36f43e90-22ba-11eb-8af6-b9da70d3a4e9.png
static.instiengage.com/auth-service/profile/5ac2c4a0-22b9-11eb-8af6-b9da70d3a4e9/ Frame 97A0 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/auth-service/profile/5ac2c4a0-22b9-11eb-8af6-b9da70d3a4e9/36f43e90-22ba-11eb-8af6-b9da70d3a4e9.png
Requested by
Host: soapps.net
URL: https://soapps.net/live/comments/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&extPageId=173440&contentId=68acbe83-2c92-47e9-b8ad-be33fc593fd4&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=886de358-7f35-4af0-b0c5-495d4ba57907
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e97f0915bc0167c1d4ed42614c00dbe4dcbf184d25758d4bb884e7cbca4bf5df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
rkKCifEn_VU26jVlH98P17hjmqjFnSj8
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified
Wed, 17 Nov 2021 10:26:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
etag
"8e0c113e2d7474718fbd838f6066b666"
x-cache
RefreshHit from cloudfront
content-type
binary/octet-stream
date
Mon, 10 Jan 2022 15:36:03 GMT
accept-ranges
bytes
content-length
21209
x-amz-cf-id
vr8NcS_4q5sUgTQgQEJxbk7zBNzK_kPaL2zFqpXsWZ0lViG2Ke_1pg==
651a9c90-b0c9-11eb-b749-992eaf386c18.png
static.instiengage.com/auth-service/profile/baaf57c0-2d27-11eb-b515-c1ea6e055577/ Frame 97A0 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/auth-service/profile/baaf57c0-2d27-11eb-b515-c1ea6e055577/651a9c90-b0c9-11eb-b749-992eaf386c18.png
Requested by
Host: soapps.net
URL: https://soapps.net/live/comments/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&extPageId=173440&contentId=68acbe83-2c92-47e9-b8ad-be33fc593fd4&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=886de358-7f35-4af0-b0c5-495d4ba57907
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5368514f7f9a9efc7b4cf729244550cd5f2a97486cbc716efbdca256ba170f77

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
Jtrif9_oDOjnP3XWB.hCCycxFJeEBtdM
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified
Wed, 17 Nov 2021 10:26:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
etag
"3962b289209c9b1cbadf75778f50fd5d"
x-cache
RefreshHit from cloudfront
content-type
binary/octet-stream
date
Mon, 10 Jan 2022 15:36:03 GMT
accept-ranges
bytes
content-length
21406
x-amz-cf-id
SmDdHExW6jHQLg5e-7uqmhrKrkqVMBUvn5UxY1g-K0YoDM7sk8-ZLA==
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v13/ Frame 97A0 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v13/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;600;700&display=block
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://soapps.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 13:26:13 GMT
x-content-type-options
nosniff
age
266989
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48480
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:05:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 07 Jan 2023 13:26:13 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v67/ Frame 97A0 		92 KB
92 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v67/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
Requested by
Host: soapps.net
URL: https://soapps.net/live/comments/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&extPageId=173440&contentId=68acbe83-2c92-47e9-b8ad-be33fc593fd4&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=886de358-7f35-4af0-b0c5-495d4ba57907
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6963af239ecfb1f9722ba86fe3456a19c1d64a995295b3f3b220f5c8c22ef13a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://soapps.net/
Origin
https://soapps.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 18:14:44 GMT
x-content-type-options
nosniff
age
595278
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94648
x-xss-protection
0
last-modified
Tue, 03 Nov 2020 05:39:50 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 03 Jan 2023 18:14:44 GMT
truncated
/ Frame 97A0 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4b3cc9023f3c8daabacc14c13478f50076e849e3657e31edb32b0fa70210f1f

Request headers

Referer
Origin
https://soapps.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
font/woff;charset=utf-8
rum
dsum-sec.casalemedia.com/ Frame 6F77
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1644420962
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1644420962
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://crooksandliars.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 10 Jan 2022 15:36:02 GMT

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:01 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1644420962
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
bridge
cm.adgrx.com/ Frame 6F77 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://crooksandliars.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.165 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:02 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-9
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum-sec.casalemedia.com/ Frame 6F77
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=HDIcC3QZ1N6WIi5&gdpr=1
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=HDIcC3QZ1N6WIi5&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://crooksandliars.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:03 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 10 Jan 2022 15:36:03 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:02 GMT
Server
PingMatch/v2.0.30-693-g87a8e09#rel-ec2-master i-007d40ea11cf721ba@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=HDIcC3QZ1N6WIi5&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6F77
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://crooksandliars.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 10 Jan 2022 15:36:02 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Mon, 10 Jan 2022 15:36:02 GMT
server
nginx/1.20.0
content-length
76
sync
ups.analytics.yahoo.com/ups/55940/ Frame 6F77 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YdxSXBt8uWyTtIAi9xXNZAAABHYAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://crooksandliars.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:02 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 6F77
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-63fc2f0c-9e4d-481a-97d0-e04bf5c7691a
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-63fc2f0c-9e4d-481a-97d0-e04bf5c7691a
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://crooksandliars.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:03 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 10 Jan 2022 15:36:03 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-63fc2f0c-9e4d-481a-97d0-e04bf5c7691a
date
Mon, 10 Jan 2022 15:36:03 GMT
server
Apache-Coyote/1.1
content-length
0
CookieIndex
rtb.adentifi.com/ Frame 6F77 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://crooksandliars.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.72.220.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-220-63.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
crum
dsum-sec.casalemedia.com/ Frame 6F77
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2019934808504257040
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2019934808504257040
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://crooksandliars.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 10 Jan 2022 15:36:02 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2019934808504257040
Date
Mon, 10 Jan 2022 15:36:02 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 6F77 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YdxSXBt8uWyTtIAi9xXNZAAA%261142
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://crooksandliars.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:02 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1489
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 10 Jan 2022 16:00:51 GMT
cc.js
tags.crwdcntrl.net/c/15238/ Frame 956D 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 04:58:13 GMT
content-encoding
gzip
etag
W/"2b2f816f40499d384e118ce88a266e02"
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
38270
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
x6SUAVkz4aGPBFxv79S1iVMpYPqV2tJ9LFgeN5zPsLj5daon2zVaYw==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 0BF6 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/

Response headers

server
openresty
date
Mon, 10 Jan 2022 15:36:01 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Sat, 09 Jan 2027 15:36:01 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
0cf87ec8-f669-4bc0-9e9d-61689914b320
ex.ingage.tech/v1/sync/eplanning/ Frame 7DCE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/sync/eplanning/0cf87ec8-f669-4bc0-9e9d-61689914b320?uid=ACzM3Tf-N0gXLkvK
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
vary
Origin
access-control-allow-credentials
true
cache-control
private, max-age=1296000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6cb6fa87eeb9374a-MXP
usync.js
eus.rubiconproject.com/ Frame 1492 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d6c1a2f9215ebefb6d1860b25295492273b42b2c9dde336ea04bf0687d020ad6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=44738
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9702
Expires
Tue, 11 Jan 2022 04:01:40 GMT
jot
syndication.twitter.com/i/ Frame AFD7 		43 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1641828962555%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%229fd78d5%3A1638479056965%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-1%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22CrooksandLiars%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22NewsHoundEllen%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%227682a19%3A1641492969721%22%2C%22item_ids%22%3A%5B%221479530205513351170%22%5D%2C%22item_details%22%3A%7B%221479530205513351170%22%3A%7B%22item_type%22%3A0%7D%7D%7D
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
108
pragma
no-cache
last-modified
Mon, 10 Jan 2022 15:36:02 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
822b764e599040dfe6fb65eec88c99a443962becfad9e71aed8f10e94e303c93
x-transaction
e6f2293f3d96515d
expires
Tue, 31 Mar 1981 05:00:00 GMT
integrator.js
adservice.google.com/adsid/ Frame 3C9B 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:36:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=REVCONTENT_DISPLAY1&hp=1&wf=1&ra=1&pxm=&sgs=3&vb=13&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1641828958633&de=744470761490&m=0&ar=cc97a930ec1-clean&iw=bdef476&q=20&cb=0&ym=0&cu=1641828958633&ll=2&lm=0&ln=0&em=0&en=0&d=144849%3A167087%3A6501932%3Aundefined&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=revcontentdisplay556968265165&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1370%3A1370%3A0%3A1579&fs=195926&na=1561683517&cs=0
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:02 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 10 Jan 2022 15:36:02 GMT
crum
dsum-sec.casalemedia.com/ Frame 4ADF 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=2dfae52f-ce33-4f9b-a184-ace0ba3199f5&expiration=1649604961
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 10 Jan 2022 15:36:02 GMT
event
event.instiengage.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_question-loaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.173.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-173-84.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://crooksandliars.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 10 Jan 2022 15:36:02 GMT
content-length
0
vary
Origin
access-control-max-age
3600
access-control-allow-origin
https://crooksandliars.com
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-credentials
true
event
event.instiengage.com/v1/ Frame D788 		0
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_question-loaded
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/d47cea7d-c40d-45b2-a173-70bcd6633df5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.173.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-173-84.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Mon, 10 Jan 2022 15:36:02 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
3f5ed2b9-1550-435b-9c83-a179594cab72
static.instiengage.com/client_logos/ecf2723f-6eaf-4718-a72f-4d6205343dab/ Frame D788 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/client_logos/ecf2723f-6eaf-4718-a72f-4d6205343dab/3f5ed2b9-1550-435b-9c83-a179594cab72
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e10667a93b0cb2e23efa1f03b79c612419f7515fce81b9a968dfbae5d454481a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
TBWHK6EZfBs9iMkqBYge9dCI.G5cipy8
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 15:11:08 GMT
server
AmazonS3
age
372
etag
"8e11d93f80b2b8b4d0f72d722ea4bec8"
x-cache
Hit from cloudfront
content-type
application/octet-stream
cache-control
max-age=3600,public
date
Mon, 10 Jan 2022 15:29:50 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
54747
x-amz-cf-id
A3mFQNy1IhGeNmaMVmEoxyJl1y_TU8hpr_gHZ6vo8jzdQ1O11p6-eg==
z0Lno9aMNpQ
static.instiengage.com/content_images/unsplash/ Frame D788 		555 KB
556 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/content_images/unsplash/z0Lno9aMNpQ
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
354dda008302b8ece37f73ccb0562cf6ec7ca2537a39c964e6b480bfd35dbb09

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
U_oNHpljuRn9J7ye2w3gZztxxwORQjtO
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 15:00:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
etag
"1a6119a1ae9511219fcf06326137ddbc"
x-cache
Hit from cloudfront
content-type
application/octet-stream
cache-control
max-age=31536000,public
date
Mon, 10 Jan 2022 15:36:02 GMT
accept-ranges
bytes
content-length
568489
x-amz-cf-id
YZDnumRfud0n-XNErPHuDnuYmag1YPUJU0sZPMVt08yX7mcuUVK4pA==
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v13/ Frame D788 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v13/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://crooksandliars.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 13:26:13 GMT
x-content-type-options
nosniff
age
266989
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48480
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:05:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 07 Jan 2023 13:26:13 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.5.0/webfonts/ Frame D788 		72 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2

Request headers

Referer
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Origin
https://crooksandliars.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:02 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4691113
cf-ray
6cb6fa88f8fa5a1f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
73852
x-amz-id-2
u2riI/8Fqi5waR7l+tYZO6Sl8cKuJz0eLacKGFvLNsaDD2+VU6nFzuTNW+mTjcS9jcll4ED6xlk=
last-modified
Wed, 30 Jun 2021 15:43:51 GMT
server
cloudflare
etag
"fb493903265cad425ccdf8e04fc2de61"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RhQduc%2BoaM1yGRFeZ1cFeR%2BkTLGbaflsLqPfvDndq9RM8lecA54bfeQDABp7mPb0sIWiJIVmeysoDwf5RxNYYVpSUcuw%2Fi3M44zd2lAXKK5Po8muwiLQ%2FG8YP2jF1XYTMRa%2BuFGPLy1yz%2BvX0nb1CNgj"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
BBB2FQ57ADB6J72M
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
st
capi.connatix.com/tr/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/st?v=144775
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.50.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-50-229.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 10 Jan 2022 15:36:02 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
async_usersync
secure.adnxs.com/ Frame AC65 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:02 GMT
X-Proxy-Origin
193.27.14.43; 193.27.14.43; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
fc31ea6c-8d8b-4177-a113-5f435f508ee5
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.TweetVideo.46e12661dbb2b14c5a43.js
platform.twitter.com/embed/ Frame A41E 		146 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.TweetVideo.46e12661dbb2b14c5a43.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.f00b23f12ac431a9b357.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE6) /
Resource Hash
817f24491ee782887a93ac57e51e2d055224b2b47259664675cf59c80491510b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-2&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479436233357119489&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:02 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Dec 2021 20:09:13 GMT
Server
ECS (mil/6CE6)
Age
2746068
Etag
"f2efeb4bea7eecfee95d070deaa0713a+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
37723
embed.vendors~ondemand.TweetVideo.838feb59e0bd1aca17b5.js
platform.twitter.com/embed/ Frame A41E 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.TweetVideo.838feb59e0bd1aca17b5.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.f00b23f12ac431a9b357.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF6) /
Resource Hash
efb4ee9d952dfc92350440acada2536d7246f1ad576e20ac4f0fdffb3cce081c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-2&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479436233357119489&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:02 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Dec 2021 20:09:13 GMT
Server
ECS (mil/6CF6)
Age
2747380
Etag
"78f39558c6fce552c50dbc429f81ede9+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
13183
embed.ondemand.TweetVideo.82fcf89aa55788551587.js
platform.twitter.com/embed/ Frame A41E 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.TweetVideo.82fcf89aa55788551587.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.f00b23f12ac431a9b357.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE9) /
Resource Hash
d8690f36fe580430c8a28b6006fde816dee9aa330ac93ce8e23af15537763f10

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-2&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479436233357119489&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Nov 2021 23:20:58 GMT
Server
ECS (mil/6CE9)
Age
2747354
Etag
"5d9a5aa9ed687d26818f862e5a213758+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
1815
jot
syndication.twitter.com/i/ Frame A41E 		43 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1641828962743%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%229fd78d5%3A1638479056965%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-2%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22CrooksandLiars%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22NewsHoundEllen%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%227682a19%3A1641492969721%22%2C%22item_ids%22%3A%5B%221479436233357119489%22%5D%2C%22item_details%22%3A%7B%221479436233357119489%22%3A%7B%22item_type%22%3A0%7D%7D%7D
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
110
pragma
no-cache
last-modified
Mon, 10 Jan 2022 15:36:02 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
822b764e599040dfe6fb65eec88c99a443962becfad9e71aed8f10e94e303c93
x-transaction
ee955debd4d53418
expires
Tue, 31 Mar 1981 05:00:00 GMT
/
c.mgid.com/pv/ 		0
302 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=1641828962759787936341&uniqId=06b83&niet=4g&nisd=false&jsv=es6&ref=&cxurl=http%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&lu=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=61dc5263-02353&pageView=1&pvid=17e44a1d1c79f58bdd9&site=696576&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/new1.crooksandliars.com.1105644.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6cb6fa89685e39f9-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
truncated
/ Frame 97A0 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
229624ad9cd76da7a456326bfb601344e506ef08416fca467bbf5f2ac3f06948

Request headers

Referer
Origin
https://soapps.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
bntUvmvj_normal.jpg
pbs.twimg.com/profile_images/1407845803197149187/ Frame D222 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1407845803197149187/bntUvmvj_normal.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF6) /
Resource Hash
7544b5fa99487bcaca11c7f6904a6c0d693df80a986e7fd4b99a35505d4a8ac0
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
x-content-type-options
nosniff
age
193578
x-cache
HIT
content-length
2263
x-response-time
110
surrogate-key
profile_images profile_images/bucket/7 profile_images/1407845803197149187
last-modified
Wed, 23 Jun 2021 23:37:30 GMT
server
ECS (mil/6CF6)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
1cb72d9f10f566749a600801abad2e462be6c262069f36869c9e29d01e397e00
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 1492 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186&khaos=KY8UKI0F-Q-BGJM
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif
getuid
ib.adnxs.com/ Frame 24DC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
mw
mwzeom.zeotap.com/ Frame 24DC
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=5cee30e4-3772-42d2-a35e-93162edcdcbd&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=5cee30e4-3772-42d2-a35e-93162edcdcbd&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6fa8bad7f59d1-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=5cee30e4-3772-42d2-a35e-93162edcdcbd&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
date
Mon, 10 Jan 2022 15:36:03 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame 24DC 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:02 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame 24DC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddbf1dfc7-c982-4a77-5c87-d7146f2213f0%26reqId%3D5...
  • https://mwzeom.zeotap.com/mw?cid=200dd76c-6183-49d6-9fb9-08410ca8a1c3&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=200dd76c-6183-49d6-9fb9-08410ca8a1c3&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6fa8b5cac59d1-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:02 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=200dd76c-6183-49d6-9fb9-08410ca8a1c3&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
481
cm
trc.taboola.com/sg/zeotap/1/ Frame 24DC 		0
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Mon, 10 Jan 2022 15:36:02 GMT
via
1.1 varnish
server
nginx
x-timer
S1641828963.965832,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19157-FRA
u
dmp.v.fwmrm.net/ad/ Frame 24DC 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f602:8bd3:480b:a39:d536 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:03 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 24DC 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddbf1dfc7-c982-4a77-5c87-d7146f2213f0%26reqId%3D575ae0a0-5588-416f-6d65-7adf8c2cc58d%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 24DC
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=efb5d118-3534-4068-a39b-033391ab0e99&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=efb5d118-3534-4068-a39b-033391ab0e99&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6fa8dfbf959d1-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:03 GMT
server
Apache-Coyote/1.1
location
https://mwzeom.zeotap.com/mw?cid=efb5d118-3534-4068-a39b-033391ab0e99&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 24DC
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=73768553528570853683098214790666120184&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=73768553528570853683098214790666120184&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6fa8d299559d1-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-1-v026-07c19b1db.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
e3QWImbMSFM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=73768553528570853683098214790666120184&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 24DC 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 24DC
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022011016-94039-0.387167001641828969-b393d9d5bb4272524866e19748dc95e9&zdid=533&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2022011016-94039-0.387167001641828969-b393d9d5bb4272524866e19748dc95e9&zdid=533&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6fa8bcde059d1-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2022011016-94039-0.387167001641828969-b393d9d5bb4272524866e19748dc95e9&zdid=533&env=mWeb
Date
Mon, 10 Jan 2022 15:36:09 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 24DC
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7051601680259414171&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7051601680259414171&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6fa8b5cab59d1-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7051601680259414171&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
Date
Mon, 10 Jan 2022 15:36:02 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
receive
pixel.tapad.com/idsync/ex/ Frame 24DC 		95 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=dbf1dfc7-c982-4a77-5c87-d7146f2213f0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:02 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame 24DC
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=pj/r6D6V1XtaskZFYezJhu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-41...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=pj/r6D6V1XtaskZFYezJhu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6fa8d196159d1-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:03 GMT
via
1.1 google
last-modified
Mon, 10 Jan 2022 15:36:03 GMT
server
nginx/1.12.0
location
https://mwzeom.zeotap.com/mw?webouuid=pj/r6D6V1XtaskZFYezJhu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 24DC 		36 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.163.159.102 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:03 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-length
36
expires
0
mw
mwzeom.zeotap.com/ Frame 24DC
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=dbf1dfc7-c982-4a77-5c87-d7146f2213f0?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=dbf1dfc7-c982-4a77-5c87-d7146f2213f0?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=869932d30e106d0a3467deb1a3d587eb&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-55...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=869932d30e106d0a3467deb1a3d587eb&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6fa8d299459d1-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:03 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=869932d30e106d0a3467deb1a3d587eb&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
cache-control
no-cache
x-server
10.45.6.242
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 24DC
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-8sS84KBE2ooTE3my1ZTCrtwKjl_q0w_NAA--~A&zpartnerid=570&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-8sS84KBE2ooTE3my1ZTCrtwKjl_q0w_NAA--~A&zpartnerid=570&env=mWeb
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6fa8d195b59d1-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

date
Mon, 10 Jan 2022 15:36:03 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-8sS84KBE2ooTE3my1ZTCrtwKjl_q0w_NAA--~A&zpartnerid=570&env=mWeb
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
mw
mwzeom.zeotap.com/ Frame 24DC
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=vmclNxe6OiZYMhNbGF%2BlPhYWghGFCZfN%2BS41iYitP1U%3D
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=vmclNxe6OiZYMhNbGF%2BlPhYWghGFCZfN%2BS41iYitP1U%3D
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6fa8d299059d1-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:03 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=vmclNxe6OiZYMhNbGF%2BlPhYWghGFCZfN%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
v2
odr.mookie1.com/t/ Frame 24DC 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:03 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 24DC 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.164.220.10 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-220-10.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
cache-control
private, no-cache, no-store
x-request-time
D=46 t=1641828963
x-served-by
beacon-n004-pdx-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 24DC 		95 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:02 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame 24DC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YdxSXgAElBbmSAAm&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7ad...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YdxSXgAElBbmSAAm&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6fa8bcddd59d1-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:03 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1641828963.970338,VS0,VE80
x-served-by
cache-cdg20770-CDG
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YdxSXgAElBbmSAAm&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame 24DC
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=ee3861dc-525e-4500-ba51-154383c5c538&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=ee3861dc-525e-4500-ba51-154383c5c538&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6fa8debe259d1-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Mon, 10 Jan 2022 15:36:03 GMT
Server
MT3 4133 baa842e master zrh-pixel-x8 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=ee3861dc-525e-4500-ba51-154383c5c538&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Mon, 10 Jan 2022 15:36:02 GMT
usermatch.gif
beacon.krxd.net/ Frame 24DC
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2c...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D%24UID
Protocol
H2
Server
35.164.220.10 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-220-10.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:04 GMT
cache-control
private, no-cache, no-store
x-request-time
D=23 t=1641828964
x-served-by
beacon-n018-pdx-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
date
Mon, 10 Jan 2022 15:36:03 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a009-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 24DC
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c8...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c8...
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361&dcc=t
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D%24UID
Protocol
HTTP/1.1
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:03 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
ZKV1RAW6MVG8MXBTWAJV
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:03 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
Q1HP5XV45RCB28H0AQBN
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 24DC
Redirect Chain
  • https://tags.bluekai.com/site/87734?id=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:04 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6fa912d6959d1-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Date
Mon, 10 Jan 2022 15:36:03 GMT
Connection
keep-alive
Content-Length
0
BK-Server
fd08
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 24DC
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Ddbf...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
95 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ct=1&ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2F0cf87ec8-f669-4bc0-9e9d-61689914b320%3Fuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:04 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6cb6fa90ecad59d1-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
date
Mon, 10 Jan 2022 15:36:03 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame 24DC 		557 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c8cd1053a9a2b6eac79d312fb5ff5c6c0f0891fb79aa909b16c7f919a9d2dd4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cf-ray
6cb6fa8a9a4659d1-MXP
date
Mon, 10 Jan 2022 15:36:03 GMT
via
1.1 google
cf-cache-status
MISS
last-modified
Mon, 10 Jan 2022 15:36:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
bntUvmvj_normal.jpg
pbs.twimg.com/profile_images/1407845803197149187/ Frame AFD7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1407845803197149187/bntUvmvj_normal.jpg
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.29715ca2e27538cc4c88.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF6) /
Resource Hash
7544b5fa99487bcaca11c7f6904a6c0d693df80a986e7fd4b99a35505d4a8ac0
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
x-content-type-options
nosniff
age
193578
x-cache
HIT
content-length
2263
x-response-time
110
surrogate-key
profile_images profile_images/bucket/7 profile_images/1407845803197149187
last-modified
Wed, 23 Jun 2021 23:37:30 GMT
server
ECS (mil/6CF6)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
1cb72d9f10f566749a600801abad2e462be6c262069f36869c9e29d01e397e00
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
flimpobj.js
pixel.yabidos.com/ Frame 6BB4 		31 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1641828962718&ver1=2.2.3&qid=83233313f553333313f513430313&rnd=lprgiopsj0ia&cid=1041
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=83233313f553333313f513430313&cid=1041&p=undefined&s=crooksandliars.com
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cf0498d6f16d928751dae8b235dab5e250f65d561f43e2dc20d982efac6016f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:02 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 09 Jan 2022 14:20:06 GMT
server
cloudflare
age
3044
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6cb6fa8a0faf5b38-FRA
content-length
24217
expires
Mon, 10 Jan 2022 17:36:02 GMT
141
match.deepintent.com/usersync/ Frame F779 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Mon, 10 Jan 2022 15:36:02 GMT
server
a
Pug
simage2.pubmatic.com/AdServer/ Frame 6D18
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:HDIcC3QZ1N6WIi5&gdpr=0&gdpr_consent=
42 B
368 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:HDIcC3QZ1N6WIi5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 10 Jan 2022 15:36:02 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug017:0:683
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Mon, 10 Jan 2022 15:36:02 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:HDIcC3QZ1N6WIi5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-693-g87a8e09#rel-ec2-master i-0fb8f8c60b2bcfa88@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
usersync
match.bnmla.com/ Frame 9B89 		0
114 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.101 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Mon, 10 Jan 2022 15:36:02 GMT
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 5655
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:28A9F7F7046F40DD8AD113074412F1AD
1 B
88 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:28A9F7F7046F40DD8AD113074412F1AD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 10 Jan 2022 15:36:02 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
lhrpug014:0:595
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
nginx
date
Mon, 10 Jan 2022 15:36:02 GMT
content-type
text/html
content-length
138
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:28A9F7F7046F40DD8AD113074412F1AD
expires
Sun, 09 Jan 2022 15:36:02 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Artemis
aud.pubmatic.com/AdServer/ Frame 3B26
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=E684F5E9-3B0B-4B8B-B14B-8556B772469D&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=E684F5E9-3B0B-4B8B-B14B-8556B772469D&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=E684F5E9-3B0B-4B8B-B14B-8556B772469D&addseg=19,36,42
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=E684F5E9-3B0B-4B8B-B14B-8556B772469D&addseg=19,36,42
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
content-length
43
content-type
text/plain; charset=utf-8

Redirect headers

date
Mon, 10 Jan 2022 15:36:03 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=E684F5E9-3B0B-4B8B-B14B-8556B772469D&addseg=19,36,42
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 3B26
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=E684F5E9-3B0B-4B8B-B14B-8556B772469D&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=E684F5E9-3B0B-4B8B-B14B-8556B772469D&sInitiator=external&gdpr=0&gdpr_consent=
42 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=E684F5E9-3B0B-4B8B-B14B-8556B772469D&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:00 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:00 GMT
frontend-id
11
location
/pubmatic/1/info2?sType=sync&sExtCookieId=E684F5E9-3B0B-4B8B-B14B-8556B772469D&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 3B26 		95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=E684F5E9-3B0B-4B8B-B14B-8556B772469D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:02 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6cb6fa8a18ce59d1-MXP
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame 3B26
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=E684F5E9-3B0B-4B8B-B14B-8556B772469D
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Server
3.225.222.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-222-206.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:03 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 10 Jan 2022 15:36:02 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3B26
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=033b22e7-722b-11ec-9250-59e8f3a3eea6&gdpr=0&gdpr_consent=
1 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=033b22e7-722b-11ec-9250-59e8f3a3eea6&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:591
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=033b22e7-722b-11ec-9250-59e8f3a3eea6&gdpr=0&gdpr_consent=
Date
Mon, 10 Jan 2022 15:36:02 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
04ae6239-722b-11ec-ae79-1ff2334d488b
ads
pubads.g.doubleclick.net/gampad/ Frame A657 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2C1010624%2FCNXORTEST%2F8566&description_url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1136567359258380&cust_params=domains%3Dcrooksandliars.com&ad_type=video&sdkv=h.3.494.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=2275327886&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.494.0&sid=E7BA1B30-65FC-4940-AE8C-F6022E62E5B5&nel=1&eid=44750604%2C44750822&top=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&loc=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&dlt=1641828954568&idt=3743&dt=1641828962902&cookie=ID%3D3e7e576597cad971%3AT%3D1641828955%3AS%3DALNI_Mb-g-aisSADHlzIcH_gZBftKV8cmg&scor=1458096565903946&ged=ve4_td8_tt6_pd8_la8000_er6771.475.6930.781_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:02 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
890
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=259200
cf-ray
6cb6fa8a79d301fc-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 13 Jan 2022 15:36:02 GMT
eligible
events.bouncex.net/track.gif/ 		42 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/eligible?wklz=IYEw+grgdglgLgZwLwFYAMBSATAYQGwDMAZAgPYQBOAxgKZKgJEQCOSAjEVcALYAOwMAOawQ7NGwDseAJwAOIsEE0ocJACtG3UiDpoiAdxoAjBPBoxRBPOKIA3GKbgX2eACxtZWWdJR4JBaTY2aSIde1pnPyw3aVcCSRQsNiSUKxD+JXsafWcOBBpmCGUIy04AGxhlOCduGgQ4Hl4Xd09vPCxpAj0qCqrgXhhbGgpTUigkBsFiMJhaJBAgA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:02 GMT
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
eligible
events.bouncex.net/track.gif/ 		42 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/eligible?wklz=IYEw+grgdglgLgZwLwEYDsBSATAYQKwDM2OAbHsQQBwBkCA9hAE4DGApkqAtRAI6rXNgAWwAOwGAHNYIVAAYCWEgBYAnNWATWUOEgBWXIXRDtZ1AO6sARgnisYMgiVkpqANxg2491MpSUslCp4JGgEKigoasbubN4hiqpKBOh4WChphCRqYprurGbeLgisPBBasTJKAgA2MFpwXkKsCHDCIj5KfgEqJFgqBAQ1ddrAIjCurIw2dFBIrRKD0TBsSCBAA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:02 GMT
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
eligible
events.bouncex.net/track.gif/ 		42 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/eligible?wklz=IYEw+grgdglgLgZwLwBYBMBSNBhArARi2wDYUAyBAewgCcBjAUyVATIgEcl8y7gBbAA7AYAc1gguABgDMaYgTLARDKHCQArVn0ogmksgHcGAIwTwGMCdOKTuANxhm4lrqXwAONO4CcuYgHZpb3x8bzJdB0YXALkUbxRpfH9cNHxU3GswoWUHBgMXbgQGdggVKIlcHgAbGBU4Zz4GBDh+AVcUDy9vYjRvaXI6GrrgARg7BhozSigkFpFpcIZIphAgA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:02 GMT
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
113
match.deepintent.com/usersync/ Frame 89B6 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd952d2dc72c9603b%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
content-length
0
server
a
cookiesync
bttrack.com/pixel/ Frame 89B6 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd952d2dc72c9603b%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-ServerName
Track002-dc3
Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:02 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
sync
x.bidswitch.net/ Frame 89B6 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd952d2dc72c9603b%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.179.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-179-172.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
noop
px.owneriq.net/ Frame 89B6
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6951153631002470371&uid=Q6951153631002470371&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd952d2dc72c9603b%26uid%3D
Protocol
HTTP/1.1
Server
104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-53.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:03 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Mon, 10 Jan 2022 15:36:03 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
sync
ups.analytics.yahoo.com/ups/55940/ Frame 89B6 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YdxSXBt8uWyTtIAi9xXNZAAABHYAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd952d2dc72c9603b%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 89B6
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=4d82d812-27dc-4dae-bda6-170f06a7d781
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=4d82d812-27dc-4dae-bda6-170f06a7d781
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd952d2dc72c9603b%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:03 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 10 Jan 2022 15:36:03 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:03 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=4d82d812-27dc-4dae-bda6-170f06a7d781
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 89B6
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YdxSXBt8uWyTtIAi9xXNZAAABHYAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YdxSXBt8uWyTtIAi9xXNZAAABHYAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YdxSXBt8uWyTtIAi9xXNZAAABHYAAAIB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd952d2dc72c9603b%26uid%3D
Protocol
HTTP/1.1
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:03 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
864WEP2XERNBY8X0H81Z
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:03 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
6WD147BW2PA4V752YN6C
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YdxSXBt8uWyTtIAi9xXNZAAABHYAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 89B6
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd952d2dc72c9603b%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:03 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 10 Jan 2022 15:36:03 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Mon, 10 Jan 2022 15:36:03 GMT
server
nginx/1.20.0
content-length
76
um
u-ams02.e-planning.net/ Frame 89B6 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=d952d2dc72c9603b&uid=YdxSXBt8uWyTtIAi9xXNZAAA%261142
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd952d2dc72c9603b%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
server
openresty
content-type
image/gif
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=REVCONTENT_DISPLAY1&hp=1&wf=1&ra=1&pxm=&sgs=3&vb=13&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1641828958641&de=524359301179&m=0&ar=cc97a930ec1-clean&iw=bdef476&q=23&cb=0&ym=0&cu=1641828958641&ll=2&lm=0&ln=0&em=0&en=0&d=144849%3A167087%3A6589181%3Aundefined&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=revcontentdisplay556968265165&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1370%3A1370%3A0%3A1579&fs=195926&na=39800850&cs=0
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:02 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 10 Jan 2022 15:36:02 GMT
generic
match.adsrvr.org/track/cmf/ Frame 7C38 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:03 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuidmid=7976&xuid=BARgT424p&dongle=u6nf
eb2.3lift.com/ Frame 7C38
Redirect Chain
  • https://ad.mrtnsvr.com/sync/triplelift
  • https://eb2.3lift.com/xuidmid=7976&xuid=BARgT424p&dongle=u6nf
37 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuidmid=7976&xuid=BARgT424p&dongle=u6nf
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
cache-control
no-cache, no-store, must-revalidate
x-error
Not Found
content-length
37
content-type
image/gif

Redirect headers

location
https://eb2.3lift.com/xuidmid=7976&xuid=BARgT424p&dongle=u6nf
date
Mon, 10 Jan 2022 15:36:03 GMT
via
1.1 google
alt-svc
clear
content-length
92
vary
Origin
content-type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 7C38 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7C38
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjAwNTE2OTUxNzc3MDUxMzY5MQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjAwNTE2OTUxNzc3MDUxMzY5MQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjAwNTE2OTUxNzc3MDUxMzY5MQ%3D%3D
date
Mon, 10 Jan 2022 15:36:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 7C38 		0
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2005169517770513691&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:02 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: D4735C3B834C4D51897F9824FB8B0630 Ref B: FRAEDGE1221 Ref C: 2022-01-10T15:36:03Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXVPBghK5eHrLRRMldAJQ==
xuid
eb2.3lift.com/ Frame 7C38
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2005169517770513691?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-XIXbRKpE2oRAFCFd8SACOTKvGNZD0zYsYJhXXQK7Vg--~A&dongle=0883
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-XIXbRKpE2oRAFCFd8SACOTKvGNZD0zYsYJhXXQK7Vg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 10 Jan 2022 15:36:03 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-XIXbRKpE2oRAFCFd8SACOTKvGNZD0zYsYJhXXQK7Vg--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
sync
x.bidswitch.net/ Frame 7C38 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=2005169517770513691&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.179.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-179-172.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c.gif
c.bing.com/ Frame 7C38 		42 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=2005169517770513691&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:02 GMT
etag
"f95a3e4769d2d71:0"
last-modified
Fri, 05 Nov 2021 17:19:23 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1D8A9475AB03483F8BE9801357349D37 Ref B: FRAEDGE1306 Ref C: 2022-01-10T15:36:03Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame 7C38
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=2005169517770513691
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2005169517770513691&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2005169517770513691&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:03 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
W3C9AMV71TRBMAMAWEDD
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2005169517770513691&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 7C38
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
R0cKz3Gc_normal.jpg
pbs.twimg.com/profile_images/1416869035996758020/ Frame A41E 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1416869035996758020/R0cKz3Gc_normal.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF2) /
Resource Hash
74451338e2c54133271452ebaf00ae652c31526b939675ff0af90678827a2e28
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
x-content-type-options
nosniff
age
66069
x-cache
HIT
content-length
2187
x-response-time
111
surrogate-key
profile_images profile_images/bucket/1 profile_images/1416869035996758020
last-modified
Sun, 18 Jul 2021 21:12:36 GMT
server
ECS (mil/6CF2)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
8445def3341d2ce0c6fa6f96258ae1e9d11f50fade931e2e1e096dec279e96fe
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
ads
pubads.g.doubleclick.net/gampad/ Frame B0DE 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2C1010624%2FCNXORTEST%2F8566&description_url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=727034111141495&cust_params=domains%3Dcrooksandliars.com&ad_type=video&sdkv=h.3.494.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=2741841703&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.494.0&sid=ABC5C6E5-ED3C-44B8-97F6-DE2E282980C5&nel=1&eid=44737473%2C44750604%2C44750824&top=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&loc=about%3Ablank&dlt=1641828954740&idt=4359&dt=1641828962984&cookie=ID%3D3e7e576597cad971%3AT%3D1641828955%3AS%3DALNI_Mb-g-aisSADHlzIcH_gZBftKV8cmg&scor=4030586094214230&ged=ve4_td8_tt6_pd8_la8000_er1664.502.1823.808_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 4CC7
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 10 Jan 2022 15:36:03 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=12776
date
Mon, 10 Jan 2022 15:36:03 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
usermatch
ssum-sec.casalemedia.com/ Frame BD2E 		0
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=$UID&cb=https://usr.undertone.com/userPixel/sync?partnerId=57&uid=$UID
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:03 GMT
Last-Modified
Fri, 14 May 2021 17:23:43 GMT
Server
Apache
ETag
"0"
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
Expires
Mon, 10 Jan 2022 15:36:03 GMT
sync
usr.undertone.com/userPixel/ Frame BD2E
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=1899464560870372694
0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=1899464560870372694
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Server
52.70.120.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-120-137.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:02 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:03 GMT
X-Proxy-Origin
193.27.14.43; 193.27.14.43; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
8939cb79-862c-4a0e-90fc-23d7b7021fe2
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=1899464560870372694
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame BD2E 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:03 GMT
content-encoding
gzip
server
OXGW/17.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame BD2E
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP00faf6d4-722b-11ec-b92b-022355a5a232
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-lPe8AVhE2uFAusja4PgQzuCO8HNWDQb4~A~UP00faf6d4-722b-11ec-b92b-022355a5a232
0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-lPe8AVhE2uFAusja4PgQzuCO8HNWDQb4~A~UP00faf6d4-722b-11ec-b92b-022355a5a232
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Server
52.70.120.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-120-137.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-lPe8AVhE2uFAusja4PgQzuCO8HNWDQb4~A~UP00faf6d4-722b-11ec-b92b-022355a5a232
date
Mon, 10 Jan 2022 15:36:03 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
usr.undertone.com/userPixel/ Frame BD2E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usr.undertone.com/userPixel/sync?partner=ttd&uid=200dd76c-6183-49d6-9fb9-08410ca8a1c3&ttl=1644420963
0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=200dd76c-6183-49d6-9fb9-08410ca8a1c3&ttl=1644420963
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Server
52.70.120.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-120-137.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:02 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=200dd76c-6183-49d6-9fb9-08410ca8a1c3&ttl=1644420963
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
247
sync.php
pixel.rubiconproject.com/exchange/ Frame BD2E 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6683ee3a8662a9679fcacb9fe223a3f8
Content-Type
image/gif
sync
usr.undertone.com/userPixel/ Frame BD2E
Redirect Chain
  • https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
  • https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=18e646373b7f9f7e6fd2a32fa3ae10c0d31399c8
0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=18e646373b7f9f7e6fd2a32fa3ae10c0d31399c8
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Server
52.70.120.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-120-137.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Location
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=18e646373b7f9f7e6fd2a32fa3ae10c0d31399c8
Date
Mon, 10 Jan 2022 15:36:03 GMT
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
X-Frame-Options
DENY
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
sync
usr.undertone.com/userPixel/ Frame BD2E
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3DE684F5E9-3B0B-4B8B-B14B-8556B772469D
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=E684F5E9-3B0B-4B8B-B14B-8556B772469D
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=E684F5E9-3B0B-4B8B-B14B-8556B772469D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Server
52.70.120.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-120-137.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=E684F5E9-3B0B-4B8B-B14B-8556B772469D
date
Mon, 10 Jan 2022 15:36:02 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
usr.undertone.com/userPixel/ Frame BD2E
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID/%257BuserId%257D
  • https://usr.undertone.com/userPixel/sync?partnerId=55&uid=$UID/no-consent
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=55&uid=$UID/no-consent
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Server
52.70.120.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-120-137.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:02 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://usr.undertone.com/userPixel/sync?partnerId=55&uid=$UID/no-consent
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
usr.undertone.com/userPixel/ Frame BD2E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=$y-XrJM4dFE2uHSnpP6VhPvkeyoc6u1ii50hlJFWjM-~A
0
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=$y-XrJM4dFE2uHSnpP6VhPvkeyoc6u1ii50hlJFWjM-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Server
52.70.120.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-120-137.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=$y-XrJM4dFE2uHSnpP6VhPvkeyoc6u1ii50hlJFWjM-~A
date
Mon, 10 Jan 2022 15:36:03 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GS.d
js.cookieless-data.com/ Frame 0BF6 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fsync.e-planning.net%2F&s=&rand=1641828963044
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.28.83 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-28-83.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:03 GMT
Server
nginx/1.11.3
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
st
capi.connatix.com/tr/ Frame 3C9B 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/st?v=144775
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.50.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-50-229.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 10 Jan 2022 15:36:02 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
content-encoding
br
cf-cache-status
HIT
age
2526
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
B9201827F81D32DC
x-amz-id-2
oKgOzNf5arXSuLpawmQDb8wF7AHHBYdedIxY85YAn8qIfNXdz81xtOQ1yH8O6og8UfPiWO7QqMs=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6cb6fa8b7ce839f9-CDG
expires
Tue, 11 Jan 2022 15:36:03 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
813 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
content-encoding
br
cf-cache-status
HIT
age
2527
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
50VWJQBT5W4QYKJG
x-amz-id-2
xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6cb6fa8b7cea39f9-CDG
expires
Tue, 11 Jan 2022 15:36:03 GMT
ad_page
ssp.behave.com/ 		20 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.behave.com/ad_page
Requested by
Host: api.bounceexchange.com
URL: https://api.bounceexchange.com/bounce/init1.js?wklz=C4ewVgigvArgdgEwKYDMCWckIGQGNgDOUAjAGwAsxAHAExUCcArKaQOwDM2wAXiFAAzYA7kgBGBNMCQB9NAijtS-YtgBOSAiAA2MYGhBwSS-gA9iNfoPUokq9aqh4Ahlq0YA5tJiqtUABbAwAAOBACk7ACCoTQAYtExuKogIADWBE6Ibk6qBAB0uCAAtvEWNDTxyvGiGXAGALQEdRl6dQBuTiZ1BXYaQQbIcMB1olpOhRp1fmgE2K3TktIFqWhIUKGsAELRNFpB2+FRZQHBYTSMkdGMsZexiclpGQhZOflFNzGl5Wexld8x1XBanAGk1Bmg2h0uiAegQ+ogkINhqNxo0pqcvgBhbaqfYXMr7VgAETw9xWa0262JSxSK2koBA0lGqncqxQLgISGwoiCAmwSGCUAA2gBdbBBQiOAqFIJZOC4GQoUbuKBAA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.207.10.239 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
239.10.207.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e7916e26498bf49c4bfc2a1b8351b43cbe67a2965d3fb0046eb438cd7d139a21

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

Date
Mon, 10 Jan 2022 15:36:03 GMT
Server
nginx
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://crooksandliars.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
cygnus
as-sec.casalemedia.com/ 		28 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?v=8.8&cb=1641828963117&s=382244&r=%7B%22id%22%3A%221641828963%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221%22%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A3%2C%22maxduration%22%3A150%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22startdelay%22%3A0%2C%22placement%22%3A5%2C%22playbackmethod%22%3A%5B2%5D%2C%22w%22%3A880%2C%22h%22%3A495%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his%3Fdevice%3Ddesktop%22%2C%22ref%22%3A%22%22%2C%22mobile%22%3A0%7D%2C%22source%22%3A%7B%22pchain%22%3A%22869cff86d1c453c1%3A3601%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22wunderkind.co%22%2C%22sid%22%3A%223601%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&fn=jsonp
Requested by
Host: api.bounceexchange.com
URL: https://api.bounceexchange.com/bounce/init1.js?wklz=C4ewVgigvArgdgEwKYDMCWckIGQGNgDOUAjAGwAsxAHAExUCcArKaQOwDM2wAXiFAAzYA7kgBGBNMCQB9NAijtS-YtgBOSAiAA2MYGhBwSS-gA9iNfoPUokq9aqh4Ahlq0YA5tJiqtUABbAwAAOBACk7ACCoTQAYtExuKogIADWBE6Ibk6qBAB0uCAAtvEWNDTxyvGiGXAGALQEdRl6dQBuTiZ1BXYaQQbIcMB1olpOhRp1fmgE2K3TktIFqWhIUKGsAELRNFpB2+FRZQHBYTSMkdGMsZexiclpGQhZOflFNzGl5Wexld8x1XBanAGk1Bmg2h0uiAegQ+ogkINhqNxo0pqcvgBhbaqfYXMr7VgAETw9xWa0262JSxSK2koBA0lGqncqxQLgISGwoiCAmwSGCUAA2gBdbBBQiOAqFIJZOC4GQoUbuKBAA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d373af1af4166280bf539db501154833cb695142d31b2d969f024e6749fea4fc

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:03 GMT
Content-Encoding
gzip
X-AK-INITIAL-GEO
CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.43], XFF:[]
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
https://crooksandliars.com
X-CS-CLIENT-GEO
12
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
48
X-AK-CLIENT-GEO
12
Expires
Mon, 10 Jan 2022 15:36:03 GMT
cygnus
as-sec.casalemedia.com/ 		41 B
590 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?v=7&cb=1641828963118&s=382244&r=%7B%22id%22%3A%221641828963%22%2C%22imp%22%3A%5B%7B%22id%22%3A%222%22%2C%22banner%22%3A%7B%22w%22%3A900%2C%22h%22%3A600%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his%3Fdevice%3Ddesktop%22%2C%22ref%22%3A%22%22%2C%22mobile%22%3A0%7D%2C%22source%22%3A%7B%22pchain%22%3A%22869cff86d1c453c1%3A3601%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22wunderkind.co%22%2C%22sid%22%3A%223601%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: api.bounceexchange.com
URL: https://api.bounceexchange.com/bounce/init1.js?wklz=C4ewVgigvArgdgEwKYDMCWckIGQGNgDOUAjAGwAsxAHAExUCcArKaQOwDM2wAXiFAAzYA7kgBGBNMCQB9NAijtS-YtgBOSAiAA2MYGhBwSS-gA9iNfoPUokq9aqh4Ahlq0YA5tJiqtUABbAwAAOBACk7ACCoTQAYtExuKogIADWBE6Ibk6qBAB0uCAAtvEWNDTxyvGiGXAGALQEdRl6dQBuTiZ1BXYaQQbIcMB1olpOhRp1fmgE2K3TktIFqWhIUKGsAELRNFpB2+FRZQHBYTSMkdGMsZexiclpGQhZOflFNzGl5Wexld8x1XBanAGk1Bmg2h0uiAegQ+ogkINhqNxo0pqcvgBhbaqfYXMr7VgAETw9xWa0262JSxSK2koBA0lGqncqxQLgISGwoiCAmwSGCUAA2gBdbBBQiOAqFIJZOC4GQoUbuKBAA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
515256187aef2bd5da6fda3ee25e54a53fe2520bd375a692eb62c9226d793bf6

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:03 GMT
Content-Encoding
gzip
X-AK-INITIAL-GEO
CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.43], XFF:[]
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
https://crooksandliars.com
X-CS-CLIENT-GEO
12
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
61
X-AK-CLIENT-GEO
12
Expires
Mon, 10 Jan 2022 15:36:03 GMT
cygnus
as-sec.casalemedia.com/ 		41 B
590 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?v=7&cb=1641828963118&s=382244&r=%7B%22id%22%3A%221641828963%22%2C%22imp%22%3A%5B%7B%22id%22%3A%223%22%2C%22banner%22%3A%7B%22w%22%3A900%2C%22h%22%3A550%7D%7D%2C%7B%22id%22%3A%225%22%2C%22banner%22%3A%7B%22w%22%3A900%2C%22h%22%3A600%7D%7D%2C%7B%22id%22%3A%226%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his%3Fdevice%3Ddesktop%22%2C%22ref%22%3A%22%22%2C%22mobile%22%3A0%7D%2C%22source%22%3A%7B%22pchain%22%3A%22869cff86d1c453c1%3A3601%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22wunderkind.co%22%2C%22sid%22%3A%223601%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: api.bounceexchange.com
URL: https://api.bounceexchange.com/bounce/init1.js?wklz=C4ewVgigvArgdgEwKYDMCWckIGQGNgDOUAjAGwAsxAHAExUCcArKaQOwDM2wAXiFAAzYA7kgBGBNMCQB9NAijtS-YtgBOSAiAA2MYGhBwSS-gA9iNfoPUokq9aqh4Ahlq0YA5tJiqtUABbAwAAOBACk7ACCoTQAYtExuKogIADWBE6Ibk6qBAB0uCAAtvEWNDTxyvGiGXAGALQEdRl6dQBuTiZ1BXYaQQbIcMB1olpOhRp1fmgE2K3TktIFqWhIUKGsAELRNFpB2+FRZQHBYTSMkdGMsZexiclpGQhZOflFNzGl5Wexld8x1XBanAGk1Bmg2h0uiAegQ+ogkINhqNxo0pqcvgBhbaqfYXMr7VgAETw9xWa0262JSxSK2koBA0lGqncqxQLgISGwoiCAmwSGCUAA2gBdbBBQiOAqFIJZOC4GQoUbuKBAA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
515256187aef2bd5da6fda3ee25e54a53fe2520bd375a692eb62c9226d793bf6

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:03 GMT
Content-Encoding
gzip
X-AK-INITIAL-GEO
CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.43], XFF:[]
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
https://crooksandliars.com
X-CS-CLIENT-GEO
12
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
61
X-AK-CLIENT-GEO
12
Expires
Mon, 10 Jan 2022 15:36:03 GMT
cygnus
as-sec.casalemedia.com/ 		28 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?v=8.8&cb=1641828963119&s=382244&r=%7B%22id%22%3A%221641828963%22%2C%22imp%22%3A%5B%7B%22id%22%3A%224%22%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A3%2C%22maxduration%22%3A150%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22startdelay%22%3A0%2C%22placement%22%3A4%2C%22playbackmethod%22%3A%5B2%5D%2C%22w%22%3A880%2C%22h%22%3A495%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his%3Fdevice%3Ddesktop%22%2C%22ref%22%3A%22%22%2C%22mobile%22%3A0%7D%2C%22source%22%3A%7B%22pchain%22%3A%22869cff86d1c453c1%3A3601%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22wunderkind.co%22%2C%22sid%22%3A%223601%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&fn=jsonp
Requested by
Host: api.bounceexchange.com
URL: https://api.bounceexchange.com/bounce/init1.js?wklz=C4ewVgigvArgdgEwKYDMCWckIGQGNgDOUAjAGwAsxAHAExUCcArKaQOwDM2wAXiFAAzYA7kgBGBNMCQB9NAijtS-YtgBOSAiAA2MYGhBwSS-gA9iNfoPUokq9aqh4Ahlq0YA5tJiqtUABbAwAAOBACk7ACCoTQAYtExuKogIADWBE6Ibk6qBAB0uCAAtvEWNDTxyvGiGXAGALQEdRl6dQBuTiZ1BXYaQQbIcMB1olpOhRp1fmgE2K3TktIFqWhIUKGsAELRNFpB2+FRZQHBYTSMkdGMsZexiclpGQhZOflFNzGl5Wexld8x1XBanAGk1Bmg2h0uiAegQ+ogkINhqNxo0pqcvgBhbaqfYXMr7VgAETw9xWa0262JSxSK2koBA0lGqncqxQLgISGwoiCAmwSGCUAA2gBdbBBQiOAqFIJZOC4GQoUbuKBAA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d373af1af4166280bf539db501154833cb695142d31b2d969f024e6749fea4fc

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:03 GMT
Content-Encoding
gzip
X-AK-INITIAL-GEO
CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.43], XFF:[]
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
https://crooksandliars.com
X-CS-CLIENT-GEO
12
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
48
X-AK-CLIENT-GEO
12
Expires
Mon, 10 Jan 2022 15:36:03 GMT
cygnus
as-sec.casalemedia.com/ 		41 B
590 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?v=7&cb=1641828963119&s=382244&r=%7B%22id%22%3A%221641828963%22%2C%22imp%22%3A%5B%7B%22id%22%3A%227%22%2C%22banner%22%3A%7B%22w%22%3A900%2C%22h%22%3A550%7D%7D%2C%7B%22id%22%3A%229%22%2C%22banner%22%3A%7B%22w%22%3A900%2C%22h%22%3A600%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his%3Fdevice%3Ddesktop%22%2C%22ref%22%3A%22%22%2C%22mobile%22%3A0%7D%2C%22source%22%3A%7B%22pchain%22%3A%22869cff86d1c453c1%3A3601%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22wunderkind.co%22%2C%22sid%22%3A%223601%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: api.bounceexchange.com
URL: https://api.bounceexchange.com/bounce/init1.js?wklz=C4ewVgigvArgdgEwKYDMCWckIGQGNgDOUAjAGwAsxAHAExUCcArKaQOwDM2wAXiFAAzYA7kgBGBNMCQB9NAijtS-YtgBOSAiAA2MYGhBwSS-gA9iNfoPUokq9aqh4Ahlq0YA5tJiqtUABbAwAAOBACk7ACCoTQAYtExuKogIADWBE6Ibk6qBAB0uCAAtvEWNDTxyvGiGXAGALQEdRl6dQBuTiZ1BXYaQQbIcMB1olpOhRp1fmgE2K3TktIFqWhIUKGsAELRNFpB2+FRZQHBYTSMkdGMsZexiclpGQhZOflFNzGl5Wexld8x1XBanAGk1Bmg2h0uiAegQ+ogkINhqNxo0pqcvgBhbaqfYXMr7VgAETw9xWa0262JSxSK2koBA0lGqncqxQLgISGwoiCAmwSGCUAA2gBdbBBQiOAqFIJZOC4GQoUbuKBAA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
515256187aef2bd5da6fda3ee25e54a53fe2520bd375a692eb62c9226d793bf6

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:03 GMT
Content-Encoding
gzip
X-AK-INITIAL-GEO
CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.43], XFF:[]
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
https://crooksandliars.com
X-CS-CLIENT-GEO
12
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
61
X-AK-CLIENT-GEO
12
Expires
Mon, 10 Jan 2022 15:36:03 GMT
cygnus
as-sec.casalemedia.com/ 		28 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?v=8.8&cb=1641828963120&s=382244&r=%7B%22id%22%3A%221641828963%22%2C%22imp%22%3A%5B%7B%22id%22%3A%228%22%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A3%2C%22maxduration%22%3A150%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22startdelay%22%3A0%2C%22placement%22%3A4%2C%22playbackmethod%22%3A%5B2%5D%2C%22w%22%3A880%2C%22h%22%3A495%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his%3Fdevice%3Ddesktop%22%2C%22ref%22%3A%22%22%2C%22mobile%22%3A0%7D%2C%22source%22%3A%7B%22pchain%22%3A%22869cff86d1c453c1%3A3601%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22wunderkind.co%22%2C%22sid%22%3A%223601%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&fn=jsonp
Requested by
Host: api.bounceexchange.com
URL: https://api.bounceexchange.com/bounce/init1.js?wklz=C4ewVgigvArgdgEwKYDMCWckIGQGNgDOUAjAGwAsxAHAExUCcArKaQOwDM2wAXiFAAzYA7kgBGBNMCQB9NAijtS-YtgBOSAiAA2MYGhBwSS-gA9iNfoPUokq9aqh4Ahlq0YA5tJiqtUABbAwAAOBACk7ACCoTQAYtExuKogIADWBE6Ibk6qBAB0uCAAtvEWNDTxyvGiGXAGALQEdRl6dQBuTiZ1BXYaQQbIcMB1olpOhRp1fmgE2K3TktIFqWhIUKGsAELRNFpB2+FRZQHBYTSMkdGMsZexiclpGQhZOflFNzGl5Wexld8x1XBanAGk1Bmg2h0uiAegQ+ogkINhqNxo0pqcvgBhbaqfYXMr7VgAETw9xWa0262JSxSK2koBA0lGqncqxQLgISGwoiCAmwSGCUAA2gBdbBBQiOAqFIJZOC4GQoUbuKBAA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d373af1af4166280bf539db501154833cb695142d31b2d969f024e6749fea4fc

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Mon, 10 Jan 2022 15:36:03 GMT
Content-Encoding
gzip
X-AK-INITIAL-GEO
CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.43], XFF:[]
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
https://crooksandliars.com
X-CS-CLIENT-GEO
12
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
48
X-AK-CLIENT-GEO
12
Expires
Mon, 10 Jan 2022 15:36:03 GMT
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?
Requested by
Host: api.bounceexchange.com
URL: https://api.bounceexchange.com/bounce/init1.js?wklz=C4ewVgigvArgdgEwKYDMCWckIGQGNgDOUAjAGwAsxAHAExUCcArKaQOwDM2wAXiFAAzYA7kgBGBNMCQB9NAijtS-YtgBOSAiAA2MYGhBwSS-gA9iNfoPUokq9aqh4Ahlq0YA5tJiqtUABbAwAAOBACk7ACCoTQAYtExuKogIADWBE6Ibk6qBAB0uCAAtvEWNDTxyvGiGXAGALQEdRl6dQBuTiZ1BXYaQQbIcMB1olpOhRp1fmgE2K3TktIFqWhIUKGsAELRNFpB2+FRZQHBYTSMkdGMsZexiclpGQhZOflFNzGl5Wexld8x1XBanAGk1Bmg2h0uiAegQ+ogkINhqNxo0pqcvgBhbaqfYXMr7VgAETw9xWa0262JSxSK2koBA0lGqncqxQLgISGwoiCAmwSGCUAA2gBdbBBQiOAqFIJZOC4GQoUbuKBAA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Mon, 10 Jan 2022 15:36:02 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?
Requested by
Host: api.bounceexchange.com
URL: https://api.bounceexchange.com/bounce/init1.js?wklz=C4ewVgigvArgdgEwKYDMCWckIGQGNgDOUAjAGwAsxAHAExUCcArKaQOwDM2wAXiFAAzYA7kgBGBNMCQB9NAijtS-YtgBOSAiAA2MYGhBwSS-gA9iNfoPUokq9aqh4Ahlq0YA5tJiqtUABbAwAAOBACk7ACCoTQAYtExuKogIADWBE6Ibk6qBAB0uCAAtvEWNDTxyvGiGXAGALQEdRl6dQBuTiZ1BXYaQQbIcMB1olpOhRp1fmgE2K3TktIFqWhIUKGsAELRNFpB2+FRZQHBYTSMkdGMsZexiclpGQhZOflFNzGl5Wexld8x1XBanAGk1Bmg2h0uiAegQ+ogkINhqNxo0pqcvgBhbaqfYXMr7VgAETw9xWa0262JSxSK2koBA0lGqncqxQLgISGwoiCAmwSGCUAA2gBdbBBQiOAqFIJZOC4GQoUbuKBAA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Mon, 10 Jan 2022 15:36:02 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?
Requested by
Host: api.bounceexchange.com
URL: https://api.bounceexchange.com/bounce/init1.js?wklz=C4ewVgigvArgdgEwKYDMCWckIGQGNgDOUAjAGwAsxAHAExUCcArKaQOwDM2wAXiFAAzYA7kgBGBNMCQB9NAijtS-YtgBOSAiAA2MYGhBwSS-gA9iNfoPUokq9aqh4Ahlq0YA5tJiqtUABbAwAAOBACk7ACCoTQAYtExuKogIADWBE6Ibk6qBAB0uCAAtvEWNDTxyvGiGXAGALQEdRl6dQBuTiZ1BXYaQQbIcMB1olpOhRp1fmgE2K3TktIFqWhIUKGsAELRNFpB2+FRZQHBYTSMkdGMsZexiclpGQhZOflFNzGl5Wexld8x1XBanAGk1Bmg2h0uiAegQ+ogkINhqNxo0pqcvgBhbaqfYXMr7VgAETw9xWa0262JSxSK2koBA0lGqncqxQLgISGwoiCAmwSGCUAA2gBdbBBQiOAqFIJZOC4GQoUbuKBAA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Mon, 10 Jan 2022 15:36:01 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?
Requested by
Host: api.bounceexchange.com
URL: https://api.bounceexchange.com/bounce/init1.js?wklz=C4ewVgigvArgdgEwKYDMCWckIGQGNgDOUAjAGwAsxAHAExUCcArKaQOwDM2wAXiFAAzYA7kgBGBNMCQB9NAijtS-YtgBOSAiAA2MYGhBwSS-gA9iNfoPUokq9aqh4Ahlq0YA5tJiqtUABbAwAAOBACk7ACCoTQAYtExuKogIADWBE6Ibk6qBAB0uCAAtvEWNDTxyvGiGXAGALQEdRl6dQBuTiZ1BXYaQQbIcMB1olpOhRp1fmgE2K3TktIFqWhIUKGsAELRNFpB2+FRZQHBYTSMkdGMsZexiclpGQhZOflFNzGl5Wexld8x1XBanAGk1Bmg2h0uiAegQ+ogkINhqNxo0pqcvgBhbaqfYXMr7VgAETw9xWa0262JSxSK2koBA0lGqncqxQLgISGwoiCAmwSGCUAA2gBdbBBQiOAqFIJZOC4GQoUbuKBAA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Mon, 10 Jan 2022 15:36:01 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?
Requested by
Host: api.bounceexchange.com
URL: https://api.bounceexchange.com/bounce/init1.js?wklz=C4ewVgigvArgdgEwKYDMCWckIGQGNgDOUAjAGwAsxAHAExUCcArKaQOwDM2wAXiFAAzYA7kgBGBNMCQB9NAijtS-YtgBOSAiAA2MYGhBwSS-gA9iNfoPUokq9aqh4Ahlq0YA5tJiqtUABbAwAAOBACk7ACCoTQAYtExuKogIADWBE6Ibk6qBAB0uCAAtvEWNDTxyvGiGXAGALQEdRl6dQBuTiZ1BXYaQQbIcMB1olpOhRp1fmgE2K3TktIFqWhIUKGsAELRNFpB2+FRZQHBYTSMkdGMsZexiclpGQhZOflFNzGl5Wexld8x1XBanAGk1Bmg2h0uiAegQ+ogkINhqNxo0pqcvgBhbaqfYXMr7VgAETw9xWa0262JSxSK2koBA0lGqncqxQLgISGwoiCAmwSGCUAA2gBdbBBQiOAqFIJZOC4GQoUbuKBAA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Mon, 10 Jan 2022 15:36:02 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?
Requested by
Host: api.bounceexchange.com
URL: https://api.bounceexchange.com/bounce/init1.js?wklz=C4ewVgigvArgdgEwKYDMCWckIGQGNgDOUAjAGwAsxAHAExUCcArKaQOwDM2wAXiFAAzYA7kgBGBNMCQB9NAijtS-YtgBOSAiAA2MYGhBwSS-gA9iNfoPUokq9aqh4Ahlq0YA5tJiqtUABbAwAAOBACk7ACCoTQAYtExuKogIADWBE6Ibk6qBAB0uCAAtvEWNDTxyvGiGXAGALQEdRl6dQBuTiZ1BXYaQQbIcMB1olpOhRp1fmgE2K3TktIFqWhIUKGsAELRNFpB2+FRZQHBYTSMkdGMsZexiclpGQhZOflFNzGl5Wexld8x1XBanAGk1Bmg2h0uiAegQ+ogkINhqNxo0pqcvgBhbaqfYXMr7VgAETw9xWa0262JSxSK2koBA0lGqncqxQLgISGwoiCAmwSGCUAA2gBdbBBQiOAqFIJZOC4GQoUbuKBAA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Mon, 10 Jan 2022 15:36:01 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?
Requested by
Host: api.bounceexchange.com
URL: https://api.bounceexchange.com/bounce/init1.js?wklz=C4ewVgigvArgdgEwKYDMCWckIGQGNgDOUAjAGwAsxAHAExUCcArKaQOwDM2wAXiFAAzYA7kgBGBNMCQB9NAijtS-YtgBOSAiAA2MYGhBwSS-gA9iNfoPUokq9aqh4Ahlq0YA5tJiqtUABbAwAAOBACk7ACCoTQAYtExuKogIADWBE6Ibk6qBAB0uCAAtvEWNDTxyvGiGXAGALQEdRl6dQBuTiZ1BXYaQQbIcMB1olpOhRp1fmgE2K3TktIFqWhIUKGsAELRNFpB2+FRZQHBYTSMkdGMsZexiclpGQhZOflFNzGl5Wexld8x1XBanAGk1Bmg2h0uiAegQ+ogkINhqNxo0pqcvgBhbaqfYXMr7VgAETw9xWa0262JSxSK2koBA0lGqncqxQLgISGwoiCAmwSGCUAA2gBdbBBQiOAqFIJZOC4GQoUbuKBAA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Mon, 10 Jan 2022 15:36:01 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?
Requested by
Host: api.bounceexchange.com
URL: https://api.bounceexchange.com/bounce/init1.js?wklz=C4ewVgigvArgdgEwKYDMCWckIGQGNgDOUAjAGwAsxAHAExUCcArKaQOwDM2wAXiFAAzYA7kgBGBNMCQB9NAijtS-YtgBOSAiAA2MYGhBwSS-gA9iNfoPUokq9aqh4Ahlq0YA5tJiqtUABbAwAAOBACk7ACCoTQAYtExuKogIADWBE6Ibk6qBAB0uCAAtvEWNDTxyvGiGXAGALQEdRl6dQBuTiZ1BXYaQQbIcMB1olpOhRp1fmgE2K3TktIFqWhIUKGsAELRNFpB2+FRZQHBYTSMkdGMsZexiclpGQhZOflFNzGl5Wexld8x1XBanAGk1Bmg2h0uiAegQ+ogkINhqNxo0pqcvgBhbaqfYXMr7VgAETw9xWa0262JSxSK2koBA0lGqncqxQLgISGwoiCAmwSGCUAA2gBdbBBQiOAqFIJZOC4GQoUbuKBAA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Mon, 10 Jan 2022 15:36:02 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?
Requested by
Host: api.bounceexchange.com
URL: https://api.bounceexchange.com/bounce/init1.js?wklz=C4ewVgigvArgdgEwKYDMCWckIGQGNgDOUAjAGwAsxAHAExUCcArKaQOwDM2wAXiFAAzYA7kgBGBNMCQB9NAijtS-YtgBOSAiAA2MYGhBwSS-gA9iNfoPUokq9aqh4Ahlq0YA5tJiqtUABbAwAAOBACk7ACCoTQAYtExuKogIADWBE6Ibk6qBAB0uCAAtvEWNDTxyvGiGXAGALQEdRl6dQBuTiZ1BXYaQQbIcMB1olpOhRp1fmgE2K3TktIFqWhIUKGsAELRNFpB2+FRZQHBYTSMkdGMsZexiclpGQhZOflFNzGl5Wexld8x1XBanAGk1Bmg2h0uiAegQ+ogkINhqNxo0pqcvgBhbaqfYXMr7VgAETw9xWa0262JSxSK2koBA0lGqncqxQLgISGwoiCAmwSGCUAA2gBdbBBQiOAqFIJZOC4GQoUbuKBAA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Mon, 10 Jan 2022 15:36:02 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=&sgs=3&vb=13&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fimages.newsmaxwidget.com%2Fimage%2Ffetch%2Ff_jpg%2Cq_auto%2Ch_150%2Cw_225%2Cc_fill%2Cg_face%3Aauto%2Fpg_1%2Fhttps%3A%2F%2Fmedia.newsmaxwidget.com%2Fcontent%2Fimages%2F6165111e2e8712-72997412.jpeg&i=REVCONTENT_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-mK3eZQwprWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-tdBeNp%2B61zA1OQ%3D%3D&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=68&w=105&fy=1060&gp=3032.515625&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&id=1&ii=4&f=0&j=&t=1641828958508&de=80176946616&cu=1641828958508&m=799&ar=cc97a930ec1-clean&iw=bdef476&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=3032.515625&lb=8758&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1370%3A1370%3A0%3A1579&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=332&cd=0&ah=332&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=144849%3A167087%3A5813719%3Aundefined&bo=undefined&bd=undefined&gw=revcontentdisplay556968265165&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195926&na=1594535563&cs=0
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:03 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 10 Jan 2022 15:36:03 GMT
embed.vendors~loaders.video.VideoPlayerDefaultUI~ondemand.TimelineList~ondemand.TimelineProfile.76ffc25d7d9a47518d9e.js
platform.twitter.com/embed/ Frame D222 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~loaders.video.VideoPlayerDefaultUI~ondemand.TimelineList~ondemand.TimelineProfile.76ffc25d7d9a47518d9e.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.f00b23f12ac431a9b357.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE8) /
Resource Hash
15f8609c966aff96efa6c3a73e544369d2f8a2cf4b9745f162d69e06d6b04fdc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479540381872271362&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Dec 2021 20:09:13 GMT
Server
ECS (mil/6CE8)
Age
2747380
Etag
"868df4c288787d10cbada34cd96f8f47+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
4315
embed.vendors~loaders.video.VideoPlayerDefaultUI.5458c5c770eef67eb3ab.js
platform.twitter.com/embed/ Frame D222 		133 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~loaders.video.VideoPlayerDefaultUI.5458c5c770eef67eb3ab.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.f00b23f12ac431a9b357.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF3) /
Resource Hash
cdc269f3acfe8628f8868a3c59f97084877f263578b117e90e93ffd62518764a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479540381872271362&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Dec 2021 20:09:13 GMT
Server
ECS (mil/6CF3)
Age
2747380
Etag
"7771f4049b876e9a4b19aeeb3471b8b9+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
33635
embed.vendors~loaders.video.PlayerHls14.b0e4c84535fccb8c9d69.js
platform.twitter.com/embed/ Frame D222 		252 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.b0e4c84535fccb8c9d69.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.f00b23f12ac431a9b357.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE5) /
Resource Hash
1a4a46833ab1e9eebecf51246819e76342de29b3a0f96da7558d13d8539c0cd8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479540381872271362&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Dec 2021 20:09:13 GMT
Server
ECS (mil/6CE5)
Age
2747381
Etag
"9a59351a588a22676d3f57277b3d4489+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
75321
QfCTCjEanEgjlkU2.jpg
pbs.twimg.com/ext_tw_video_thumb/1479539965461626881/pu/img/ Frame D222 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/ext_tw_video_thumb/1479539965461626881/pu/img/QfCTCjEanEgjlkU2.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CEF) /
Resource Hash
f6cfaf3fd482204c13251e3e85a47b078726e23d10e6ef7d7957a64ae69fcc0b
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
x-content-type-options
nosniff
age
244072
x-cache
HIT
content-length
91943
x-response-time
289
surrogate-key
ext_tw_video_thumb ext_tw_video_thumb/bucket/2 ext_tw_video_thumb/1479539965461626881
last-modified
Fri, 07 Jan 2022 19:44:30 GMT
server
ECS (mil/6CEF)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
7eeedd3b312cb6bf36b83ec0822874a70425d939529249f4479f7cbe0adfb047
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
cmp
spl.zeotap.com/ Frame 24DC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6cb6fa8c4f4b59d1-MXP
vbl.gif
pre.glotgrx.com/ Frame 6BB4 		26 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1641828963393&rnd=lprgiopsj0ia&ifm=1&uai=1&cid=1041&s=crooksandliars.com&p=undefined&x=&adtg=&ats=0&atf=&nsi=&si=&nci=&nai=&pft=0&iip=0&adb=1&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=&idl=&ttduid=&id5=&emh=
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:76c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
cf-cache-status
HIT
last-modified
Sun, 09 Jan 2022 14:19:57 GMT
server
cloudflare
age
1708
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6cb6fa8dbfc03752-MXP
content-length
26
expires
Mon, 10 Jan 2022 17:36:03 GMT
nflrc.gif
pre.glotgrx.com/ Frame 6BB4 		26 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1641828963370667&ver=1.2r81&qid=83233313f553333313f513430313&p=undefined&s=crooksandliars.com&x=&cid=1041&od1=&od2=&adtg=&nci=&nai=&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=lprgiopsj0ia&impid=&idl=&ttduid=&id5=&emh=&tps=2&ver1=2.2.3&1=8bc4b1d79e408f99c0da59b34ff29ffd&2=0.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%220%22%3A%22Chrome%2520PDF%2520Plugin%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520mhjfbmdgcfjbbpaeojofohoefgiehjai%2520-%2520fl_br%22%2C%222%22%3A%22Native%2520Client%2520-%2520%2520-%2520internal-nacl-plugin%2520-%2520fl_br%22%7D%7D&6=3&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=1041&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=1&icpl=31&icp=https%253A//crooksandliars.com/&irfl=31&irf=https%253A//crooksandliars.com/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-28-p-fl-9-s-fl-18-x-fl-0-cid-fl-4-od1-fl-0-od2-fl-0-adtg-fl-0-nci-fl-0-nai-fl-0-si-fl-0-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-idl-fl-0-ttduid-fl-0-id5-fl-0-emh-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=1&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=0x0&gpu=Intel%20Iris%20OpenGL%20Engine&ncf=4g_10_undefined_null_0_undefined_false&chua={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}&fli=&flerr=0&trim=&fio=32
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:76c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
cf-cache-status
HIT
last-modified
Sun, 09 Jan 2022 14:19:57 GMT
server
cloudflare
age
4800
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6cb6fa8dbfc33752-MXP
content-length
26
expires
Mon, 10 Jan 2022 17:36:03 GMT
embed.vendors~loaders.video.VideoPlayerDefaultUI~ondemand.TimelineList~ondemand.TimelineProfile.76ffc25d7d9a47518d9e.js
platform.twitter.com/embed/ Frame A41E 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~loaders.video.VideoPlayerDefaultUI~ondemand.TimelineList~ondemand.TimelineProfile.76ffc25d7d9a47518d9e.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.f00b23f12ac431a9b357.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE8) /
Resource Hash
15f8609c966aff96efa6c3a73e544369d2f8a2cf4b9745f162d69e06d6b04fdc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-2&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479436233357119489&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Dec 2021 20:09:13 GMT
Server
ECS (mil/6CE8)
Age
2747380
Etag
"868df4c288787d10cbada34cd96f8f47+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
4315
embed.vendors~loaders.video.VideoPlayerDefaultUI.5458c5c770eef67eb3ab.js
platform.twitter.com/embed/ Frame A41E 		133 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~loaders.video.VideoPlayerDefaultUI.5458c5c770eef67eb3ab.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.f00b23f12ac431a9b357.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF3) /
Resource Hash
cdc269f3acfe8628f8868a3c59f97084877f263578b117e90e93ffd62518764a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-2&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479436233357119489&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Dec 2021 20:09:13 GMT
Server
ECS (mil/6CF3)
Age
2747380
Etag
"7771f4049b876e9a4b19aeeb3471b8b9+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
33635
embed.vendors~loaders.video.PlayerHls14.b0e4c84535fccb8c9d69.js
platform.twitter.com/embed/ Frame A41E 		252 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.b0e4c84535fccb8c9d69.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.f00b23f12ac431a9b357.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CE5) /
Resource Hash
1a4a46833ab1e9eebecf51246819e76342de29b3a0f96da7558d13d8539c0cd8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=NewsHound%20Ellen&dnt=false&embedId=twitter-widget-2&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NwYWNlX2NhcmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1479436233357119489&lang=en&origin=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=4d18422db88527a4373075524b44338770582ea7&siteScreenName=Crooks%20and%20Liars&theme=light&widgetsVersion=9fd78d5%3A1638479056965&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Dec 2021 20:09:13 GMT
Server
ECS (mil/6CE5)
Age
2747381
Etag
"9a59351a588a22676d3f57277b3d4489+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
75321
qnT2NxEJpevgDJqs.jpg
pbs.twimg.com/ext_tw_video_thumb/1479436121222389763/pu/img/ Frame A41E 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/ext_tw_video_thumb/1479436121222389763/pu/img/qnT2NxEJpevgDJqs.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF5) /
Resource Hash
d4bedc56dfbdc79492c1f85a37c069a4e817d6efb7591cd7b87616636c6cbfd9
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:03 GMT
x-content-type-options
nosniff
age
268903
x-cache
HIT
content-length
70313
x-response-time
287
surrogate-key
ext_tw_video_thumb ext_tw_video_thumb/bucket/0 ext_tw_video_thumb/1479436121222389763
last-modified
Fri, 07 Jan 2022 12:51:52 GMT
server
ECS (mil/6CF5)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
d4050915b6396c3e6ec96206bc249055a091db586978892df8caf5b85ea0dd85
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
bid_empty
events.bouncex.net/track.gif/ 		42 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8wBGBbAZKSswH0DOAlhDDgQCbwCsAHAMwAMtA7GmTMADYD2AnijFAjwuANzgcQPNGBgBHAK4w8xMjhCr5UInngBOevQAeANgPS5i5TggF+ykCmDwAjMYAsz6gCZqu47WcvZwwwAgBjGHgAOQBBVhgQDlIKWLQQeTCbLigcKHkUJDgXNI0tCGT4fzQ8LnkwCPh1PDQwh1ACAHMtCmd6ZyZjXWo0joEhACtmlC42eHo0AHcYJEJicnhaU2CRAlX11w9vX0pjJlpdZ2ddeJ2I9dOvd103AKZKIKDKTevQUZ2YBb7aoWAR3CjGFocAhjGx2CBtFzuTw+Py0NxueZhKFjEDAAhiMCEbLweEdWg3cKRMhAA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:02 GMT
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_empty
events.bouncex.net/track.gif/ 		42 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8wBGBbAZKSswH0DOAlhDDgQCbwCsAHAMwAMtA7GmTMADYD2AnijFAjwCUAGYwYZNGBgBHAK4w8xMjhCr5UInngBOevQAelSvWlzFynBAL9lIFMHgBGAGwAWZ9QBM1Xa9pnb1oMMAIAYxh4ADkAQVYYEA5SCji0EHlwmy4oHCh5FCQ4F3SNLQgU+HdvNDwueTBI+HU8NHCHUAIAcy0KZ0ZvV0pndK6BIQArVpQuNngzAHcYJEJicnhaV3oRgDcCVfW3Tx8-SlcmWl1nZ10Evcj188H3XXdApkpvIOdKTdvQMZ7GALQ61CwCB4UFjhDgEcY2OwQDouDxeXz+WjuaptWHjEDAAg7OCEHLwJFdEJse5RMhAA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:02 GMT
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
1
servicer.mgid.com/1105644/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1105644/1?pv=5&cbuster=1641828963442317214431&uniqId=06b83&niet=4g&nisd=false&jsv=es6&w=765&h=492&p3_w=247&p3_h=206&maxw_3=247&maxh_3=206&cols=3&ref=&cxurl=http%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&lu=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&sessionId=61dc5263-02353&pageView=1&pvid=17e44a1d1c79f58bdd9&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/new1.crooksandliars.com.1105644.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
790af3ee5382e0055bf2b561b46957daeeab4c9720a406f8011db7e8d08aefb4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6cb6fa8daa1539f9-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
bid_empty
events.bouncex.net/track.gif/ 		42 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8wBGBbAZKSswH0DOAlhDDgQCbwCsAHAMwAMtA7GmTMADYD2AnijFAjwBZAMYhgaMDACOAVxh5iZHCBVyoRPPACc9egA8AbPqmyFSnBAL8lIFMHgBGIwBYn1AEzUdR2k89PDDACURh4ADkAQVYYEA5SCmi0EDlRay4oHCg5FCQ4ZxT1TQhE+CNKNDwuOTAw+DU8NHEHEAIAc00KJ0ZPNx0U9oEhACsmlC42eHo0AHcYJEJicnhaEyc0ADcCJZWXdy8fSiMmWh0nJwG2bbCVk77XHVd-JkpPAKdKNYHQIe2YWZ7KrmAS3CjUZocAjDay2CD2Rz7DzeXy0VzPSHQwQSAibOCETLweHtWixG7hMhAA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:03 GMT
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_empty
events.bouncex.net/track.gif/ 		42 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8wBGBbAZKSswH0DOAlhDDgQCbwCsAHAMwAMtA7GmTMADYD2AnijFAjwuANzgcQPNGBgBHAK4w8xMjhCr5UInngjyMLtLmLlOCAX7KQKYPACMANgAsd6gCZqATge07b+hhgBADGMPAAcgCCrDAgHKQUUWgg8sHmXFA4UPIoSHD2yRpaEAlUAXhc8mCh8Op4aMHWoAQA5loUdvR2TA6e1MktAkIAVvUoXGzwAQDuMEiExOTwtA5daHoLS44u7l6UDky0nnZ2njF6oUsHbs6eTr5MlG5+dpQrZ6CDejDTW2h4xgElwoZ2CHAIQ3MlggTXszlcHm8tCcTgcDXBQxAwAIYjAhAy8BhLVo5xCYTIQA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:03 GMT
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_empty
events.bouncex.net/track.gif/ 		42 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8wBGBbAZKSswH0DOAlhDDgQCbwCsAHAMwAMtA7GmTMADYD2AnijFAjwCUAGYwYZNGBgBHAK4w8xMjhCr5UInngBOevQAeANgPS5i5TggF+ykCmDwAjMYAsz6gCZqu47WcvNwwwAgBjGHgAOQBBVhgQDlIKWLQQeTCbLigcKHkUJDgXNI0tCGT4dzQ8LnkwCPh1PDQwh1ACAHMtCmdGL2NKZzSOgSEAK2aULjZ4ejQAdxgkQmJyeFpTIYA3AhW11w9vX0pjJlpdZ2ddeJ2ItdP+t103AKZKL0DnSg3r0BGdmDzfbVCwCO49OZhDgEUY2OwQNoudyeHx+WhuNwsKEwwQgYAELZwQjZeAIjq0G7hSJkIA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:02 GMT
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_empty
events.bouncex.net/track.gif/ 		42 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8wBGBbAZKSswH0DOAlhDDgQCbwCsAHAMwAMtA7GmTMADYD2AnijFAjwBZAMYhgaMDACOAVxh5iZHCBVyoRPPACc9egA9KlelNkKlOCAX5KQKYPACMANgAsT6gCZqOl7ScvJwwwAlEYeAA5AEFWGBAOUgoYtBA5UWsuKBwoORQkOGdU9U0IJOcWPC45MHD4NTw0cQcQAgBzTQonRi93HVS2gSEAK0aULjZ4UwB3GCRCYnJ4Whd6YIA3AgWl1w9vX0oXJlodJyd+tk3wpaPetx03AKZKIKDKFf7QQc2YaZ20PDmATXLrBUQcAhDay2CD2Ry7Tw+Py0NxuahNCFDCQEdZwQhZeCwtq0OJXCJkIA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:03 GMT
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_empty
events.bouncex.net/track.gif/ 		42 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8wBGBbAZKSswH0DOAlhDDgQCbwCsAHAMwAMtA7GmTMADYD2AnijFAjwCUAGYwYZNGBgBHAK4w8xMjhCr5UInngA3cjC7S5i5TggF+ykCmDwAjADYALPeoAmagE5Hte++cMMAIAYxh4ADkAQVYYEA5SCmi0EHkQiy4oHCh5FCQ4BxSNLQhEqns0PC55MDD4dTw0EJtQAgBzLQp7RndHSgqQNoEhACtGlC42eHo0AHcYJEJicnhaR3oK-SWVp1cPb0pHJlove3svWP0wlaPe5y9nPyZKd397SjWL0CH9GFmdyomATXLruJocAjDCxWCAtBwuNyeHy0Zz3cGQwQgYAEXRwQiZeCwtq0S6hcJkIA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:03 GMT
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_empty
events.bouncex.net/track.gif/ 		42 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8wBGBbAZKSswH0DOAlhDDgQCbwCsAHAMwAMtA7GmTMADYD2AnijFAjwBZAMYhgaMDACOAVxh5iZHCBVyoRPPABu5GFymyFSnBAL8lIFMHgBGAGwAWO9QBM1AJwPadt24wwAlEYeAA5AEFWGBAOUgpItBA5UXMuKBwoORQkOHsk9U0IeKpaNDwuOTAQ+DU8NHEbEAIAc00KO0Y3Z08kloEhACt6lC42eHo0AHcYJEJicnhaB3o7ND15xccXdy9KByZaTzs7XrY9EMWD7qdPJ18mSjc-O0pl3tB+vRgprfLjASXDplUQcAgDcyWCDWWzbVweby0Jy3BpggYSAg6OCEdLwaEtMrnYKhMhAA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:03 GMT
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_empty
events.bouncex.net/track.gif/ 		42 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8wBGBbAZKSswH0DOAlhDDgQCbwCsAHAMwAMtA7GmTMADYD2AnijFAjwBZAMYhgaMDACOAVxh5iZHCBVyoRPPACcTegA8ATJXpTZCpTggF+SkCmDwAjADYALM+pHqO17WcjWgwwAlEYeAA5AEFWGBAOUgoYtBA5URsuKBwoORQkOBdU9U0IJPhaajQ8LjkwcPg1PDRxRxACAHNNCmdGIw8dVI6BIQArZpQuNngzAHcYJEJicgrXemc0ADcCJZW3T29fSlcmWh1nZ0G2bfCVk-73HXcApkojQOdKWldB0GHtmCzPbVCwCW49dwtDgEEY2OwQBxOfZeHx+WjuSgbUTQkYSAibOCELLwBEdYLXMIRMhAA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:02 GMT
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_empty
events.bouncex.net/track.gif/ 		42 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8BLKATGAPAZKSswH0BnRCGfRFeAZgA4AmOgFkczBgEcBXGQifCRAFseEEIODwAjADZGk+jQCc0qpPmZCAe05gAxjHggUhTLrGhEAcygUpABkkB2aYpqYQlmFAjwAVicFNNHg7TAB3GAAjYlJbKmkHTAA3RBjbGTkFRQBWaUcqRTVFTDQU-Vs8ullFRlVHbLpJRuz44tBPFJgw9I0Obihyykls0wAbRC8IAWFecylZeTolFUYGsYnvEGBEJLhiTSh4UUsqEpgygxQgA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:03 GMT
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_empty
events.bouncex.net/track.gif/ 		42 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8BLKATGAPAZKSswH0BnRCGfRFeAZgA4AmOgFkczBgEcBXGQifCRAFseEEIODwAjADZGk+jQCc0qpMmLMhAPacwAYxjwQKQpj1jQiAOZQKUgAxU6sjSCswoEeACtTgrWjw9pgA7jAARsSkdlTS9pKYAG6IUXYycgqKAKzSAOxUimoaaMkGdnnOjIqMqrlZdJINWbEaoO7JMCFpmhzcUGWUMmYANogeEALCvBZSsvJ0SiqMWSx6o+MgwIiJcMRaUPCiVlSYJYgG8ChAA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:02 GMT
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_empty
events.bouncex.net/track.gif/ 		42 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8BLKATGAPAZKSswH0BnRCGfRFeAZgA4AmOgFkczBgEcBXGQifCRAFseEEIODwAjADZGk+jQCc0qpMmLMhAPacwAYxjwQKQpj1jQiAOZQKUgAxU60gKyTMIKzCgR4AK1NBLTR4e0wAdxgAI2JSOyppe3cAN0RYuxk5BUUXaQB2KkU1DTRUgzt850ZFRlU8lzpJRpcEjVAvVJhwjM0Obihyykk8swAbRG8IAWFeCylZeTolFUYXFzGJnxBgRGS4Yi0oeFErKkxSxAN4FCA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:03 GMT
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_empty
events.bouncex.net/track.gif/ 		42 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8BLKATGAPAZKSswH0BnRCGfRFeAZgA4AmOgFkczBgEcBXGQifCRAFseEEIODwAjADZGk+jQCc0qpPmZCAe05gAxjHggUhTLrGhEAcygUpABip1ZizCEswoEeACsTgzWjwdpgA7jAARsSktlTSdpKYAG6IUbYycgqKAKzSAOxUimouaMn6tnlOjIqMqrlZdJINWbEuoO7JMCFpGhzcUGWU6roANogeEALCvOZSsvJ0SiqMOaaj4yDAiIlwxJpQ8KKWVJgliPrwKEA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:03 GMT
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_empty
events.bouncex.net/track.gif/ 		42 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8BLKATGAPAZKSswH0BnRCGfRFeAZgA4AmOgFkczBgEcBXGQifCRAFseEEIODwAjADZGk+jQCc0qpLoAGTIQD2nMAGMY8ECkKZ9Y0IgDmUClPVU60gKyTMIazCgR4AKzNBbTR4TQB3GAAjYlJ7Kml1dwA3RBj7GTkFRRdpAHYqRUlJRUw0FMN7POdGRUZVXJc6NUkXeJLQLxSYMPStDm4oCspi8wAbRG8IAWFeSylZeTolFUYXXLGJnxBgRCS4Ym0oeFFrKlKYcqMUIA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:03 GMT
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=&sgs=3&vb=13&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fimages.newsmaxwidget.com%2Fimage%2Ffetch%2Ff_jpg%2Cq_auto%2Ch_150%2Cw_225%2Cc_fill%2Cg_face%3Aauto%2Fpg_1%2Fhttps%3A%2F%2Fmedia.newsmaxwidget.com%2Fcontent%2Fimages%2F616d602687ea18-68788310.jpg&i=REVCONTENT_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-mK3eZQwprWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-tdBeNp%2B61zA1OQ%3D%3D&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=68&w=105&fy=1060&gp=2886.515625&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&id=1&ii=4&f=0&j=&t=1641828958583&de=318595127800&cu=1641828958583&m=730&ar=cc97a930ec1-clean&iw=bdef476&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=2886.515625&lb=8758&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1370%3A1370%3A0%3A1579&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=311&cd=0&ah=311&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=144849%3A167087%3A5856622%3Aundefined&bo=undefined&bd=undefined&gw=revcontentdisplay556968265165&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195926&na=1567405250&cs=0
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:03 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 10 Jan 2022 15:36:03 GMT
bid_empty
events.bouncex.net/track.gif/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8AjAzgdwGSkrMB9ZAlhDLgQCbwCMADAOwBM6YMAjgK4zIS4QEC2nCCD7AqANgAslABz1pATjEBmSpQCs6ZAHs2YAMYx4IMsnR7hoAgHMo5KtUq0x86ehBWYUCPABWpvlpkhtToqDAoRDB2SmIO6ABuBIS8FJSSMnLyamK0SvKq8uhBiQZ2OfSS8hIqtGr0lPVqMYWgHokwqHaUmqwcUKUU9CF6ADYEnhC8AlwW4lKyCsoS0rRmYxMgwATxcIRaUPBCVkpFMCWGZEA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:03 GMT
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
4.js
soapps.net/live/comments/static/ Frame 97A0 		232 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://soapps.net/live/comments/static/4.js
Requested by
Host: soapps.net
URL: https://soapps.net/live/comments/static/app.js?v=0.0.72
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.119.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-119-75.compute-1.amazonaws.com
Software
nginx/1.17.10 /
Resource Hash
420643ecb93acc621299cc1676638c51bae2f11498301a1aa96ed4cd4ec80056
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/live/comments/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&extPageId=173440&contentId=68acbe83-2c92-47e9-b8ad-be33fc593fd4&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=886de358-7f35-4af0-b0c5-495d4ba57907
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:03 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, Origin
Last-Modified
Fri, 17 Dec 2021 18:48:06 GMT
Server
nginx/1.17.10
ETag
W/"3a13d-17dc9b90670"
RequestId
4cbd7093-693e-4ec3-92f9-8ae526867c1c
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=300
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
5.js
soapps.net/live/comments/static/ Frame 97A0 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://soapps.net/live/comments/static/5.js
Requested by
Host: soapps.net
URL: https://soapps.net/live/comments/static/app.js?v=0.0.72
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.119.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-119-75.compute-1.amazonaws.com
Software
nginx/1.17.10 /
Resource Hash
5b03de173c6e0b673d00c0408ef34b0b01ebd58aba228c13cf111bae2149dbd2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/live/comments/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&extPageId=173440&contentId=68acbe83-2c92-47e9-b8ad-be33fc593fd4&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=886de358-7f35-4af0-b0c5-495d4ba57907
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:03 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, Origin
Last-Modified
Fri, 17 Dec 2021 18:48:06 GMT
Server
nginx/1.17.10
ETag
W/"434a-17dc9b90670"
RequestId
1f2c4bc5-5397-48b5-9c9c-f8371ceb9cd7
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=300
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
usync.js
eus.rubiconproject.com/ Frame 4CC7 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d6c1a2f9215ebefb6d1860b25295492273b42b2c9dde336ea04bf0687d020ad6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:03 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=44737
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9702
Expires
Tue, 11 Jan 2022 04:01:40 GMT
bid_empty
events.bouncex.net/track.gif/ 		42 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_empty?wklz=A4QwTgLgdgpmC8BLKATGAPAZKSswH0BnRCGfRFeAZgA4AmOgFkczBgEcBXGQifCRAFseEEIODwAjADZGk+jQCc0qpMkB2TIQD2nMAGMY8ECkKZ9Y0IgDmUClIAMG6YpqYQ1mFAjwAVmcFtNHgHTAB3GAAjYlJ7KmknTAA3RBj7GTkFRQBWaXUqRTVFTDQUw3s8ullFRlV1bLpJRuz44tBPFJgw9K0ObihyykbzABtELwgBYV5LKVl5OiUVRSpNfTGJkGBEJLhibSh4UWsqEpgyoxQgA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:03 GMT
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
jot
syndication.twitter.com/i/ Frame D222 		43 B
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1641828963940%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%229fd78d5%3A1638479056965%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22CrooksandLiars%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22NewsHoundEllen%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%227682a19%3A1641492969721%22%2C%22item_ids%22%3A%5B%221479540381872271362%22%5D%2C%22item_details%22%3A%7B%221479540381872271362%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A5841.099998474121%7D
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
113
pragma
no-cache
last-modified
Mon, 10 Jan 2022 15:36:04 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
822b764e599040dfe6fb65eec88c99a443962becfad9e71aed8f10e94e303c93
x-transaction
61d152152a580353
expires
Tue, 31 Mar 1981 05:00:00 GMT
jot
syndication.twitter.com/i/ Frame AFD7 		43 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1641828963951%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%229fd78d5%3A1638479056965%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-1%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22CrooksandLiars%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22NewsHoundEllen%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%227682a19%3A1641492969721%22%2C%22item_ids%22%3A%5B%221479530205513351170%22%5D%2C%22item_details%22%3A%7B%221479530205513351170%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A5956.299999237061%7D
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
114
pragma
no-cache
last-modified
Mon, 10 Jan 2022 15:36:04 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
822b764e599040dfe6fb65eec88c99a443962becfad9e71aed8f10e94e303c93
x-transaction
460c91150eb85b76
expires
Tue, 31 Mar 1981 05:00:00 GMT
page
soapps.net/live/community/api/ Frame 133D 		46 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&noAccelerate=true&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=8de1105c-5af0-404b-8cd1-59428832380c
Requested by
Host: soapps.net
URL: https://soapps.net/live/loader/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.119.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-119-75.compute-1.amazonaws.com
Software
nginx/1.17.10 /
Resource Hash
d74a21c1ddcf76e1a3f17146847284b109ce428d6fa7a84ada044dcd0d195dd1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

Server
nginx/1.17.10
Date
Mon, 10 Jan 2022 15:36:04 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Origin
RequestId
c67867f7-9639-4998-b453-fbaf014960be
Access-Control-Allow-Credentials
true
ETag
W/"b61f-Tn7EX/DwEN1hOOhd9UKmSBgCUQs"
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Encoding
gzip
Sticky2
glisteningguide.com/v2zda1dQNImv56F35INYSzU6AaBnePe2FCM076CuHhLHTVv9dvq5u5-jrTamfoApqDSgu4-a0A-tUK353/ 		65 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://glisteningguide.com/v2zda1dQNImv56F35INYSzU6AaBnePe2FCM076CuHhLHTVv9dvq5u5-jrTamfoApqDSgu4-a0A-tUK353/Sticky2
Requested by
Host: glisteningguide.com
URL: https://glisteningguide.com/v2svfVFmfR692y-_LnnShhl08-248o3qFh5AJHol-9kA088r9prIfWE8vFc-u44i_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.74.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.74.190.35.bc.googleusercontent.com
Software
/
Resource Hash
17af0a6fc3294f7ecb3811215172ab6e4172f0d221c6c03005eddc5bf6e645c3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://crooksandliars.com/
Origin
https://crooksandliars.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"25c077d06994a89ac6593ef2e7ea6dc6991742375819ef2ae69dc5e95ae133d0"
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
cache-control
private, must-revalidate, max-age=21600
access-control-allow-credentials
true
x-hostname
26187baf
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
date
Mon, 10 Jan 2022 15:36:04 GMT
v2
de.tynt.com/deb/ Frame E15B 		75 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=cDxT_cic0r6OzzaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

cache-control
max-age=86400
expires
Tue, 11 Jan 2022 15:36:04 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Mon, 10 Jan 2022 15:36:03 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
v2
de.tynt.com/deb/ Frame 8E17 		75 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=cxk7hYic0r6OzzaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

cache-control
max-age=86400
expires
Tue, 11 Jan 2022 15:36:04 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Mon, 10 Jan 2022 15:36:04 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
beacon
ap.lijit.com/ Frame CFE8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13412165
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.73.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/

Response headers

Server
nginx
Date
Mon, 10 Jan 2022 15:36:04 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap7ams1
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=&sgs=3&vb=13&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fimages.newsmaxwidget.com%2Fimage%2Ffetch%2Ff_jpg%2Cq_auto%2Ch_150%2Cw_225%2Cc_fill%2Cg_face%3Aauto%2Fpg_1%2Fhttps%3A%2F%2Fmedia.newsmaxwidget.com%2Fcontent%2Fimages%2F615b9f9ab94e13-65559433.jpg&i=REVCONTENT_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-mK3eZQwprWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-tdBeNp%2B61zA1OQ%3D%3D&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=68&w=105&fy=1060&gp=3105.515625&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&id=1&ii=4&f=0&j=&t=1641828958596&de=280257727663&cu=1641828958596&m=728&ar=cc97a930ec1-clean&iw=bdef476&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=3105.515625&lb=8758&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1370%3A1370%3A0%3A1579&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=314&cd=0&ah=314&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=144849%3A167087%3A5763777%3Aundefined&bo=undefined&bd=undefined&gw=revcontentdisplay556968265165&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195926&na=1735945108&cs=0
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:04 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 10 Jan 2022 15:36:04 GMT
jot
syndication.twitter.com/i/ Frame A41E 		43 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1641828964055%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%229fd78d5%3A1638479056965%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-2%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22CrooksandLiars%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22NewsHoundEllen%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%227682a19%3A1641492969721%22%2C%22item_ids%22%3A%5B%221479436233357119489%22%5D%2C%22item_details%22%3A%7B%221479436233357119489%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A6069.299999237061%7D
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
107
pragma
no-cache
last-modified
Mon, 10 Jan 2022 15:36:04 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
822b764e599040dfe6fb65eec88c99a443962becfad9e71aed8f10e94e303c93
x-transaction
d4884a9ab0f4694b
expires
Tue, 31 Mar 1981 05:00:00 GMT
aDgGAun-eGeAnw-r.m3u8
video.twimg.com/ext_tw_video/1479539965461626881/pu/pl/ Frame D222 		642 B
737 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1479539965461626881/pu/pl/aDgGAun-eGeAnw-r.m3u8?tag=12&container=fmp4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.b0e4c84535fccb8c9d69.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C49) /
Resource Hash
35846f57081b1dbfb834d54744933ab04f2679cd1961422cfd9188d499c0d8bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
244062
x-cache
HIT
content-length
301
x-response-time
82
surrogate-key
ext_tw_video ext_tw_video/bucket/2 ext_tw_video/1479539965461626881
last-modified
Fri, 07 Jan 2022 19:44:30 GMT
server
ECAcc (mil/6C49)
vary
Accept-Encoding
x-tw-cdn
VZ, VZ
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
0e83d1829713b130a567ce468fccb8b3a8d8a5bbfedc7ee7067c354d209cdc52
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
sync.php
pixel.rubiconproject.com/exchange/ Frame 4CC7 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776&khaos=KY8UKI0F-Q-BGJM
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6683ee3a8662a9679fcacb9fe223a3f8
Content-Type
image/gif
QfCTCjEanEgjlkU2.jpg
pbs.twimg.com/ext_tw_video_thumb/1479539965461626881/pu/img/ Frame D222 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/ext_tw_video_thumb/1479539965461626881/pu/img/QfCTCjEanEgjlkU2.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CEF) /
Resource Hash
f6cfaf3fd482204c13251e3e85a47b078726e23d10e6ef7d7957a64ae69fcc0b
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:04 GMT
x-content-type-options
nosniff
age
244073
x-cache
HIT
content-length
91943
x-response-time
289
surrogate-key
ext_tw_video_thumb ext_tw_video_thumb/bucket/2 ext_tw_video_thumb/1479539965461626881
last-modified
Fri, 07 Jan 2022 19:44:30 GMT
server
ECS (mil/6CEF)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
7eeedd3b312cb6bf36b83ec0822874a70425d939529249f4479f7cbe0adfb047
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
event
event.instiengage.com/v1/ Frame 97A0 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_commenting-unit-load-v2
Requested by
Host: soapps.net
URL: https://soapps.net/live/comments/static/vendors~app.js?v=0.0.72
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.173.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-173-84.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://soapps.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

access-control-allow-origin
https://soapps.net
date
Mon, 10 Jan 2022 15:36:04 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.instiengage.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_commenting-unit-load-v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.173.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-173-84.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://soapps.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 10 Jan 2022 15:36:04 GMT
content-length
0
vary
Origin
access-control-max-age
3600
access-control-allow-origin
https://soapps.net
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-credentials
true
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=&sgs=3&vb=13&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fimages.newsmaxwidget.com%2Fimage%2Ffetch%2Ff_jpg%2Cq_auto%2Ch_150%2Cw_225%2Cc_fill%2Cg_face%3Aauto%2Fpg_1%2Fhttps%3A%2F%2Fmedia.newsmaxwidget.com%2Fcontent%2Fimages%2F5ee95bbc4a3133-36342159.jpeg&i=REVCONTENT_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-mK3eZQwprWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-tdBeNp%2B61zA1OQ%3D%3D&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=68&w=105&fy=1060&gp=2594.515625&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&id=1&ii=4&f=0&j=&t=1641828958608&de=891387009598&cu=1641828958608&m=722&ar=cc97a930ec1-clean&iw=bdef476&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=2594.515625&lb=8758&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1370%3A1370%3A0%3A1579&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=318&cd=0&ah=318&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=144849%3A167087%3A6589296%3Aundefined&bo=undefined&bd=undefined&gw=revcontentdisplay556968265165&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195926&na=795512979&cs=0
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:04 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 10 Jan 2022 15:36:04 GMT
S3oXOUv-SVoLcUDF.m3u8
video.twimg.com/ext_tw_video/1479436121222389763/pu/pl/ Frame A41E 		640 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1479436121222389763/pu/pl/S3oXOUv-SVoLcUDF.m3u8?tag=12&container=fmp4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.b0e4c84535fccb8c9d69.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CC8) /
Resource Hash
409bec5f9ae32c1c8e12043afad0f0c0ef9c9057dc4cd64e04c6e90e02ad083e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
268897
x-cache
HIT
content-length
301
x-response-time
78
surrogate-key
ext_tw_video ext_tw_video/bucket/0 ext_tw_video/1479436121222389763
last-modified
Fri, 07 Jan 2022 12:51:52 GMT
server
ECAcc (mil/6CC8)
vary
Accept-Encoding
x-tw-cdn
VZ, VZ
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
32f3c45fd70ea26e72ee9b6b77373307db6cab34466553bfa64b53014f198003
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
ptrack
a.audrte.com/ Frame 956D 		368 B
879 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=193.27.14.43&p=M1353665098&artime=2022-01-10T15:36:04.189Z&arlocation=c3luYy5lLXBsYW5uaW5nLm5ldC91c3BkLzEvMmI5ZDM5NWY3OWZkOTdhNT9jdD0xJnJ1aWRtPTEmZHU9aHR0cHMlM0ElMkYlMkZleC5pbmdhZ2UudGVjaCUyRnYxJTJGc3luYyUyRmVwbGFubmluZyUyRjBjZjg3ZWM4LWY2NjktNGJjMC05ZTlkLTYxNjg5OTE0YjMyMCUzRnVpZCUzRCUyNFVJRA==&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=Y3Jvb2tzYW5kbGlhcnMuY29tLw==
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.222.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-222-206.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
8c9491df289fd37795d7cc1038afc56611023961184d8c095837adb593a5aa14

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:04 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://sync.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
264
qnT2NxEJpevgDJqs.jpg
pbs.twimg.com/ext_tw_video_thumb/1479436121222389763/pu/img/ Frame A41E 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/ext_tw_video_thumb/1479436121222389763/pu/img/qnT2NxEJpevgDJqs.jpg
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.29715ca2e27538cc4c88.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF5) /
Resource Hash
d4bedc56dfbdc79492c1f85a37c069a4e817d6efb7591cd7b87616636c6cbfd9
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:04 GMT
x-content-type-options
nosniff
age
268904
x-cache
HIT
content-length
70313
x-response-time
287
surrogate-key
ext_tw_video_thumb ext_tw_video_thumb/bucket/0 ext_tw_video_thumb/1479436121222389763
last-modified
Fri, 07 Jan 2022 12:51:52 GMT
server
ECS (mil/6CF5)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
d4050915b6396c3e6ec96206bc249055a091db586978892df8caf5b85ea0dd85
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=&sgs=3&vb=13&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fimages.newsmaxwidget.com%2Fimage%2Ffetch%2Ff_jpg%2Cq_auto%2Ch_150%2Cw_225%2Cc_fill%2Cg_face%3Aauto%2Fpg_1%2Fhttps%3A%2F%2Fmedia.newsmaxwidget.com%2Fcontent%2Fimages%2F61bef83e4d7a69-15702349.jpg&i=REVCONTENT_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-mK3eZQwprWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-tdBeNp%2B61zA1OQ%3D%3D&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=68&w=105&fy=1060&gp=2813.515625&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&id=1&ii=4&f=0&j=&t=1641828958616&de=386977822700&cu=1641828958616&m=719&ar=cc97a930ec1-clean&iw=bdef476&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=2813.515625&lb=8758&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1370%3A1370%3A0%3A1579&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=322&cd=0&ah=322&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=144849%3A167087%3A6489770%3Aundefined&bo=undefined&bd=undefined&gw=revcontentdisplay556968265165&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195926&na=45610236&cs=0
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:04 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 10 Jan 2022 15:36:04 GMT
truncated
/ Frame 97A0 		942 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04b23695c5196ff9c1a5049ce1bddc19645a6403e1f94a68427ea893e460cf90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 97A0 		863 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
39c8be8e8b2b7895d4da7ed4e0fa4d89cd8e200dbb5ee886bbb7d34fb90f4f46

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 97A0 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
573f0be502559eb5ef349ede1ac802407cd2228da8e136ab2cce5d86b9d20f6e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 97A0 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e82f7358ecdf8b9b7bd1ba09b899071aa026dd07192dee4bb1c3ad9c29b1cfd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 97A0 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4663fbcb6ece2376df5b0057eb81ef062d13997e5c556146e3eb2b0d918044f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 97A0 		855 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3da7daeb348e147594792a28e2766e204d3123c4dc79432c78fe654dcb26ced8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 97A0 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c4e31fe511dbace58d8919d22f8abcfa241e19d85a32f473af8c2633795d0cff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
css2
fonts.googleapis.com/ Frame 133D 		4 KB
510 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;600;700&display=block
Requested by
Host: soapps.net
URL: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&noAccelerate=true&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=8de1105c-5af0-404b-8cd1-59428832380c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8eb55a5a836670be78c05907572caf0901b0f7f627f4af90e3949eec45a0cd76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://soapps.net/
Origin
https://soapps.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 15:25:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 10 Jan 2022 15:36:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Jan 2022 15:36:04 GMT
vendor.dll.js
soapps.net/live/vendor/ Frame 133D 		636 KB
210 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://soapps.net/live/vendor/vendor.dll.js?v=^3.0.0
Requested by
Host: soapps.net
URL: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&noAccelerate=true&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=8de1105c-5af0-404b-8cd1-59428832380c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.119.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-119-75.compute-1.amazonaws.com
Software
nginx/1.17.10 /
Resource Hash
ba285a6c4b8006b2d95e1ebd8e05f1b53030179ef2ec02fdf349a4caff7d8938
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&noAccelerate=true&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=8de1105c-5af0-404b-8cd1-59428832380c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:04 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Wed, 17 Nov 2021 08:29:51 GMT
Server
nginx/1.17.10
ETag
W/"6194bd7f-9ee9c"
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Type
application/javascript
Cache-Control
public, max-age=300
Transfer-Encoding
chunked
Connection
keep-alive
app.js
soapps.net/live/community/static/ Frame 133D 		1 MB
358 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://soapps.net/live/community/static/app.js?v=0.0.42
Requested by
Host: soapps.net
URL: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&noAccelerate=true&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=8de1105c-5af0-404b-8cd1-59428832380c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.119.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-119-75.compute-1.amazonaws.com
Software
nginx/1.17.10 /
Resource Hash
80a54b365af151b67e637a67cd7b1cf388653aa8971669380da749442c69cfa9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&noAccelerate=true&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=8de1105c-5af0-404b-8cd1-59428832380c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:04 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, Origin
Last-Modified
Tue, 14 Dec 2021 15:43:01 GMT
Server
nginx/1.17.10
ETag
W/"14f5d2-17db99c7f88"
RequestId
03059d30-9e94-46df-ad7f-6d6ccd67722d
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=300
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
css2
fonts.googleapis.com/ Frame 133D 		4 KB
510 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;600;700&display=block
Requested by
Host: soapps.net
URL: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&noAccelerate=true&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=8de1105c-5af0-404b-8cd1-59428832380c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8eb55a5a836670be78c05907572caf0901b0f7f627f4af90e3949eec45a0cd76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 14:35:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 10 Jan 2022 15:36:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 10 Jan 2022 15:36:04 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMTAxOTI0LzM0NDEyOTg1Y2NjOTY3YmUzZTA3MDBkZDBlZWMwNjcxLmpwZWc.webp
s-img.mgid.com/g/3805634/492x277/0x32x594x396/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805634/492x277/0x32x594x396/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMTAxOTI0LzM0NDEyOTg1Y2NjOTY3YmUzZTA3MDBkZDBlZWMwNjcxLmpwZWc.webp?v=1641828963-9-GI9yTHnnqCKBBh7dqLwcVL_PM-5t_2SYqdn7_DduY
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0c1f37aea0070615b1a788c82137a9a844508960217eee3990e77fe1498e6d5

Request headers

Referer
https://crooksandliars.com/
Origin
https://crooksandliars.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:04 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:52:25 GMT
x-mg-request-uuid
458ced61-137d-45c9-899f-e1a6affe259d
age
155419
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6cb6fa932c3c2b22-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13750
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMTYyZTc0MTIxMTA5ZjNkY...
s-img.mgid.com/g/11533333/492x277/-/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533333/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvMTYyZTc0MTIxMTA5ZjNkYzY4NDc4ZjNhODk2NDE3YjIuanBlZw.webp?v=1641828963-wXXAdIXKi1gnRiFQnKkSpN9Ps5PM1Z7wbMORI8Sx0k4
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0cb3f2818e372b9be6fcb696542290272c717b16979e023cee991ac56889d62

Request headers

Referer
https://crooksandliars.com/
Origin
https://crooksandliars.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:04 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 12:24:15 GMT
x-mg-request-uuid
4bb4f08b-4068-40c4-93fd-dc62407ffe76
age
126456
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6cb6fa932c3e2b22-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10612
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDctMDQvMTAxOTI0L2Q5ZThkNjdhM2I4MmMyMmI4Zjc3ZTg5MDczMWQwOTZmLmpwZWc_dD0xNTMwNzIwODE4MzE5.webp
s-img.mgid.com/g/8193534/492x277/0x124x788x525/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193534/492x277/0x124x788x525/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDctMDQvMTAxOTI0L2Q5ZThkNjdhM2I4MmMyMmI4Zjc3ZTg5MDczMWQwOTZmLmpwZWc_dD0xNTMwNzIwODE4MzE5.webp?v=1641828963-nEfqUTXcHDxyqxGE7QA9mcoD4CyjeHaF3-bBF79EbBw
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c5ea15becf5b0063dbf7115a802701a0b96f3d3907608b37732922d235b1420

Request headers

Referer
https://crooksandliars.com/
Origin
https://crooksandliars.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:04 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:41:02 GMT
x-mg-request-uuid
44f4bb8e-03d0-4340-8c13-93780bf789fa
age
6278
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6cb6fa932c412b22-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9302
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzE1MTA5NWJkOGNiNWVmMzhhNzg2OTEwYTdlZWM3MTcwLmpwZWc.webp
s-img.mgid.com/g/4021004/492x277/0x0x535x356/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/4021004/492x277/0x0x535x356/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzE1MTA5NWJkOGNiNWVmMzhhNzg2OTEwYTdlZWM3MTcwLmpwZWc.webp?v=1641828963-aXOLorPdPzK-rGTMXdFIjFkrisDIzNmNq-qGSM0DbCo
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
917b81a2558d11812dd8efd03f131c925e7142ee6d262c701c66c3f97450a491

Request headers

Referer
https://crooksandliars.com/
Origin
https://crooksandliars.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:04 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:56:59 GMT
x-mg-request-uuid
6111b499-e386-4b27-8851-dc2d327bf326
age
192182
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6cb6fa932c432b22-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
27010
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0L2JjZDFlYTE3ZTA2ZjEzNzE4NzUwNmJiZDEyZTE4YmU2LmpwZz90PTE0OTgxNjE5MTYwODA.webp
s-img.mgid.com/g/3805607/492x277/0x0x599x399/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805607/492x277/0x0x599x399/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0L2JjZDFlYTE3ZTA2ZjEzNzE4NzUwNmJiZDEyZTE4YmU2LmpwZz90PTE0OTgxNjE5MTYwODA.webp?v=1641828963-nYDGoDubMKQpagcGO3tT6Wetv97iQ3-erKt9zH7H7LI
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2356e61091c8a28c9672a0f7bf0743bbff03d240950c72a714ff3e18b4a8742

Request headers

Referer
https://crooksandliars.com/
Origin
https://crooksandliars.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:04 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 15:56:53 GMT
x-mg-request-uuid
e4c61853-a4ba-48bd-b09a-28e8ad23022e
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6cb6fa932c452b22-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19172
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNS8xMDE5MjQvYzRiNDcyOTA3NGM4MTYyN...
s-img.mgid.com/g/11739834/492x277/-/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739834/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNS8xMDE5MjQvYzRiNDcyOTA3NGM4MTYyNDBhYjIyODE3OTJlNThmZDQuanBlZw.webp?v=1641828963-SXSL-n8xth_DreIHpyX4SuEyS-a4wy8q9rGqaEkj7cE
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7bb77c311cf88e0d0dad0bec5d5bc03e41394f92724a91750d387ba558d9e19

Request headers

Referer
https://crooksandliars.com/
Origin
https://crooksandliars.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:04 GMT
cf-cache-status
MISS
last-modified
Tue, 21 Dec 2021 12:46:41 GMT
x-mg-request-uuid
be5446a8-6464-4007-8c01-ac61b858d034
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6cb6fa932c442b22-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18872
server
cloudflare
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=&sgs=3&vb=13&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fimages.newsmaxwidget.com%2Fimage%2Ffetch%2Ff_jpg%2Cq_auto%2Ch_150%2Cw_225%2Cc_fill%2Cg_face%3Aauto%2Fpg_1%2Fhttps%3A%2F%2Fmedia.newsmaxwidget.com%2Fcontent%2Fimages%2F5ef2c62a778e86-00915583.JPEG&i=REVCONTENT_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-mK3eZQwprWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-tdBeNp%2B61zA1OQ%3D%3D&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=68&w=105&fy=1060&gp=2667.515625&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&id=1&ii=4&f=0&j=&t=1641828958625&de=868605631901&cu=1641828958625&m=716&ar=cc97a930ec1-clean&iw=bdef476&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=2667.515625&lb=8758&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1370%3A1370%3A0%3A1579&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=328&cd=0&ah=328&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=144849%3A167087%3A6584147%3Aundefined&bo=undefined&bd=undefined&gw=revcontentdisplay556968265165&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195926&na=1986383186&cs=0
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:04 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 10 Jan 2022 15:36:04 GMT
event
event.instiengage.com/v1/ Frame 97A0 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_user-browser-v2
Requested by
Host: soapps.net
URL: https://soapps.net/live/comments/static/vendors~app.js?v=0.0.72
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.173.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-173-84.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://soapps.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

access-control-allow-origin
https://soapps.net
date
Mon, 10 Jan 2022 15:36:04 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.instiengage.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_user-browser-v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.173.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-173-84.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://soapps.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 10 Jan 2022 15:36:04 GMT
content-length
0
vary
Origin
access-control-max-age
3600
access-control-allow-origin
https://soapps.net
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-credentials
true
9xrK5OlaaR79GuDa.m3u8
video.twimg.com/ext_tw_video/1479539965461626881/pu/pl/480x270/ Frame D222 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1479539965461626881/pu/pl/480x270/9xrK5OlaaR79GuDa.m3u8?container=fmp4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.b0e4c84535fccb8c9d69.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C88) /
Resource Hash
370e5d6e2600d0d0a3d2f2b54557e1ab8c11578ba82f612b78de467fe270610f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
244061
x-cache
HIT
content-length
1088
x-response-time
78
surrogate-key
ext_tw_video ext_tw_video/bucket/2 ext_tw_video/1479539965461626881
last-modified
Fri, 07 Jan 2022 19:44:30 GMT
server
ECAcc (mil/6C88)
vary
Accept-Encoding
x-tw-cdn
VZ, VZ
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
d3af1aa969b9b7dc50f73f3e2ed21fc0a6dcd88c809c4ba51fed25e66165400d
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
n_t9J8j9opsw1-U4.m3u8
video.twimg.com/ext_tw_video/1479436121222389763/pu/pl/480x270/ Frame A41E 		2 KB
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1479436121222389763/pu/pl/480x270/n_t9J8j9opsw1-U4.m3u8?container=fmp4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.b0e4c84535fccb8c9d69.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C0C) /
Resource Hash
0c6db587745b9b254a14a56e743b8eb428671717b6d2861a4dd4f2cea7bec0da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
268905
x-cache
HIT
content-length
525
x-response-time
80
surrogate-key
ext_tw_video ext_tw_video/bucket/0 ext_tw_video/1479436121222389763
last-modified
Fri, 07 Jan 2022 12:51:52 GMT
server
ECAcc (mil/6C0C)
vary
Accept-Encoding
x-tw-cdn
VZ, VZ
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
51dc58c7451ebce688c382ac2ba38f9539c01bdd8f43d7883758c8beabdc11db
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
truncated
/ Frame 133D 		2 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
Origin
https://soapps.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
font/woff;charset=utf-8
09%20-%20news.svg
static.instiengage.com/avatars/ Frame 133D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/avatars/09%20-%20news.svg
Requested by
Host: soapps.net
URL: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&noAccelerate=true&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=8de1105c-5af0-404b-8cd1-59428832380c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
846339e8fd4f5615b523b1b65423fa2cee96e43d63398c9e2470b4160129723e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
XqkVc.q_y8tl355Mu_y_4xmZ3Y_1.6Ci
content-encoding
br
last-modified
Mon, 22 Nov 2021 12:32:27 GMT
server
AmazonS3
age
347
etag
W/"fa6a0f9148778f98b51cac15665b04d6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
date
Mon, 10 Jan 2022 15:33:28 GMT
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
FPdzQmZunU3Lt49wdxWtCz62k7uhIkSOSlrdO5VcUqydzqwd9Rh_iw==
80712800-287b-11eb-becf-c90379cce595.png
static.instiengage.com/auth-service/profile/5c1dfd30-248d-11eb-ad56-47fe95f71f4a/ Frame 133D 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/auth-service/profile/5c1dfd30-248d-11eb-ad56-47fe95f71f4a/80712800-287b-11eb-becf-c90379cce595.png
Requested by
Host: soapps.net
URL: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&noAccelerate=true&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=8de1105c-5af0-404b-8cd1-59428832380c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f1f421d21e296096c7938237a3164834899e3ea35867e6d2274fd249a9b3c5a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
Q.2JHgY2PuQC9U4N8ZVrGgacQ_c3BdQA
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified
Wed, 17 Nov 2021 10:58:32 GMT
server
AmazonS3
age
2
etag
"4f0d38fecffd295bba75675fe3276413"
x-cache
Hit from cloudfront
content-type
binary/octet-stream
date
Mon, 10 Jan 2022 15:36:03 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
4038
x-amz-cf-id
3QGO6VVA2KKjbNOw1v6ICF2mR4WzyqqB3glSWLtMIbF5-P7idZ2HNQ==
14%20-%20news.svg
static.instiengage.com/avatars/ Frame 133D 		716 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/avatars/14%20-%20news.svg
Requested by
Host: soapps.net
URL: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&noAccelerate=true&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=8de1105c-5af0-404b-8cd1-59428832380c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8745f08ab7e1f2986c6a6c6fe710f5f3289f05d8ea6f5a935630de85fae14db4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
hHllXUgHQFEEC04xX.MbumV.T7pJf7Qp
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified
Mon, 22 Nov 2021 12:30:38 GMT
server
AmazonS3
age
177
etag
"5edc02e2c06cfa93cfe37934c5e0b467"
x-cache
Hit from cloudfront
content-type
image/svg+xml
date
Mon, 10 Jan 2022 15:33:28 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
716
x-amz-cf-id
MK8OT3W5JT0qi9R55ZFnthqjPjqbmFGBsOwKFT5ZAXojpmcXQ5b3qQ==
11%20-%20news.svg
static.instiengage.com/avatars/ Frame 133D 		1 KB
815 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/avatars/11%20-%20news.svg
Requested by
Host: soapps.net
URL: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&noAccelerate=true&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=8de1105c-5af0-404b-8cd1-59428832380c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5de1d1b3bb2946f6e2a697ff3c94d88f9bc4622c34cb7945ff348314fe703c0f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
xnmJ2rz5VDhAlqRIgCZw9EpUcPZryat2
content-encoding
br
last-modified
Mon, 22 Nov 2021 12:31:52 GMT
server
AmazonS3
age
2
etag
W/"74ad127eb7b9e59b496e1afc6c7eba25"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
date
Mon, 10 Jan 2022 15:36:03 GMT
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
oHAf_UmS12Y9LG2jqbnEXqNvT8NRBOPyW_7uR-38jICY8DhS9Hto1w==
07%20-%20news.svg
static.instiengage.com/avatars/ Frame 133D 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/avatars/07%20-%20news.svg
Requested by
Host: soapps.net
URL: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&noAccelerate=true&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=8de1105c-5af0-404b-8cd1-59428832380c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2411c793f521e4b4549af40a97c9ad3bbe3cca8c2013b7f8ffdd5342b89c070c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
2spTMN6c8kzKlEI782YKUOTESYehkh_r
content-encoding
gzip
last-modified
Mon, 22 Nov 2021 12:33:16 GMT
server
AmazonS3
age
162
etag
W/"0e0c98aed0059e039331d19027f90a25"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
date
Mon, 10 Jan 2022 15:33:28 GMT
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
hwmVvt9t82WTgLuMOm_w7zBE6eKklPyJDt3y0DKK6QZnETZgb3sPMg==
e35e7210-e982-11eb-8fdd-f584b6622c59.png
static.instiengage.com/auth-service/profile/a64db9c0-68f5-11eb-95d0-efa1049ae805/ Frame 133D 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/auth-service/profile/a64db9c0-68f5-11eb-95d0-efa1049ae805/e35e7210-e982-11eb-8fdd-f584b6622c59.png
Requested by
Host: soapps.net
URL: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&noAccelerate=true&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=8de1105c-5af0-404b-8cd1-59428832380c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1842981c34db6bebcb18075adba5136cf9c7f9985313cb2ab7990ff85f35da83

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
ITrkX2P6ztnW.Kh2ZQkTbzSaQdlA9Lsi
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified
Wed, 17 Nov 2021 10:40:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
etag
"d1f56f61241873ea5305f3c7f873d1b7"
x-cache
RefreshHit from cloudfront
content-type
binary/octet-stream
date
Mon, 10 Jan 2022 15:36:05 GMT
accept-ranges
bytes
content-length
5984
x-amz-cf-id
_l5REc1g3k_lq-wKQwe2NUGIEW56WIYyecLSX-6Vl6SFYFFHRdRb-A==
1165abb0-2e71-11eb-8e60-23e6b701c42a.png
static.instiengage.com/auth-service/profile/5b1bbb10-22ae-11eb-800c-f7311e111e83/ Frame 133D 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/auth-service/profile/5b1bbb10-22ae-11eb-800c-f7311e111e83/1165abb0-2e71-11eb-8e60-23e6b701c42a.png
Requested by
Host: soapps.net
URL: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&noAccelerate=true&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=8de1105c-5af0-404b-8cd1-59428832380c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
909a289a6071fbbd5c13c9cab985f7bb6b12cf0c9dbcf112b967682d0a5cce7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
JMnc2stAXSEpXv_hD_CZjJjyuwSdfJGj
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified
Wed, 17 Nov 2021 10:25:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
etag
"df17cc98db08fc196b03aa68a6a9e84c"
x-cache
RefreshHit from cloudfront
content-type
binary/octet-stream
date
Mon, 10 Jan 2022 15:36:05 GMT
accept-ranges
bytes
content-length
22508
x-amz-cf-id
t_uctu03dBs8KqoIywrEysKvpfoejTKiD6Qy7El6L2vrEq_SZ9WdYQ==
d5a898d0-244d-11eb-9e16-0f1a136a7a50.png
static.instiengage.com/auth-service/profile/704e2100-2301-11eb-9e16-0f1a136a7a50/ Frame 133D 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/auth-service/profile/704e2100-2301-11eb-9e16-0f1a136a7a50/d5a898d0-244d-11eb-9e16-0f1a136a7a50.png
Requested by
Host: soapps.net
URL: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&noAccelerate=true&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=8de1105c-5af0-404b-8cd1-59428832380c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
af4656ff22c9e73a1c4cb5dfd6cbd7a725c1bebb06b8817bd09c7c2ecc91650d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
Xm51_9hG6CZZLRcnis5xjEWQpeLk70x6
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified
Wed, 17 Nov 2021 10:23:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
etag
"83520386a36f88ecbe83df910c9da1c6"
x-cache
RefreshHit from cloudfront
content-type
binary/octet-stream
date
Mon, 10 Jan 2022 15:36:05 GMT
accept-ranges
bytes
content-length
23805
x-amz-cf-id
pvzHt5alr-yY5zISoPJ2LWcgMdIPIOIshFpxa0CtkKv6-kebJ3lQpQ==
06%20-%20news.svg
static.instiengage.com/avatars/ Frame 133D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/avatars/06%20-%20news.svg
Requested by
Host: soapps.net
URL: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&noAccelerate=true&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=8de1105c-5af0-404b-8cd1-59428832380c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2caed79550c84018f7884125fd3e77e1ee5d2391383365be65f3bd7e2b0f4763

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
Y61nnOy4wQ1ZIPnR_jqAx_AHrnyXokLM
content-encoding
gzip
last-modified
Mon, 22 Nov 2021 12:33:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
etag
W/"fb23e15d0c6048019f19d51942214c13"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
date
Mon, 10 Jan 2022 15:36:04 GMT
x-amz-cf-id
nJUNkwr3lgZtOgZsenp_DUZL_FBucgilHvg1CIjh54PdebhcMmhHMg==
03%20-%20news.svg
static.instiengage.com/avatars/ Frame 133D 		924 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/avatars/03%20-%20news.svg
Requested by
Host: soapps.net
URL: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&noAccelerate=true&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=8de1105c-5af0-404b-8cd1-59428832380c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21f6baf6f437f5ae0d94897041095becbd1c836b75f5111bd2c2c620f8a4d6b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
NNTj86SoTtyqYsdKW5yDcXOqVWsJQQHe
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified
Mon, 22 Nov 2021 12:34:44 GMT
server
AmazonS3
age
146
etag
"29cec791822c1b59d513bc9a5a0c0e85"
x-cache
Hit from cloudfront
content-type
image/svg+xml
date
Mon, 10 Jan 2022 15:33:40 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
924
x-amz-cf-id
BKcYTwY1GJmx-J1-cC4CfxNN9zNiMvQK4DISApxPewpoQxkYbJT4WA==
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v13/ Frame 133D 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v13/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;600;700&display=block
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://soapps.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 13:26:13 GMT
x-content-type-options
nosniff
age
266991
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48480
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:05:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 07 Jan 2023 13:26:13 GMT
MywwMTFkMzA4NmE2MTc
images.getadmiral.com/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.getadmiral.com/MywwMTFkMzA4NmE2MTc
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:4466 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5074fade910f40c6d3d087a1ec63ff87eabf176ef237e406657ba7a3600412fc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:04 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9192
server
cloudflare
x-datacenter
gce-europe-west1
etag
"8d99e6dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2F4GmEgjCG3xM7lNop6M%2BJNtimjy1Of4%2Bqsxxeg6mOfop%2FFL%2FRfleUbEEh50xNDWRV96sUR3yzq3jDkslTYP4lcjnGGuOzn6xxDPdsCGsJxtlNlhNGOUOGyfhQe%2BmAKXpLDTQBPg4q3mi79Dg7hJX01lxzM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
private, must-revalidate, max-age=300
x-hostname
felicia
cf-ray
6cb6fa93fac77a49-DUS
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=&sgs=3&vb=13&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fimages.newsmaxwidget.com%2Fimage%2Ffetch%2Ff_jpg%2Cq_auto%2Ch_150%2Cw_225%2Cc_fill%2Cg_face%3Aauto%2Fpg_1%2Fhttps%3A%2F%2Fmedia.newsmaxwidget.com%2Fcontent%2Fimages%2F61d4ed63cf7d23-29507566.jpg&i=REVCONTENT_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-mK3eZQwprWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-tdBeNp%2B61zA1OQ%3D%3D&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=68&w=105&fy=1060&gp=2740.515625&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&id=1&ii=4&f=0&j=&t=1641828958633&de=744470761490&cu=1641828958633&m=726&ar=cc97a930ec1-clean&iw=bdef476&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=2740.515625&lb=8758&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1370%3A1370%3A0%3A1579&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=345&cd=0&ah=345&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=144849%3A167087%3A6501932%3Aundefined&bo=undefined&bd=undefined&gw=revcontentdisplay556968265165&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195926&na=65095969&cs=0
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:04 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 10 Jan 2022 15:36:04 GMT
nSKEhCOi82iAnXNm.mp4
video.twimg.com/ext_tw_video/1479539965461626881/pu/vid/0/0/480x270/ Frame D222 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1479539965461626881/pu/vid/0/0/480x270/nSKEhCOi82iAnXNm.mp4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.b0e4c84535fccb8c9d69.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CD6) /
Resource Hash
9896a3293f2ce6362746377e61d7e83fd04fc6602af098f64ec4d4dacb0657ad
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:04 GMT
x-content-type-options
nosniff
age
244062
x-cache
HIT
content-length
1130
x-response-time
87
surrogate-key
ext_tw_video ext_tw_video/bucket/2 ext_tw_video/1479539965461626881
last-modified
Fri, 07 Jan 2022 19:44:30 GMT
server
ECAcc (mil/6CD6)
x-tw-cdn
VZ, VZ
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
e2d905e7cafcbf5fb90dbc38745ff65789c872b6381fcfd6d986ac867f62fdee
accept-ranges
bytes
NUR3gboDI7hTFZtx.mp4
video.twimg.com/ext_tw_video/1479436121222389763/pu/vid/0/0/480x270/ Frame A41E 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1479436121222389763/pu/vid/0/0/480x270/NUR3gboDI7hTFZtx.mp4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.b0e4c84535fccb8c9d69.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C8F) /
Resource Hash
1716e458428b65fa6208522eba0fe7971a103ce88e9063126941dec741fd0163
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:04 GMT
x-content-type-options
nosniff
age
268904
x-cache
HIT
content-length
1130
x-response-time
86
surrogate-key
ext_tw_video ext_tw_video/bucket/0 ext_tw_video/1479436121222389763
last-modified
Fri, 07 Jan 2022 12:51:52 GMT
server
ECAcc (mil/6C8F)
x-tw-cdn
VZ, VZ
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
61a9377c3310ba5031ab7bdd980c36b0c06f08e2d435d74146ba1899ecbcbf20
accept-ranges
bytes
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=&sgs=3&vb=13&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fimages.newsmaxwidget.com%2Fimage%2Ffetch%2Ff_jpg%2Cq_auto%2Ch_150%2Cw_225%2Cc_fill%2Cg_face%3Aauto%2Fpg_1%2Fhttps%3A%2F%2Fmedia.newsmaxwidget.com%2Fcontent%2Fimages%2F99bb3d092bf68d1d775a9b786f692710.jpeg&i=REVCONTENT_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-mK3eZQwprWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-tdBeNp%2B61zA1OQ%3D%3D&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=68&w=105&fy=1060&gp=2959.515625&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&id=1&ii=4&f=0&j=&t=1641828958641&de=524359301179&cu=1641828958641&m=727&ar=cc97a930ec1-clean&iw=bdef476&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=2959.515625&lb=8758&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1370%3A1370%3A0%3A1579&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=353&cd=0&ah=353&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=144849%3A167087%3A6589181%3Aundefined&bo=undefined&bd=undefined&gw=revcontentdisplay556968265165&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195926&na=432549434&cs=0
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:04 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 10 Jan 2022 15:36:04 GMT
i.js
cm.mgid.com/ 		0
136 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1641828964456682170474
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/new1.crooksandliars.com.1105644.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6cb6fa93f8a239f9-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cI3DeyFCgd101qEF.m4s
video.twimg.com/ext_tw_video/1479539965461626881/pu/vid/0/3000/480x270/ Frame D222 		55 KB
55 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1479539965461626881/pu/vid/0/3000/480x270/cI3DeyFCgd101qEF.m4s
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.b0e4c84535fccb8c9d69.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CC9) /
Resource Hash
6601e3aee2be03fcc65c194fcc9e492a76b111bd9dddfa87dd9f039c7b9ae655
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:04 GMT
x-content-type-options
nosniff
age
244061
x-cache
HIT
content-length
56206
x-response-time
93
surrogate-key
ext_tw_video ext_tw_video/bucket/2 ext_tw_video/1479539965461626881
last-modified
Fri, 07 Jan 2022 19:44:30 GMT
server
ECAcc (mil/6CC9)
x-tw-cdn
VZ, VZ
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
8c82efafcb8f54c4e006681f3f279118ffbfd5f776c81add907a0a36b58c2fcb
accept-ranges
bytes
i-noref.js
cm.mgid.com/ Frame B0D9 		0
62 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1641828964475167048474
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/new1.crooksandliars.com.1105644.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6cb6fa9408b139f9-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GLWwwUnpUxzKnkAk.m4s
video.twimg.com/ext_tw_video/1479436121222389763/pu/vid/0/3000/480x270/ Frame A41E 		42 KB
42 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1479436121222389763/pu/vid/0/3000/480x270/GLWwwUnpUxzKnkAk.m4s
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.b0e4c84535fccb8c9d69.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C10) /
Resource Hash
6408adda93d4b9b6da67a997e9415fd6b15131db8a8fc290633a42235bcdc8bc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:04 GMT
x-content-type-options
nosniff
age
268904
x-cache
HIT
content-length
42976
x-response-time
87
surrogate-key
ext_tw_video ext_tw_video/bucket/0 ext_tw_video/1479436121222389763
last-modified
Fri, 07 Jan 2022 12:51:52 GMT
server
ECAcc (mil/6C10)
x-tw-cdn
VZ, VZ
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
947d7b2f3cbe740094408a9713a22ea1058e8644af45f82652dcdbb33b8a1772
accept-ranges
bytes
match
ps.eyeota.net/ Frame 956D
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=563268403423191541
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESENkKth2Bg3txDY3SCerEN3A&google_cver=1
  • https://ps.eyeota.net/match?bid=kh51m51&uid=cf9M5H9UE4XSQSWg5jWxc27Ig&gdpr=0&gdpr_consent=
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=kh51m51&uid=cf9M5H9UE4XSQSWg5jWxc27Ig&gdpr=0&gdpr_consent=
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
HTTP/1.1
Server
52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:05 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date
Mon, 10 Jan 2022 15:36:04 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://ps.eyeota.net/match?bid=kh51m51&uid=cf9M5H9UE4XSQSWg5jWxc27Ig&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame 956D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=cf9M5H9UE4XSQSWg5jWxc27Ig&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=cf9M5H9UE4XSQSWg5jWxc27Ig&gdpr=0&gdpr_consent=&google_gid=CAESENkKth2Bg3txDY3SCerEN3A&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
HTTP/1.1
Server
3.225.222.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-222-206.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:04 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 10 Jan 2022 15:36:04 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame 956D 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=cf9M5H9UE4XSQSWg5jWxc27Ig&gdpr=0&gdpr_consent=
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:04 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
fF9CT2l1BhAYySL2.m3u8
video.twimg.com/ext_tw_video/1479539965461626881/pu/pl/640x360/ Frame D222 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1479539965461626881/pu/pl/640x360/fF9CT2l1BhAYySL2.m3u8?container=fmp4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.b0e4c84535fccb8c9d69.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CC4) /
Resource Hash
932c66bf18c66b833a7ce49f34acab64a28673352241ca7053618fa07f31663c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
244068
x-cache
HIT
content-length
1086
x-response-time
85
surrogate-key
ext_tw_video ext_tw_video/bucket/2 ext_tw_video/1479539965461626881
last-modified
Fri, 07 Jan 2022 19:44:30 GMT
server
ECAcc (mil/6CC4)
vary
Accept-Encoding
x-tw-cdn
VZ, VZ
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
efe9a84291f281d582877e3766971c79d5c6c6418e84093df0586cbd6ed670bf
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
3eIzYyNjbhWAmb4B.m3u8
video.twimg.com/ext_tw_video/1479436121222389763/pu/pl/640x360/ Frame A41E 		2 KB
641 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1479436121222389763/pu/pl/640x360/3eIzYyNjbhWAmb4B.m3u8?container=fmp4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.b0e4c84535fccb8c9d69.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C58) /
Resource Hash
bdb20f234b74de6b619f498caa506ecc2e9e1e39fed98d59c6d0a30ebaa7723c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
268899
x-cache
HIT
content-length
526
x-response-time
77
surrogate-key
ext_tw_video ext_tw_video/bucket/0 ext_tw_video/1479436121222389763
last-modified
Fri, 07 Jan 2022 12:51:52 GMT
server
ECAcc (mil/6C58)
vary
Accept-Encoding
x-tw-cdn
VZ, VZ
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
527f2efa12d8adeac16bec2277cb2227f30e92719b8d24f4a1bef3a759bac83d
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
B91p5UH0BZlAYK3i.mp4
video.twimg.com/ext_tw_video/1479539965461626881/pu/vid/0/0/640x360/ Frame D222 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1479539965461626881/pu/vid/0/0/640x360/B91p5UH0BZlAYK3i.mp4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.b0e4c84535fccb8c9d69.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CB8) /
Resource Hash
8c5e20112f6cd0712afa8d8fcefa232ccf777918fc915e9a9e32b7993b29f430
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:04 GMT
x-content-type-options
nosniff
age
244068
x-cache
HIT
content-length
1131
x-response-time
95
surrogate-key
ext_tw_video ext_tw_video/bucket/2 ext_tw_video/1479539965461626881
last-modified
Fri, 07 Jan 2022 19:44:30 GMT
server
ECAcc (mil/6CB8)
x-tw-cdn
VZ, VZ
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
835ae26abe26d8849c03ead415d503d8d6e29db30bda9b51dd190871ce04b574
accept-ranges
bytes
Th-h93ZHpJ9Q1cnR.mp4
video.twimg.com/ext_tw_video/1479436121222389763/pu/vid/0/0/640x360/ Frame A41E 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1479436121222389763/pu/vid/0/0/640x360/Th-h93ZHpJ9Q1cnR.mp4
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.b0e4c84535fccb8c9d69.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C91) /
Resource Hash
8cd7f685a9830171c88699be19ea24172ecc7c4d78c816bf0b30af06c21c690d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:04 GMT
x-content-type-options
nosniff
age
268898
x-cache
HIT
content-length
1131
x-response-time
83
surrogate-key
ext_tw_video ext_tw_video/bucket/0 ext_tw_video/1479436121222389763
last-modified
Fri, 07 Jan 2022 12:51:52 GMT
server
ECAcc (mil/6C91)
x-tw-cdn
VZ, VZ
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
86f7803aa85d0e2d3d7411730666df5492c8e0ae3b336fc2ce67370a0228ae01
accept-ranges
bytes
kVO6IA7fQF517KGy.m4s
video.twimg.com/ext_tw_video/1479539965461626881/pu/vid/0/3000/640x360/ Frame D222 		140 KB
141 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1479539965461626881/pu/vid/0/3000/640x360/kVO6IA7fQF517KGy.m4s
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.b0e4c84535fccb8c9d69.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C78) /
Resource Hash
9df853e81b2edecdbf0ddbf8e650226d1f698be56e243fa82ba3413f6ef0ca4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:04 GMT
x-content-type-options
nosniff
age
244064
x-cache
HIT
content-length
143722
x-response-time
101
surrogate-key
ext_tw_video ext_tw_video/bucket/2 ext_tw_video/1479539965461626881
last-modified
Fri, 07 Jan 2022 19:44:30 GMT
server
ECAcc (mil/6C78)
x-tw-cdn
VZ, VZ
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
337d0f96787d6766a266234090bff23cb6892965d61452cc2dbcf369d4f7b0a0
accept-ranges
bytes
SCFiMS1qCbUHlTk4.m4s
video.twimg.com/ext_tw_video/1479436121222389763/pu/vid/0/3000/640x360/ Frame A41E 		106 KB
106 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1479436121222389763/pu/vid/0/3000/640x360/SCFiMS1qCbUHlTk4.m4s
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.b0e4c84535fccb8c9d69.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CB0) /
Resource Hash
e95177b92790416765eb4bdd0bb90b724c90e7fd72aa4255be97a3a246383526
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:04 GMT
x-content-type-options
nosniff
age
268897
x-cache
HIT
content-length
108328
x-response-time
87
surrogate-key
ext_tw_video ext_tw_video/bucket/0 ext_tw_video/1479436121222389763
last-modified
Fri, 07 Jan 2022 12:51:52 GMT
server
ECAcc (mil/6CB0)
x-tw-cdn
VZ, VZ
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
5ae33dc73375f686ef89b7a7f5eeb5e8e489ca62de71122b22e736b839623f4b
accept-ranges
bytes
kUmhhifCdpEilFzw.m4s
video.twimg.com/ext_tw_video/1479539965461626881/pu/vid/3000/6000/640x360/ Frame D222 		128 KB
128 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1479539965461626881/pu/vid/3000/6000/640x360/kUmhhifCdpEilFzw.m4s
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.b0e4c84535fccb8c9d69.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C85) /
Resource Hash
802f9d6af32ade3a6f07a782c8fe649c58385c3c85a61dc0507abfc5f211821f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:04 GMT
x-content-type-options
nosniff
age
244063
x-cache
HIT
content-length
131220
x-response-time
92
surrogate-key
ext_tw_video ext_tw_video/bucket/2 ext_tw_video/1479539965461626881
last-modified
Fri, 07 Jan 2022 19:44:30 GMT
server
ECAcc (mil/6C85)
x-tw-cdn
VZ, VZ
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
014de42658370ee500c301462299b55c65e10d83faf6b75bd4e6c8ff13a5e9a7
accept-ranges
bytes
sUys6i3kuIPTXxeT.m4s
video.twimg.com/ext_tw_video/1479436121222389763/pu/vid/3000/6000/640x360/ Frame A41E 		109 KB
109 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1479436121222389763/pu/vid/3000/6000/640x360/sUys6i3kuIPTXxeT.m4s
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.b0e4c84535fccb8c9d69.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CC7) /
Resource Hash
99a6e7e8525e31082d65aec2c452238eeaa7197141314bda490c70fe7c822a5c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:04 GMT
x-content-type-options
nosniff
age
268898
x-cache
HIT
content-length
111276
x-response-time
96
surrogate-key
ext_tw_video ext_tw_video/bucket/0 ext_tw_video/1479436121222389763
last-modified
Fri, 07 Jan 2022 12:51:52 GMT
server
ECAcc (mil/6CC7)
x-tw-cdn
VZ, VZ
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
4c7d9c44af4ad0b0aadb1487c758253265ce8cd88a5a6b0cd71ab9aa9448045f
accept-ranges
bytes
fVEFcDHwCaLlTrhE.m4s
video.twimg.com/ext_tw_video/1479539965461626881/pu/vid/6000/9000/640x360/ Frame D222 		132 KB
132 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1479539965461626881/pu/vid/6000/9000/640x360/fVEFcDHwCaLlTrhE.m4s
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.b0e4c84535fccb8c9d69.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C73) /
Resource Hash
06549935068edb46e3bf860e4435bb850f777fcaf5d24b0b7383130baf3622e0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:04 GMT
x-content-type-options
nosniff
age
244059
x-cache
HIT
content-length
135130
x-response-time
94
surrogate-key
ext_tw_video ext_tw_video/bucket/2 ext_tw_video/1479539965461626881
last-modified
Fri, 07 Jan 2022 19:44:30 GMT
server
ECAcc (mil/6C73)
x-tw-cdn
VZ, VZ
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
bcf5317c8c330118a4f5463f36033341f2c6a82d80b19f63cf132e3c3b574f9f
accept-ranges
bytes
MdqgFENLYsdYcuAX.m4s
video.twimg.com/ext_tw_video/1479436121222389763/pu/vid/6000/9000/640x360/ Frame A41E 		106 KB
106 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1479436121222389763/pu/vid/6000/9000/640x360/MdqgFENLYsdYcuAX.m4s
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.b0e4c84535fccb8c9d69.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C6A) /
Resource Hash
3eb71df93b7cebcdf5b0cfb6e19a5bf76aa0498303b6924a326182f0f5112948
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:04 GMT
x-content-type-options
nosniff
age
268898
x-cache
HIT
content-length
108035
x-response-time
96
surrogate-key
ext_tw_video ext_tw_video/bucket/0 ext_tw_video/1479436121222389763
last-modified
Fri, 07 Jan 2022 12:51:52 GMT
server
ECAcc (mil/6C6A)
x-tw-cdn
VZ, VZ
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
3ca4153679051a9a3ae51f3bf25d2bcf14b3e485aba8265b6e55c3e5e1d143e3
accept-ranges
bytes
SPug
simage4.pubmatic.com/AdServer/ Frame 3B26 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=109126&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:04 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
CFKw4yXkP8MSbeCz.m4s
video.twimg.com/ext_tw_video/1479539965461626881/pu/vid/9000/12000/640x360/ Frame D222 		136 KB
137 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1479539965461626881/pu/vid/9000/12000/640x360/CFKw4yXkP8MSbeCz.m4s
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.b0e4c84535fccb8c9d69.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C72) /
Resource Hash
4f3b9c5ea9ef7455c059addb4e3611cd087b70091fb2bcdb46f8c295334de9a7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:04 GMT
x-content-type-options
nosniff
age
244058
x-cache
HIT
content-length
139685
x-response-time
94
surrogate-key
ext_tw_video ext_tw_video/bucket/2 ext_tw_video/1479539965461626881
last-modified
Fri, 07 Jan 2022 19:44:30 GMT
server
ECAcc (mil/6C72)
x-tw-cdn
VZ, VZ
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
0b9d3fab582eaa4e2ad24d18adfeee81cf26d41779d1cc0f8b42a133036b9793
accept-ranges
bytes
a1606a7095401ac1a237da8deb0eb5b9
static.instiengage.com/comments-service/theadImages/bf354797-2feb-4d2a-ad39-b31b027bc5f3/5f4bb492-957a-4183-a431-a870b117e128/ Frame 133D 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/comments-service/theadImages/bf354797-2feb-4d2a-ad39-b31b027bc5f3/5f4bb492-957a-4183-a431-a870b117e128/a1606a7095401ac1a237da8deb0eb5b9
Requested by
Host: soapps.net
URL: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&noAccelerate=true&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=8de1105c-5af0-404b-8cd1-59428832380c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b424693fcd3201cd4c6b09ec49c7ef431ec826db6b8a3558c55c0e6800312b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
y.cNaurYwhOeTNCGYctUWTA1z4csnJ8t
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified
Sat, 08 Jan 2022 13:00:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
etag
"643de756eb56184c09c7c5ce7aec8109"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
date
Mon, 10 Jan 2022 15:36:06 GMT
accept-ranges
bytes
content-length
29822
x-amz-cf-id
XSNRptf7E1lQoSKFSS3lk4S51uFeWJP_EtXfSeD54E6ONenVz6FP6w==
1af77d69a1005d3d64834ff6d46a4966
static.instiengage.com/comments-service/theadImages/bf354797-2feb-4d2a-ad39-b31b027bc5f3/3958ace2-d5e2-48c7-8afa-9eaa5f0eae47/ Frame 133D 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/comments-service/theadImages/bf354797-2feb-4d2a-ad39-b31b027bc5f3/3958ace2-d5e2-48c7-8afa-9eaa5f0eae47/1af77d69a1005d3d64834ff6d46a4966
Requested by
Host: soapps.net
URL: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&noAccelerate=true&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=8de1105c-5af0-404b-8cd1-59428832380c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
248735377e21aa8464d5b1cd5e3954dd821caf39868f43ef42ccfcff5fe7c096

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
7um.Tl9zajFArnP4eCqXlIo1h3ShAKi6
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified
Wed, 05 Jan 2022 19:43:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
etag
"05510fabe309052dd0b0f70cb7561766"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
date
Mon, 10 Jan 2022 15:36:06 GMT
accept-ranges
bytes
content-length
41519
x-amz-cf-id
wG3K63bjPBYUEKeHLd4hTw-asdfvRd8NQdhWJIxTh1CRICG_iwzPUg==
71dd11a913f21ef85b873419712d197e
static.instiengage.com/comments-service/theadImages/bf354797-2feb-4d2a-ad39-b31b027bc5f3/eae81ded-158e-49ba-891f-5cf5f5b8128e/ Frame 133D 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/comments-service/theadImages/bf354797-2feb-4d2a-ad39-b31b027bc5f3/eae81ded-158e-49ba-891f-5cf5f5b8128e/71dd11a913f21ef85b873419712d197e
Requested by
Host: soapps.net
URL: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&noAccelerate=true&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=8de1105c-5af0-404b-8cd1-59428832380c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
737a3cbde3a00573fbf4f8c5f64861a10cbbed6ddfb6317c8e9b2efc6c38bf7d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
zTuy9f4zrdmCgcgZMZfqyxKU63wxhkBo
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified
Tue, 04 Jan 2022 12:13:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
etag
"18af501c910172896c4090ab91683fb5"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
date
Mon, 10 Jan 2022 15:36:06 GMT
accept-ranges
bytes
content-length
74481
x-amz-cf-id
3F_NsnkHZkFt5yD801Mfr76dv5eKIFB_WV5A0Y-nR6R-ubhF3eEN5g==
422281ad9bb60a82760c7998b12f42df
static.instiengage.com/comments-service/theadImages/bf354797-2feb-4d2a-ad39-b31b027bc5f3/68acbe83-2c92-47e9-b8ad-be33fc593fd4/ Frame 133D 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/comments-service/theadImages/bf354797-2feb-4d2a-ad39-b31b027bc5f3/68acbe83-2c92-47e9-b8ad-be33fc593fd4/422281ad9bb60a82760c7998b12f42df
Requested by
Host: soapps.net
URL: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&noAccelerate=true&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=8de1105c-5af0-404b-8cd1-59428832380c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3b3093330ac587c596accfcb2ce0a5c0eb0ec48be4ef9cd3820ec442db90a57a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
KlrX_5i5tfx4xuDCYdQpz1OYjcsPQCj0
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified
Sat, 08 Jan 2022 19:28:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
etag
"f6181326a2d880df9cb4310b53b36a8a"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
date
Mon, 10 Jan 2022 15:36:06 GMT
accept-ranges
bytes
content-length
46410
x-amz-cf-id
mpBucauAlSLqreWh2mFtnLVXKHUTjKBDA6w49V2XBfyLvtauxvsRnw==
bc70abc35dc2f65d4c0672d5a40ac6c3
static.instiengage.com/comments-service/theadImages/bf354797-2feb-4d2a-ad39-b31b027bc5f3/86884108-72fd-477d-81bc-3c932fec39fd/ Frame 133D 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/comments-service/theadImages/bf354797-2feb-4d2a-ad39-b31b027bc5f3/86884108-72fd-477d-81bc-3c932fec39fd/bc70abc35dc2f65d4c0672d5a40ac6c3
Requested by
Host: soapps.net
URL: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&noAccelerate=true&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=8de1105c-5af0-404b-8cd1-59428832380c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cec138acc9569695becc1075e8fc70edeafe1f2ea124ffdc2ba7e2648f33f292

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
Fx4AoNf9nr701TxjKpZrl995U45hK1zM
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified
Thu, 06 Jan 2022 14:07:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
etag
"bda791316fe105a6905b9f24b263a9ce"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
date
Mon, 10 Jan 2022 15:36:06 GMT
accept-ranges
bytes
content-length
7266
x-amz-cf-id
KpmBKuUXWlVAFUBWbaaY1yPifc5NI5IBDg0PFDY5S3AFsDZaNlB1_Q==
6d287b889c301481decc580e8b36245c
static.instiengage.com/comments-service/theadImages/bf354797-2feb-4d2a-ad39-b31b027bc5f3/e132d05f-fe1f-4acf-8d8f-fe30841e1c25/ Frame 133D 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/comments-service/theadImages/bf354797-2feb-4d2a-ad39-b31b027bc5f3/e132d05f-fe1f-4acf-8d8f-fe30841e1c25/6d287b889c301481decc580e8b36245c
Requested by
Host: soapps.net
URL: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&noAccelerate=true&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=8de1105c-5af0-404b-8cd1-59428832380c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:1200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b5bc6ae7f2e3a467118afe44d22cf308e4950382a2f8514fc4e4775e6137639b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://soapps.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
XOTn0HpBaz.GR0lK03MMtspAxha4Wasg
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified
Thu, 06 Jan 2022 23:07:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
etag
"0d399e65c322f9db770bceb6468f7bec"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
date
Mon, 10 Jan 2022 15:36:06 GMT
accept-ranges
bytes
content-length
49240
x-amz-cf-id
u4gj5tiaMhQEy79WCTXa225xrlCFNN0QlSGXmnyedk5fK8VU4GPyug==
nFJ6E5HK2EE7GLm9.m4s
video.twimg.com/ext_tw_video/1479539965461626881/pu/vid/12000/15000/640x360/ Frame D222 		111 KB
111 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.twimg.com/ext_tw_video/1479539965461626881/pu/vid/12000/15000/640x360/nFJ6E5HK2EE7GLm9.m4s
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.vendors~loaders.video.PlayerHls14.b0e4c84535fccb8c9d69.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1ab3:789:1032:20e3:21 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C7D) /
Resource Hash
c41b05bc76f39b7e6f53985419b24a7894ed8a4cf8cdff3092af03f71477dd04
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:05 GMT
x-content-type-options
nosniff
age
244056
x-cache
HIT
content-length
113206
x-response-time
97
surrogate-key
ext_tw_video ext_tw_video/bucket/2 ext_tw_video/1479539965461626881
last-modified
Fri, 07 Jan 2022 19:44:30 GMT
server
ECAcc (mil/6C7D)
x-tw-cdn
VZ, VZ
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
13309529f45bbe0f7c1a9535383bdd75de5219c53919ea9e1bc9518d2f8f43df
accept-ranges
bytes
/
track.adform.net/serving/unload/ Frame BF17 		35 B
471 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=3448524811635398755@@46688788,4208421284933423379,0|0|0|0|0|0|0|0|0||0|0|1538|0cc23d9d-f966-4b56-bf09-019d554aaea4_1|||1|0|0|wQwJX49vr01X7EYoWZQhUSVlGVigl_BzXnlU2-xEkVh5pawx9imoCckllzAqADQrA7z_uuw_WOM1|||11|0|0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:05 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://crooksandliars.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
rt=ifr
bcp.crwdcntrl.net/5/c=15238/rand=645709340/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20crooksandliars.com/ Frame 3061 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/c=15238/rand=645709340/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20crooksandliars.com/rt=ifr
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-14-23.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
68cbc4442c158a51bf273df0a099fee7a6e98ea0d81cda9256d3052b26f103a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/

Response headers

date
Mon, 10 Jan 2022 15:36:05 GMT
content-type
text/html;charset=utf-8
content-length
1170
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.21.192
access-control-allow-origin
*
server
Jetty(9.4.38.v20210224)
abt
capi.connatix.com/tr/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/abt?v=144775
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.50.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-50-229.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 10 Jan 2022 15:36:05 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
tpid=5cee30e4-3772-42d2-a35e-93162edcdcbd
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 3061
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=869932d30e106d0a3467deb1a3d587eb&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=5cee30e4-3772-42d2-a35e-93162edcdcbd
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=5cee30e4-3772-42d2-a35e-93162edcdcbd
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=645709340/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20crooksandliars.com/rt=ifr
Protocol
H2
Server
52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-14-23.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:05 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.6.119
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=5cee30e4-3772-42d2-a35e-93162edcdcbd
date
Mon, 10 Jan 2022 15:36:05 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
5907
tags.bluekai.com/site/ Frame 3061 		62 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=68ab88f935d2e7f3a174c61a82d57dd5
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=645709340/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20crooksandliars.com/rt=ifr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 15:36:05 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif
tpid=YdxSXgAElBbmSAAm
sync.crwdcntrl.net/map/c=1811/tp=TBMG/ Frame 3061
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YdxSXgAElBbmSAAm
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YdxSXgAElBbmSAAm
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=645709340/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20crooksandliars.com/rt=ifr
Protocol
H2
Server
52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-14-23.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:05 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.8.182
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:05 GMT
via
1.1 varnish
server
Varnish
x-timer
S1641828966.706579,VS0,VE0
x-served-by
cache-cdg20770-CDG
x-cache
HIT
location
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YdxSXgAElBbmSAAm
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
generic
match.adsrvr.org/track/cmf/ Frame 3061 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=645709340/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20crooksandliars.com/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:05 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 3061 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ODY5OTMyZDMwZTEwNmQwYTM0NjdkZWIxYTNkNTg3ZWI
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=645709340/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20crooksandliars.com/rt=ifr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
pixel-sync.sitescout.com/connectors/lotame/ Frame 3061 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=645709340/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20crooksandliars.com/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:05 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
/
track.adform.net/serving/unload/ Frame 6776 		35 B
471 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=563268403423191541@@36796705,1234885806632033869,0|0|0|0|0|0|0|0|0||0|0|1538|a2639f20-e484-4fb8-82d0-00b740dd9a20_1|||1|0|0|Qy3s2enZrfVX7EYoWZQhUYkxA-zmUdaWiyHcO_0wQHnUCRPEIegXPskllzAqADQrA7z_uuw_WOM1|||11|0|0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:05 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://crooksandliars.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
abt
capi.connatix.com/tr/ Frame 3C9B 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/abt?v=144775
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.50.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-50-229.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 10 Jan 2022 15:36:06 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
/
track.adform.net/serving/unload/ Frame F209 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=0@@36796708,7591632961662300773,0|0|0|0|0|0|0|0|0||0|1|1538|dbe303d7-6e86-4731-9317-58bbcc9afbd4_1|||1|0|0|Kyt9C6Z9JSbi5nP9TebYOumn3tQYot-A0|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:06 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
g
capi.connatix.com/rtb/ 		124 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/rtb/g?v=144775
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.50.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-50-229.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
81d9a567b6d4a27c0ede6829ff56307a3522d28394418e31bcaa53eae310c995

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 10 Jan 2022 15:36:06 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
125
metrics
connect-metrics-collector.s-onetag.com/ 		0
73 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://connect-metrics-collector.s-onetag.com/metrics
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.13.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0cb5afe0ce76779e.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 10 Jan 2022 15:36:06 GMT
content-length
0
vary
Origin
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=crooksandliars.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:36:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=crooksandliars.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:36:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 9C9B 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2C1010624%2FCNXORTEST%2F8566&description_url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1359358010970731&cust_params=domains%3Dcrooksandliars.com&ad_type=video&sdkv=h.3.494.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3749406522&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.494.0&sid=17802A2D-DA1A-481F-A706-ED5BE598022E&nel=1&eid=44750604%2C44752657&top=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&loc=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&dlt=1641828954568&idt=3779&dt=1641828966897&cookie=ID%3D3e7e576597cad971%3AT%3D1641828955%3AS%3DALNI_Mb-g-aisSADHlzIcH_gZBftKV8cmg&scor=3554458940161465&ged=ve4_td12_tt10_pd12_la12000_er8156.475.8315.781_vi0.0.1200.1600_vp0_ts8_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
g
capi.connatix.com/rtb/ Frame 3C9B 		468 B
640 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/rtb/g?v=144775
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.50.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-50-229.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
cde656a12f1ed0da35a8dd07f29c366ac443fc6f12239869036f0f776440d08d

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 10 Jan 2022 15:36:06 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
340
integrator.js
adservice.google.com/adsid/ Frame 3C9B 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:36:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame EC1E 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2C1010624%2FCNXORTEST%2F8566&description_url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1359358010970731&cust_params=domains%3Dcrooksandliars.com&ad_type=video&sdkv=h.3.494.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=2575873076&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.494.0&sid=0300AAAF-7E8C-485C-A53A-4E8BD8B605F9&nel=1&eid=44750604&top=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&loc=about%3Ablank&dlt=1641828954740&idt=4432&dt=1641828966982&cookie=ID%3D3e7e576597cad971%3AT%3D1641828955%3AS%3DALNI_Mb-g-aisSADHlzIcH_gZBftKV8cmg&scor=135868956626954&ged=ve4_td12_tt10_pd12_la12000_er1664.502.1823.808_vi0.0.1200.1600_vp0_ts7_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
metrics
signal-metrics-collector-beta.s-onetag.com/ 		0
72 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://signal-metrics-collector-beta.s-onetag.com/metrics
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.13.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0cb5afe0ce76779e.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 10 Jan 2022 15:36:07 GMT
content-length
0
vary
Origin
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=crooksandliars.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:36:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=crooksandliars.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:36:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 8989 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2C1010624%2FCNXORTEST%2F8566&description_url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1359358010970731&cust_params=domains%3Dcrooksandliars.com&ad_type=video&sdkv=h.3.494.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3790153939&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.494.0&sid=8C003BA7-F2EB-4E05-A52C-8024E13FDF4B&nel=1&eid=420706097%2C44750604%2C44750823&top=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&loc=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&dlt=1641828954568&idt=3816&dt=1641828968397&cookie=ID%3D3e7e576597cad971%3AT%3D1641828955%3AS%3DALNI_Mb-g-aisSADHlzIcH_gZBftKV8cmg&scor=1214866460228584&ged=ve4_td13_tt11_pd13_la13000_er8156.475.8315.781_vi0.0.1200.1600_vp0_ts7_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:08 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ Frame 3C9B 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:36:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 5F3B 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2C1010624%2FCNXORTEST%2F8566&description_url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1359358010970731&cust_params=domains%3Dcrooksandliars.com&ad_type=video&sdkv=h.3.494.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=4005993418&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.494.0&sid=F7541C89-DB31-4253-9C98-A0E4DBEB93FD&nel=1&eid=44750604%2C44752657&top=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&loc=about%3Ablank&dlt=1641828954740&idt=4317&dt=1641828968980&cookie=ID%3D3e7e576597cad971%3AT%3D1641828955%3AS%3DALNI_Mb-g-aisSADHlzIcH_gZBftKV8cmg&scor=131926083500669&ged=ve4_td14_tt12_pd14_la14000_er1664.502.1823.808_vi0.0.1200.1600_vp0_ts8_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&pxm=&sgs=3&vb=13&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REVCONTENT_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-mK3eZQwprWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-tdBeNp%2B61zA1OQ%3D%3D&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=68&w=105&fy=1060&gp=3032.515625&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&id=1&ii=4&f=0&j=&t=1641828958508&de=80176946616&cu=1641828958508&m=10835&ar=cc97a930ec1-clean&iw=bdef476&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=3032.515625&lb=13953&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A1370%3A1370%3A0%3A1579&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=2%3A2%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10175&cd=332&ah=10175&am=332&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=144849%3A167087%3A5813719%3Aundefined&bo=undefined&bd=undefined&gw=revcontentdisplay556968265165&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195926&na=797071516&cs=0
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:09 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 10 Jan 2022 15:36:09 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&pxm=&sgs=3&vb=13&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REVCONTENT_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-mK3eZQwprWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-tdBeNp%2B61zA1OQ%3D%3D&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=68&w=105&fy=1060&gp=2886.515625&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&id=1&ii=4&f=0&j=&t=1641828958583&de=318595127800&cu=1641828958583&m=10762&ar=cc97a930ec1-clean&iw=bdef476&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=2886.515625&lb=13953&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A1370%3A1370%3A0%3A1579&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=2%3A2%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10144&cd=311&ah=10144&am=311&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=144849%3A167087%3A5856622%3Aundefined&bo=undefined&bd=undefined&gw=revcontentdisplay556968265165&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195926&na=1330769374&cs=0
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:09 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 10 Jan 2022 15:36:09 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&pxm=&sgs=3&vb=13&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REVCONTENT_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-mK3eZQwprWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-tdBeNp%2B61zA1OQ%3D%3D&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=68&w=105&fy=1060&gp=3105.515625&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&id=1&ii=4&f=0&j=&t=1641828958596&de=280257727663&cu=1641828958596&m=10750&ar=cc97a930ec1-clean&iw=bdef476&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=3105.515625&lb=13953&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A1370%3A1370%3A0%3A1579&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=2%3A2%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10136&cd=314&ah=10136&am=314&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=144849%3A167087%3A5763777%3Aundefined&bo=undefined&bd=undefined&gw=revcontentdisplay556968265165&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195926&na=1260500725&cs=0
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:09 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 10 Jan 2022 15:36:09 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&pxm=&sgs=3&vb=13&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REVCONTENT_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-mK3eZQwprWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-tdBeNp%2B61zA1OQ%3D%3D&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=68&w=105&fy=1060&gp=2594.515625&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&id=1&ii=4&f=0&j=&t=1641828958608&de=891387009598&cu=1641828958608&m=10739&ar=cc97a930ec1-clean&iw=bdef476&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=2594.515625&lb=13953&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A1370%3A1370%3A0%3A1579&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=2%3A2%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10134&cd=318&ah=10134&am=318&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=144849%3A167087%3A6589296%3Aundefined&bo=undefined&bd=undefined&gw=revcontentdisplay556968265165&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195926&na=1688275715&cs=0
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:09 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 10 Jan 2022 15:36:09 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&pxm=&sgs=3&vb=13&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REVCONTENT_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-mK3eZQwprWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-tdBeNp%2B61zA1OQ%3D%3D&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=68&w=105&fy=1060&gp=2813.515625&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&id=1&ii=4&f=0&j=&t=1641828958616&de=386977822700&cu=1641828958616&m=10753&ar=cc97a930ec1-clean&iw=bdef476&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=2813.515625&lb=13953&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A1370%3A1370%3A0%3A1579&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=2%3A2%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10158&cd=322&ah=10158&am=322&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=144849%3A167087%3A6489770%3Aundefined&bo=undefined&bd=undefined&gw=revcontentdisplay556968265165&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195926&na=1128192425&cs=0
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:09 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 10 Jan 2022 15:36:09 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&pxm=&sgs=3&vb=13&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REVCONTENT_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-mK3eZQwprWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-tdBeNp%2B61zA1OQ%3D%3D&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=68&w=105&fy=1060&gp=2667.515625&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&id=1&ii=4&f=0&j=&t=1641828958625&de=868605631901&cu=1641828958625&m=10745&ar=cc97a930ec1-clean&iw=bdef476&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=2667.515625&lb=13953&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A1370%3A1370%3A0%3A1579&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=2%3A2%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10158&cd=328&ah=10158&am=328&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=144849%3A167087%3A6584147%3Aundefined&bo=undefined&bd=undefined&gw=revcontentdisplay556968265165&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195926&na=335971306&cs=0
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:09 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 10 Jan 2022 15:36:09 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&pxm=&sgs=3&vb=13&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REVCONTENT_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-mK3eZQwprWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-tdBeNp%2B61zA1OQ%3D%3D&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=68&w=105&fy=1060&gp=2740.515625&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&id=1&ii=4&f=0&j=&t=1641828958633&de=744470761490&cu=1641828958633&m=10739&ar=cc97a930ec1-clean&iw=bdef476&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=2740.515625&lb=13953&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A1370%3A1370%3A0%3A1579&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=2%3A2%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10159&cd=345&ah=10159&am=345&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=144849%3A167087%3A6501932%3Aundefined&bo=undefined&bd=undefined&gw=revcontentdisplay556968265165&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195926&na=973233680&cs=0
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:09 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 10 Jan 2022 15:36:09 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&pxm=&sgs=3&vb=13&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REVCONTENT_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-mK3eZQwprWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-tdBeNp%2B61zA1OQ%3D%3D&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=68&w=105&fy=1060&gp=2959.515625&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&id=1&ii=4&f=0&j=&t=1641828958641&de=524359301179&cu=1641828958641&m=10732&ar=cc97a930ec1-clean&iw=bdef476&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=2959.515625&lb=13953&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A1370%3A1370%3A0%3A1579&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=2%3A2%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10159&cd=353&ah=10159&am=353&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=144849%3A167087%3A6589181%3Aundefined&bo=undefined&bd=undefined&gw=revcontentdisplay556968265165&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195926&na=757187475&cs=0
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:09 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 10 Jan 2022 15:36:09 GMT
abt
capi.connatix.com/tr/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/abt?v=144775
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.50.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-50-229.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 10 Jan 2022 15:36:09 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
st
capi.connatix.com/tr/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/st?v=144775
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.50.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-50-229.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 10 Jan 2022 15:36:09 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
abt
capi.connatix.com/tr/ Frame 3C9B 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/abt?v=144775
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.50.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-50-229.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 10 Jan 2022 15:36:10 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
st
capi.connatix.com/tr/ Frame 3C9B 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/st?v=144775
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.50.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-50-229.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Mon, 10 Jan 2022 15:36:10 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=crooksandliars.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:36:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=crooksandliars.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:36:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame A657 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2C1010624%2FCNXORTEST%2F8566&description_url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1359358010970731&cust_params=domains%3Dcrooksandliars.com&ad_type=video&sdkv=h.3.494.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=2275327886&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.494.0&sid=E7BA1B30-65FC-4940-AE8C-F6022E62E5B5&nel=1&eid=44750604%2C44750822&top=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&loc=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&dlt=1641828954568&idt=3743&dt=1641828972902&cookie=ID%3D3e7e576597cad971%3AT%3D1641828955%3AS%3DALNI_Mb-g-aisSADHlzIcH_gZBftKV8cmg&scor=3969452568153640&ged=ve4_td18_tt16_pd18_la18000_er8156.475.8315.781_vi0.0.1200.1600_vp0_ts10_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:13 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ Frame 3C9B 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:36:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame B0DE 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2C1010624%2FCNXORTEST%2F8566&description_url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1359358010970731&cust_params=domains%3Dcrooksandliars.com&ad_type=video&sdkv=h.3.494.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=2741841703&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.494.0&sid=ABC5C6E5-ED3C-44B8-97F6-DE2E282980C5&nel=1&eid=44737473%2C44750604%2C44750824&top=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&loc=about%3Ablank&dlt=1641828954740&idt=4359&dt=1641828973478&cookie=ID%3D3e7e576597cad971%3AT%3D1641828955%3AS%3DALNI_Mb-g-aisSADHlzIcH_gZBftKV8cmg&scor=925747541370795&ged=ve4_td18_tt16_pd18_la18000_er1664.502.1823.808_vi0.0.1200.1600_vp0_ts10_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.494.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 15:36:13 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&ra=1&pxm=&sgs=3&vb=13&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REVCONTENT_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-mK3eZQwprWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-tdBeNp%2B61zA1OQ%3D%3D&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=68&w=105&fy=1060&gp=3032.515625&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&id=1&ii=4&f=0&j=&t=1641828958508&de=80176946616&cu=1641828958508&m=15859&ar=cc97a930ec1-clean&iw=bdef476&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=3032.515625&lb=13953&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A1370%3A1370%3A0%3A1579&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=2%3A2%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15200&cd=10175&ah=15200&am=10175&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=144849%3A167087%3A5813719%3Aundefined&bo=undefined&bd=undefined&gw=revcontentdisplay556968265165&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195926&na=936223685&cs=0
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 15:36:14 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 10 Jan 2022 15:36:14 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=crooksandliars.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:36:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=crooksandliars.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 15:36:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 9C9B 		0
0
pixel.gif
px.moatads.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
Domain
media.crooksandliars.com
URL
https://media.crooksandliars.com/2022/01/49279.mp4_high.mp4
Domain
pubads.g.doubleclick.net
URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2C1010624%2FCNXORTEST%2F8566&description_url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1359358010970731&cust_params=domains%3Dcrooksandliars.com&ad_type=video&sdkv=h.3.494.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=3749406522&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.494.0&sid=17802A2D-DA1A-481F-A706-ED5BE598022E&nel=1&eid=44750604%2C44752657&top=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&url=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&loc=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&dlt=1641828954568&idt=3779&dt=1641828974403&cookie=ID%3D3e7e576597cad971%3AT%3D1641828955%3AS%3DALNI_Mb-g-aisSADHlzIcH_gZBftKV8cmg&scor=1385050033101366&ged=ve4_td19_tt17_pd19_la19000_er8156.475.8315.781_vi0.0.1200.1600_vp0_ts7_eb16491
Domain
px.moatads.com
URL
https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&ra=1&pxm=&sgs=3&vb=13&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=REVCONTENT_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-mK3eZQwprWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-tdBeNp%2B61zA1OQ%3D%3D&sc=1&os=1-lQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=68&w=105&fy=1060&gp=2886.515625&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&id=1&ii=4&f=0&j=&t=1641828958583&de=318595127800&cu=1641828958583&m=15790&ar=cc97a930ec1-clean&iw=bdef476&cb=0&ym=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=2886.515625&lb=13953&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A1370%3A1370%3A0%3A1579&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=2%3A2%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15173&cd=10144&ah=15173&am=10144&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=144849%3A167087%3A5856622%3Aundefined&bo=undefined&bd=undefined&gw=revcontentdisplay556968265165&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195926&na=2089755290&cs=0

Verdicts & Comments Add Verdict or Comment

436 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| 40 object| 41 object| 42 object| 43 object| 44 object| 45 object| 46 object| 47 object| 48 object| 49 object| 50 object| 51 object| 52 object| 53 object| 54 object| 55 object| 56 object| 57 object| 58 object| 59 object| 60 object| 61 object| 62 object| 63 object| 64 object| 65 object| 66 object| 67 object| 68 object| 69 object| 70 object| 71 object| 72 object| 73 object| 74 object| 75 object| 76 object| 77 object| 78 object| 79 object| 80 object| 81 object| 82 object| 83 object| 84 object| 85 object| 86 object| 87 object| 88 object| 89 object| 90 object| 91 object| 92 object| 93 object| onsecuritypolicyviolation object| onslotchange function| admiral object| googletag number| IsClAdmSub object| dataLayer undefined| resource undefined| script function| gtag object| ClLazyLoad object| Insticator function| fbq function| _fbq function| OneSignal object| propertag function| cnx function| cnxps object| google_tag_manager object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| yappaapp number| sc_project number| sc_invisible string| sc_security string| scJsHost object| google_tag_data object| gaGlobal string| GoogleAnalyticsObject function| ga function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| _mgIntExchangeNews object| MarketGidInfC1105644 function| MarketGidCContextBlock1105644 function| MarketGidCMainBlock1105644 function| MarketGidCInternalExchangeBlock1105644 function| MarketGidCRejectBlock1105644 function| MarketGidCCriteoBlock1105644 function| MarketGidCInternalExchangeLoggerBlock1105644 function| MarketGidCObserverBlock1105644 function| MarketGidCSendDimensionsBlock1105644 function| MarketGidCRtbBlock1105644 function| MarketGidCIframeSizeChangerBlock1105644 function| MarketGidCContentPreviewBlock1105644 function| MarketGidCResponsiveBlock1105644 boolean| mg_loaded_696576_1105644 number| __oneSignalSdkLoadCount function| __jp0 function| _statcounter object| AdmiralGrid object| webpackChunk_cl_theme21 object| CLAdmiral object| CLAMItems object| AdManager object| CL function| showAdmiralLogin object| _icesc number| infolinks_pid object| gaplugins object| gaData object| FB boolean| payload_loaded function| onYouTubeIframeAPIReady object| cnx_usr_storage object| _0x1ac4 function| _0x2ad4 function| _0x32639f object| ProperMedia object| properSpecialOps object| _qevents function| proper_log function| proper_debug_console function| proper_debug_overlay function| proper_display function| proper_render function| disableSlotRefresh function| logMatchingResponse function| properSpaNewPage function| properInfNewPage function| properBuildSlots function| properDeleteSlot function| properDestroyDfpSlot function| proper_remnant function| runATS object| TraceKit function| UAParser string| PBJS_USER_ID_OPTOUT_NAME object| device string| SYNC_ENDPOINT string| NON_MEASURABLE string| ENDPOINT_TEST number| accountId string| nm_div object| nm_script object| __twttrll object| twttr object| __twttr object| core object| InsticatorCommenting object| regeneratorRuntime function| 4dm1r11545242527 object| bouncex string| proper_ad_page_uuid string| requestType number| timeout boolean| edge string| bidder boolean| withCredentials function| proper_40a28e0d_3eb0ed54_1 function| proper_39155b29_4b28ae57_2 string| proper_ad_session_uuid function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| $iceboot object| INFOLINKS object| InsticatorApp string| insticatorHeaderCodeVersion object| instBid undefined| isChrome undefined| stackLineNum undefined| stackLineString undefined| errorLoc undefined| errorMsg object| ads_list object| embeds_list boolean| isPageviewSent boolean| insticatorIframeLoaded object| confiant object| InsticatorXmess string| placementId object| apstag string| x function| proper_f45d2b45_c371f1bb_3 object| wpJsonRciWidget object| ua_result function| __NEXT_PRELOADREADY object| revcontent function| renderRCWidget object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval object| cnxPlugins function| reload_campaigns function| setBounceCookie function| getBounceCookie function| setBounceVisitCookie function| getBounceVisitCookie function| clearBounceCookie function| owpbjsChunk object| owpbjs object| _pbjsGlobals object| PWT string| partnerName string| key object| __connect function| _typeof object| $ice object| $infolinks function| instBidChunk boolean| apstagLOADED function| dspCriteoRTUSCallback object| _google_rum_ns_ function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| closure_lm_638254 object| closure_lm_460109 object| closure_lm_505717 function| splitIndexSlots function| isSameSlot function| clearTargeting function| cygnus_index_judge function| cygnus_index_parse_res function| cygnus_index_set_targets function| cygnus_log function| index_render function| cygnus_copy function| getSlotInfo number| cygnus_tid object| index_slot_to_size object| index_slots_render object| index_slots_add number| $iceId object| sizes object| google_llp object| closure_lm_582884 object| ats object| ID5 number| google_lpabyc object| closure_lm_903407 undefined| $ function| jQuery function| close_bouncex_ad boolean| isCommentingRequested object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| $SO undefined| GLOBAL_VAR undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| Moat#PML#26#1.2 boolean| Moat#EVA object| vttjs function| WebVTT number| vdata1641828958852 function| ILVideo function| Moat#PSCB_1d37-1268-184e-1877_20824167 function| MoatPxIOPT53374808 function| Moat#PSCB_1d37-1268-184e-1877_65047532 function| MoatPxIOPT71277434 function| Moat#PSCB_1d37-1268-184e-1877_95283357 function| MoatPxIOPT28533011 function| Moat#PSCB_1d37-1268-184e-1877_70194351 function| MoatPxIOPT23790535 function| Moat#PSCB_1bc6-1781-1531-1e16_57506277 function| MoatPxIOPT33533686 function| Moat#PSCB_1bc6-1781-1531-1e16_93907102 function| MoatPxIOPT27506004 function| Moat#PSCB_1bc6-1781-1531-1e16_19611338 function| MoatPxIOPT25280431 function| Moat#PSCB_1bc6-1781-1531-1e16_64807412 function| MoatPxIOPT60466272 function| Moat#PSCB_1882-191b-140a-1a3d_30789110 function| MoatPxIOPT75301933 function| Moat#PSCB_1882-191b-140a-1a3d_86454358 function| MoatPxIOPT83781438 function| Moat#PSCB_1882-191b-140a-1a3d_11838343 function| MoatPxIOPT34328940 function| Moat#PSCB_1882-191b-140a-1a3d_2956455 function| MoatPxIOPT46094834 function| Moat#PSCB_1a2f-12b9-13ad-13f8_76939896 function| MoatPxIOPT47088569 function| Moat#PSCB_1a2f-12b9-13ad-13f8_3339760 function| MoatPxIOPT93431148 function| Moat#PSCB_1a2f-12b9-13ad-13f8_1251596 function| MoatPxIOPT99093966 function| Moat#PSCB_1a2f-12b9-13ad-13f8_31154021 function| MoatPxIOPT55705268 function| Moat#PSCB_163e-19ac-16e6-102e_79887458 function| MoatPxIOPT46599353 function| Moat#PSCB_163e-19ac-16e6-102e_50540933 function| MoatPxIOPT82962422 function| Moat#PSCB_163e-19ac-16e6-102e_40160431 function| MoatPxIOPT12681025 function| Moat#PSCB_163e-19ac-16e6-102e_95909821 function| MoatPxIOPT42066498 function| Moat#PSCB_1280-1163-10bb-16ba_56569952 function| MoatPxIOPT84692100 function| Moat#PSCB_1280-1163-10bb-16ba_87517794 function| MoatPxIOPT52198846 function| Moat#PSCB_1280-1163-10bb-16ba_3296407 function| MoatPxIOPT50514505 function| Moat#PSCB_1280-1163-10bb-16ba_61075884 function| MoatPxIOPT65111895 function| Moat#PSCB_1d4c-170c-11d7-1612_37237860 function| MoatPxIOPT2867125 function| Moat#PSCB_1d4c-170c-11d7-1612_28969976 function| MoatPxIOPT39003304 function| Moat#PSCB_1d4c-170c-11d7-1612_87464400 function| MoatPxIOPT82409390 function| Moat#PSCB_1d4c-170c-11d7-1612_49575448 function| MoatPxIOPT38257978 function| Moat#PSCB_1c38-1d06-14f8-1fbb_48158205 function| MoatPxIOPT78440570 function| Moat#PSCB_1c38-1d06-14f8-1fbb_45544462 function| MoatPxIOPT10746319 function| Moat#PSCB_1c38-1d06-14f8-1fbb_19216673 function| MoatPxIOPT69956843 function| Moat#PSCB_1c38-1d06-14f8-1fbb_93959621 function| MoatPxIOPT65420580 object| Adform boolean| __adform_onload function| ADFReload function| ADFCall function| ADFcall object| onClickExcludes function| mgReject1105644 function| mgLoadAds1105644_06b83 function| MarketGidCReject1105644 function| MarketGidLoadGoods1105644_06b83 object| _mgq function| _mgqp number| _mgqt number| _mgqi string| _mgCanonicalUri boolean| _mgPageViewEndPoint696576 string| _mgPvid boolean| _mgPageView696576 object| admrlWpJsonP function| LoadCriteoAllPlaces1105644_06b83 boolean| i.js.loaded boolean| i-noref.js.loaded function| cnxAddEventListener

213 Cookies

Domain/Path Name / Value
crooksandliars.com/2022/01 Name: __clauid
Value: MTczNDQwIA%3D%3D+b8a8668cbde0599e3e7666b3ccca6be4
crooksandliars.com/2022/01 Name: logglytrackingsession
Value: 6307f7c2-28ee-46e9-85fd-ccb92765edcd
crooksandliars.com/2022/01 Name: __clauid2
Value: 173440
.3lift.com/sync Name: sync
Value: CgoIgQIQkKGHpeQvCgoI4gEQkKGHpeQvCgoI5gEQkKGHpeQvCgoIhwIQkKGHpeQvCgkICRCQoYel5C8KCQg6EJChh6XkLwoJCAsQkKGHpeQvCgoIjAIQkKGHpeQvCgoIngIQkKGHpeQvCgkIXxCQoYel5C8=
.mrtnsvr.com/sync Name: userId
Value: BARgT424p
.yappaapp.com/ Name: __cf_bm
Value: NpSuTg9eC4CaATSRSsxmcG2ppZB0.QcqiWIOvhxFojw-1641828954-0-AUQBJKZVYvRidauNPfGO5zl5Rr8O8nLjXQb8CkaoD3A1CKLLEsYW9UyXZ1yOPe/rE1MmdjEevaml9ZklDJnMdvc=
.mgid.com/ Name: __cf_bm
Value: yd28WMdl4qywDklrTs4mrJafSj2Y5XCs15JOUAXBw20-1641828954-0-AecF++Bl4ZJNfhjcTueID5VUyamyAEuvOi587xjyteT6Ux3DtHUbwlLYlIDeYcyGcs47/AS9sBTD6pC/nlgBeXs=
.crooksandliars.com/ Name: _ga_MBSB7S97P1
Value: GS1.1.1641828954.1.0.1641828954.0
.crooksandliars.com/ Name: sc_is_visitor_unique
Value: rx8624509.1641828955.51CEE18D82BF4F48624BFF276042743F.1.1.1.1.1.1.1.1.1
.crooksandliars.com/ Name: _ga
Value: GA1.2.228879631.1641828955
.crooksandliars.com/ Name: _gid
Value: GA1.2.1682051791.1641828955
.crooksandliars.com/ Name: _gat_gtag_UA_2640119_1
Value: 1
.statcounter.com/ Name: is_unique
Value: sc8624509.1641828955.0
.crooksandliars.com/ Name: _fbp
Value: fb.1.1641828955226.586649544
.facebook.com/ Name: fr
Value: 0iXe2ZvrSojRQaDLV..Bh3FJb...1.0.Bh3FJb.
crooksandliars.com/ Name: _lr_retry_request
Value: true
crooksandliars.com/ Name: _lr_env_src_ats
Value: false
crooksandliars.com/ Name: InstiSession
Value: eyJpZCI6IjI1MjA5MmIyLTg2YjItNDYwZC1iMjk3LTUzN2Y3N2QwMjk2YSIsInJlZmVycmVyIjoiIiwiY2FtcGFpZ24iOnsic291cmNlIjpudWxsLCJtZWRpdW0iOm51bGwsImNhbXBhaWduIjpudWxsLCJ0ZXJtIjpudWxsLCJjb250ZW50IjpudWxsfX0=
.bidswitch.net/ Name: tuuid
Value: d0773446-703e-4748-9935-7778e55be987
.bidswitch.net/ Name: c
Value: 1641828955
.bidswitch.net/ Name: tuuid_lu
Value: 1641828955
.yahoo.com/ Name: A3
Value: d=AQABBFtS3GECEBuhIFI8ZEWzkt6hC7FQIRgFEgEBAQGj3WHmYQAAAAAA_eMAAA&S=AQAAAj98Sec2Uwl8lfaxUS7CUsg
embed.crooksandliars.com/ Name: clmedia
Value: s%3Ai3TxvPOBU6lJf7yErIqRQvkk0wyublbh.wRBT%2BHdvpp9ayZyOsORuED5zIF1XpFf%2BLEJ9MnUcCuU
.adnxs.com/ Name: uuid2
Value: 1899464560870372694
.crooksandliars.com/ Name: bounceClientVisit3601v
Value: N4IgNgDiBcIBYBcEQM4FIDMBBNAmAYnvgMYBOA9uQNYoCGAdgCZgCWtpKAdMeQLZG4ADLlxFBARiIAjBvXL0AtCgUMELBQDdaADwU9SpAKYoI8xofoIFUsLV7GFcFihAAaEKRggQAXyA
.quantserve.com/ Name: mc
Value: 61dc525b-a22b8-31f08-27945
crooksandliars.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.crooksandliars.com/ Name: _pubcid
Value: 94ef7167-44e2-4f9b-a8f8-c7b1073b8734
.rubiconproject.com/ Name: khaos
Value: KY8UKI0F-Q-BGJM
.rubiconproject.com/ Name: rsid
Value: 1|AIfsdBUO++vuGxiryvY4NyLqsLINffPD0ndRTZPwOWBzr4eVPwTuL9+dZLvlgeCkRh3C4GjGYWrGRQSWDHOtFAT+ngdUyQJYykllPZjhEHJw9y7GDs9f
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qoMIFZhaCMr9v+oE/PhLWQEKtLvkckcz9ur5SX0FILXDMd40EP9Wv79tm9LDVSZAufE0zbIAojM4uCAnekPgJibWwUZhu5bAzzc6UO785F0Pw==
crooksandliars.com/ Name: hb_insticator_uid
Value: 0cf87ec8-f669-4bc0-9e9d-61689914b320
.infolinks.com/ Name: cuid
Value: 956f5385-730f-4e3d-9c27-358a89931c92
.adnxs.com/ Name: icu
Value: ChgIid5REAoYASABKAEw26TxjgY4AUABSAEKGAjQkHIQChgBIAEoATDbpPGOBjgBQAFIARDbpPGOBhgB
.crooksandliars.com/ Name: __qca
Value: P0-882604230-1641828955639
.proper.io/ Name: mediagrid
Value: d0773446-703e-4748-9935-7778e55be987
.proper.io/ Name: verizon_media
Value: y-nIqaC_JE2uHOcqtTwZjkOJCzLXwPa0Ku~A
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: SfolTs1ZIlPB8MVKEK8IyKSvg4rUpAiO8hszRu6MQdwXgciFy314eCa8DRCNeggGNMdmUvl3ZxGQskJGpgd1xIFt87TMBs-LTKtZrofXbc4
.go.sonobi.com/ Name: HAPLB5A
Value: s56128|YdxSX
crooksandliars.com/ Name: sharedid
Value: %7B%22id%22%3A%2201FS2A3DYDZW79NB1814R0KWW8%22%2C%22ts%22%3A1641828956109%2C%22ns%22%3Atrue%7D
crooksandliars.com/ Name: sharedid_last
Value: Mon%2C%2010%20Jan%202022%2015%3A35%3A56%20GMT
.gumgum.com/ Name: vst
Value: e_a73c0d32-819b-4f18-9dc1-656ab6e23ca9
prebid.a-mo.net/ Name: __amc
Value: 1_1641828956_1641828956
crooksandliars.com/ Name: cto_bidid
Value: SdnNiV9pWkd0NHpjZUthbmp0SVBZaGtOU3JydDM2SUhQSEFVeFNUampWTFA1Q2JpWSUyRnNocGh5Z0dhcG9teFQ3eWM3N3paZXgwQnE1dmVmJTJCWktGdjhib3VjaUElM0QlM0Q
crooksandliars.com/ Name: cto_bundle
Value: 2l87Dl9adDNBUk5wTHdtQXRnTGxIVU8yaEpnd2puWjNXWUswb2syZUFvT1RkVURUSWFiZ3pEVGhOcmJpVk5BJTJGV1diY0tuR09GYW5rUldyVUNKcjUzNm1XQXQ1djg4aTFvcnNpSU9jR2dkQWE2Y3VPSmZ0OVZaVVpEeSUyRjVWMUZ5ck5nY0I
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.proper.io/ Name: __cf_bm
Value: nKzrkHlt7kk4Ge270YbT_SioHoJQvlNDx_J059yHwVI-1641828954-0-Ab9jow9IrdpCBW0C%2FH6x2Yu0Tl01h1f1Ffr6Rh%2F2zSipTKNWaqkYHdEcows58anfCiSldhxVhYSDbjJYQowF6uvcLmZehEVvc16p%2B2pA0t1J
.advertising.com/ Name: APID
Value: UP00faf6d4-722b-11ec-b92b-022355a5a232
.bounceexchange.com/ Name: bounceClientVisit3601c
Value: %7B%22vid%22%3A1641828956739119%2C%22did%22%3A%226726494317521215369%22%7D
.casalemedia.com/ Name: CMID
Value: YdxSXBt8uWyTtIAi9xXNZAAA
.casalemedia.com/ Name: CMPS
Value: 3237
.360yield.com/ Name: tuuid
Value: 0b41250e-3f31-4fd1-926c-4fe9710ed238
.360yield.com/ Name: tuuid_lu
Value: 1641828956
.pubmatic.com/ Name: KADUSERCOOKIE
Value: E684F5E9-3B0B-4B8B-B14B-8556B772469D
.lijit.com/ Name: ljt_reader
Value: 30b961211246323ef130f0ec
.casalemedia.com/ Name: CMPRO
Value: 1142
.infolinks.com/ Name: VRUSERCOOKIE
Value: y-XrJM4dFE2uHSnpP6VhPvkeyoc6u1ii50hlJFWjM-~A
.doubleclick.net/ Name: IDE
Value: AHWqTUmbOjxRAWKDXQ-4Dd7y90LJ4pucYT6E81l8wWaJV2L6DhzMe7dFCqgr8JJkdYs
.adsrvr.org/ Name: TDID
Value: 200dd76c-6183-49d6-9fb9-08410ca8a1c3
.crooksandliars.com/ Name: __gads
Value: ID=3e7e576597cad971:T=1641828955:S=ALNI_Mb-g-aisSADHlzIcH_gZBftKV8cmg
.cpx.to/ Name: cpSess
Value: 3564334653310ec
.cpx.to/ Name: dsp_app_nexus
Value: 1899464560870372694#1641828957200
.infolinks.com/ Name: ANUSERCOOKIE
Value: 1899464560870372694
.yahoo.com/ Name: APID
Value: UP00faf6d4-722b-11ec-b92b-022355a5a232
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: PUBMDCID
Value: 3
.infolinks.com/ Name: SOVRNUSERCOOKIE
Value: 30b961211246323ef130f0ec
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjIwtLQ0NrEwsDA1MDEyNTcwMRDiM9TNDbEM0C0rCHA2zqoEAFwQBQslAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjIwtLQ0NrEwsDA1MDEyNTcwMRDiM9TNDbEM0C0rCHA2zqqU4jU0MzG0MLKwNDU3NTEAAMAZyO00AAAA
.infolinks.com/ Name: IMDUSERCOOKIE
Value: 0b41250e-3f31-4fd1-926c-4fe9710ed238
.crooksandliars.com/ Name: properSessionData
Value: eyJ1dWlkIjoiMTJlMmY5YzItNDMzMS00ZTUzLWExNzUtZTM2YTljNDE3MTU1IiwiZGVwdGgiOjEsInJlZmVycmVyIjoiIiwiZ2NsaWQiOiIiLCJmYmNsaWQiOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV90ZXJtIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fdGVtcGxhdGUiOiIiLCJ1dG1fcmVmZXJyZXIiOiIiLCJ1dG1fYWRzZXQiOiIiLCJ1dG1fc3ViaWQiOiIiLCJyZXZlbnVlIjowLjAwMDExLCJiaWRfYXZnIjp7fX0=
.infolinks.com/ Name: OUTHUSERCOOKIE
Value: y-HvlR7iBE2uHGN6hmPN2mZmQzm9eAPz9E~A~UP00faf6d4-722b-11ec-b92b-022355a5a232
crooksandliars.com/ Name: _lr_geo_location
Value: DE
.infolinks.com/ Name: PUBMUSERCOOKIE
Value: E684F5E9-3B0B-4B8B-B14B-8556B772469D
.crooksandliars.com/ Name: _gat_gtag_UA_2640119_6
Value: 1
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-e72ddd07-3f01-4cbe-916a-c61e06ab6cd8-003%22%7D
.infolinks.com/ Name: IXUSERCOOKIE
Value: YdxSXBt8uWyTtIAi9xXNZAAA&1142
crooksandliars.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22200dd76c-6183-49d6-9fb9-08410ca8a1c3%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222021-12-10T15%3A35%3A57%22%7D
.infolinks.com/ Name: ZTUSERCOOKIE
Value: 2019934808504257040
ssp.behave.com/ Name: tuuid
Value: 98c17a8d-e56c-47d3-9535-181c83a948ee
ssp.behave.com/ Name: c
Value: 1641828958
ssp.behave.com/ Name: tuuid_lu
Value: 1641828958
.infolinks.com/ Name: KADUSERCOOKIE
Value: E684F5E9-3B0B-4B8B-B14B-8556B772469D~1641829044438
.yappaapp.com/ Name: _ga
Value: GA1.2.1590539365.1641828958
.yappaapp.com/ Name: _gid
Value: GA1.2.1970791673.1641828958
.yappaapp.com/ Name: _gat_gtag_UA_65028971_4
Value: 1
.crooksandliars.com/ Name: panoramaId_expiry
Value: 1641915357908
.infolinks.com/ Name: R1USERCOOKIE
Value: RX-e72ddd07-3f01-4cbe-916a-c61e06ab6cd8-003
.adform.net/ Name: uid
Value: 563268403423191541
.adform.net/ Name: TPC
Value: 1641828958184
.doubleclick.net/ Name: DSID
Value: NO_DATA
.taboola.com/ Name: t_gid
Value: d597ba91-ae8e-4b9c-8974-0a6aae682d94-tuct8d5d7de
.adfarm1.adition.com/ Name: UserID1
Value: 7051601680259414171
.erne.co/ Name: u
Value: mtoD5EyevcP1gN00aHF9YISn
.onaudience.com/ Name: cookie
Value: 13e38d5abdd85fcc
.onaudience.com/ Name: done_redirects219
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-mtoD5EyevcP1gN00aHF9YISn
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YdxSXgAElBbmSAAm
.mathtag.com/ Name: uuid
Value: ee3861dc-525e-4500-ba51-154383c5c538
.simpli.fi/ Name: suid
Value: 28A9F7F7046F40DD8AD113074412F1AD
.turn.com/ Name: uid
Value: 6947168936938911157
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-1899464560870372694&KRTB&23339-1899464560870372694
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-XFztm19fvJpHDLvKCFWky1sLucBHX77BXlj5paDe&KRTB&19420-XFztm19fvJpHDLvKCFWky1sLucBHX77BXlj5paDe&KRTB&22979-XFztm19fvJpHDLvKCFWky1sLucBHX77BXlj5paDe
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEKTT7TCCLRZc_eTUgY08CLI&KRTB&16514-CAESEKTT7TCCLRZc_eTUgY08CLI&KRTB&23025-CAESEKTT7TCCLRZc_eTUgY08CLI
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7051601680259414171
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-200dd76c-6183-49d6-9fb9-08410ca8a1c3&KRTB&22918-200dd76c-6183-49d6-9fb9-08410ca8a1c3&KRTB&23031-200dd76c-6183-49d6-9fb9-08410ca8a1c3
.bidr.io/ Name: bito
Value: AAF_dE7DuKUAAEFooMAXfw
.bidr.io/ Name: bitoIsSecure
Value: ok
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-e72ddd07-3f01-4cbe-916a-c61e06ab6cd8-003%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YdxSXgAElBbmSAAm&KRTB&22978-YdxSXgAElBbmSAAm&KRTB&23194-YdxSXgAElBbmSAAm&KRTB&23209-YdxSXgAElBbmSAAm
.de17a.com/ Name: guid2
Value: 1.4697919638350014267
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-563268403423191541&KRTB&23263-563268403423191541
.crooksandliars.com/ Name: fc
Value: %7B%22NDI0fmFwaS5hcHB0YXAuY29t%22%3A%221%3A1641828959208%22%7D
.crooksandliars.com/ Name: pv
Value: %7B%22d%22%3A%221%3A1641828959209%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:ee3861dc-525e-4500-ba51-154383c5c538&KRTB&16736-uid:ee3861dc-525e-4500-ba51-154383c5c538&KRTB&23019-uid:ee3861dc-525e-4500-ba51-154383c5c538&KRTB&23208-uid:ee3861dc-525e-4500-ba51-154383c5c538
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-6947168936938911157
.tribalfusion.com/ Name: ANON_ID
Value: aHntmIolXVjQuWx7J3gZalvo5rOtAKYHflIkCbKMWn7mZajC1qPXdcidorKaR56ZaaiRZa3qaaQUrKMepMSZbQd8bAjSe
.infolinks.com/ Name: tv
Value: |NDI0fmFwaS5hcHB0YXAuY29t~1
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17107-RX-e72ddd07-3f01-4cbe-916a-c61e06ab6cd8-003
.acuityplatform.com/ Name: aum
Value: OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqBMjn6jXVzZXJNYXRjaGluZ0lkJLqRbGFzdERyb3BUaW1lTWlsbGlzJQE/ERQcNLiYbGFzdFN1Y2Nlc3NmdWxNYXRjaE1pbGxpcyUBPxEUHDS4j3RoaXJkUGFydHlVc2VySWRjZDA3NzM0NDYtNzAzZS00NzQ4LTk5MzUtNzc3OGU1NWJlOTg3+/uGdmVyc2lvbsL7
ads.playground.xyz/ Name: connect.sid
Value: s%3A_i_gTlRReVnScoCyvkAV8DKDHKVqoNQU.d46jmRZ%2F4fY8DjvdlYT%2F4Our9EuXH9co44c6EA4Udyw
.crooksandliars.com/ Name: _gat_Insticator_Embed_v4
Value: 1
.adsby.bidtheatre.com/ Name: __kuid
Value: 3a94958b-0851-40c1-ac07-d6206c9c3ba5.411042959
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-4697919638350014267
.zeotap.com/ Name: zc
Value: dbf1dfc7-c982-4a77-5c87-d7146f2213f0
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-d0773446-703e-4748-9935-7778e55be987
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-no-consent
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-ddf32213-502f-4966-72ee-5512f4fc869f.Wy3oWIWcrTw47bci033yMFsRLh9%2BQQbaDQ1bUNGNKxY
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-ddf32213-502f-4966-72ee-5512f4fc869f%24ip%24193.27.14.43.5fJ9%2BfW6UN1SYNS2SFNqiv2F6ZUqOpXXIZ9s6rOmKLk
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-3fMiE1AvSWZy7lUS9PyGn8EbDis
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.creativecdn.com/ Name: ts
Value: 1641828960
.creativecdn.com/ Name: u
Value: geJsLSnkhaNu0i8XlHkg
sync.e-planning.net/ Name: CT
Value: 1
.e-planning.net/ Name: E
Value: ACzM3Tf-N0gXLkvK
.a-mo.net/ Name: amuid2
Value: ed09afd3-c9f1-4a43-8ab5-b0f0d8220ec9
ssp.behave.com/ Name: um2
Value: !2,d0773446-703e-4748-9935-7778e55be987,411107760
.admanmedia.com/ Name: admtr
Value: 18e646373b7f9f7e6fd2a32fa3ae10c0d31399c8
.ipredictive.com/ Name: cu
Value: 033b22e7-722b-11ec-9250-59e8f3a3eea6|1641828960501
.sportradarserving.com/ Name: zuuid
Value: e3ddabf9-0695-4a08-8cde-44688370592d
.sportradarserving.com/ Name: c
Value: 1641828960
.sportradarserving.com/ Name: zuuid_lu
Value: 1641828960
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: a2d7634d1745277f
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1641828960
.quantserve.com/ Name: d
Value: EMIBEgGVJfijC_vLEA
.eqads.com/ Name: EQUser
Value: UID=2dfae52f-ce33-4f9b-a184-ace0ba3199f5
.mathtag.com/ Name: mt_mop
Value: 9:1641828962
.crooksandliars.com/ Name: _awl
Value: 2.1641828960.0.5-dcdc6a76d6970775548c47a3a83d8cd5-6763652d6575726f70652d7765737431-0
.zeotap.com/ Name: zsc
Value: %23e%F0%03%17%3C%B9%EC%18%8F%81%CC%EE_C%F3j%3C%AB%81%A6Z%D2%0C%EF%D1%CB%AA%E2%CD%01%A6%BFsn%D8%F6%87y%CF%A5Y%1D%DE9%DF%E2%97%CA%AAD~%7C9%B6%83%21%0E%EE%8E%D0%0Dj%93h%1E_%B3T+%7Dw%FA%94%21%9D%0A2%07%1C%23%03%DC%97%D7%FB%B4%92%B1%06%96%9D%81%E2%CB%5B%DB6h%10%F1%A4%EFg%18%E0%01%10%1A%F6%BC%92%9A%E3%293%2A%D9%BABM-%B9%9A%82J%BE8%12%D7%17%A3%D8%80%7F%AA%3B%12%0F%AB%BC7%AAmSO%2C%87%EF%81%13%0E%92%F5%1D%3D%13%C3%1D%F9%09%A3%1AJ%BC%5DI%04%B4CYg
.pubmatic.com/ Name: DPSync3
Value: 1642982400%3A227_235_219_201_197_221_226%7C1641859200%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1642636800%3A63%7C1643068800%3A35%7C1642982400%3A176_22_104_8_166_81_230_233_3_99_7_238_161_204_189_56_165_13_220_231_71_55_54_5_57_88_222_234_21%7C1642377600%3A2_15_223%7C1646956800%3A69%7C1644364800%3A203
.3lift.com/ Name: tluid
Value: 2005169517770513691
.w55c.net/ Name: wfivefivec
Value: HDIcC3QZ1N6WIi5
.mgid.com/ Name: muidn
Value: m0a2f40isxA7
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAPvFyGtoZmJoYWRhaWZkbmGwigXON7U0sDBfJY7gm5uaGAAAdAvLGDAAAAA
.w55c.net/ Name: matchpubmatic
Value: 5
.tapad.com/ Name: TapAd_TS
Value: 1641828962887
.tapad.com/ Name: TapAd_DID
Value: 5cee30e4-3772-42d2-a35e-93162edcdcbd
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:HDIcC3QZ1N6WIi5
.fiftyt.com/ Name: fifid
Value: 2d8b93c5-d2b5-4e17-7f6e-ebfbd5688767
.w55c.net/ Name: matchcasale
Value: 5
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.richaudience.com/ Name: avcid-zeo-uid
Value: dbf1dfc7-c982-4a77-5c87-d7146f2213f0
.weborama.fr/ Name: AFFICHE_W
Value: SJqLKpy@6rxI34
.theadex.com/ Name: axd
Value: 4282649396725002305
.theadex.com/ Name: tis_ogL
Value: ogLeAswv
.demdex.net/ Name: demdex
Value: 73768553528570853683098214790666120184
.semasio.net/ Name: SEUNCY
Value: CFF6BD7CAAE7B77
.pubmatic.com/ Name: pi
Value: 160318:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 6
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-033b22e7-722b-11ec-9250-59e8f3a3eea6&KRTB&23011-033b22e7-722b-11ec-9250-59e8f3a3eea6
.pubmatic.com/ Name: PugT
Value: 1641828963
.fiftyt.com/ Name: cs
Value: MTY0MTgyODk2M3xEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fEMyxWb-VaUz37UtmsMLGjwPrhiw56PJwjIOooTl133T
.fiftyt.com/ Name: fppm
Value: 20220110153603
.casalemedia.com/ Name: CMST
Value: YdxSXGHcUmMA
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwiC35nrnZaqOhAFGAEgASgCMgsI3LC4wbSWqjoQBTgBWgdzaXJuc3ZnYAI.
.bing.com/ Name: MUID
Value: 19104C4318A6671E095C5D6B1974667A
.owneriq.net/ Name: si
Value: Q6951153631002470371
.owneriq.net/ Name: p2
Value: cc
.agkn.com/ Name: ab
Value: 0001%3AkMcY1%2BCqdwfa07G4eoNytJPYKGMTxCGA
.tidaltv.com/ Name: tidal_ttid
Value: efb5d118-3534-4068-a39b-033391ab0e99
.dpm.demdex.net/ Name: dpm
Value: 73768553528570853683098214790666120184
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&be33180e-4800-4cc1-80eb-19e32ecb853e"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NDE4Mjg5NjM7MjswMjER+ku3FRN9ZgDSKFLlTUk0calE6GrptRSym299krJPDg==
.linkedin.com/ Name: lidc
Value: "b=VGST06:s=V:r=V:a=V:p=V:g=2277:u=1:x=1:i=1641828963:t=1641915363:v=2:sig=AQH5LU0E8lMWB1lAdw8wVxkDG7t9hdvj"
.analytics.yahoo.com/ Name: IDSYNC
Value: "190z~22l3:192u~22l3:18xp~22l3:18z8~22l3:1969~22l3:18z9~22l3"
.yahoo.com/ Name: APIDTS
Value: 1641828963
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0srQ0tjK0MAIAlJrThQkAAAA="
.crooksandliars.com/ Name: _admrla
Value: 2.2-9147bd1fd0f18dd3-04bd28de-722b-11ec-8115-89609121835c
.fwmrm.net/ Name: _uid
Value: "e3b4b_7051601701711027874"
servicer.mgid.com/ Name: __mglb
Value: ed02bb11b748a9279413c1eb8e47c448
.undertone.com/ Name: UID_EXT_56
Value: $y-XrJM4dFE2uHSnpP6VhPvkeyoc6u1ii50hlJFWjM-~A
.krxd.net/ Name: _kuid_
Value: Ol--vPwJ
.undertone.com/ Name: UID_EXT_55
Value: $UID/no-consent
.undertone.com/ Name: UID_EXT_53
Value: E684F5E9-3B0B-4B8B-B14B-8556B772469D
.casalemedia.com/ Name: CMRUM3
Value: bc61dc526105a00&2961dc526105a0&5161dc52612760VrfcelW0jXtN54orAr6VKlHgiCFNtI8gVLMdo9-_&3961dc526227602019934808504257040&6f61dc526005a0&1f61dc526205a00&c361dc52632760av-63fc2f0c-9e4d-481a-97d0-e04bf5c7691a&ce61dc526205a0&3361dc526205a0&2761dc525c0b40&5a61dc526005a0&0461dc526127606947168936938911157&0561dc526005a0&bf61dc525c05a0&b061dc526205a00&6961dc526205a0&4161dc526005a0&2861dc526227602dfae52f-ce33-4f9b-a184-ace0ba3199f5&2f61dc52632760HDIcC3QZ1N6WIi5&f161dc526205a0&4061dc52622760no-consent&2d61dc525e2760CAESECRnvGpQ31a66EFFmekFnmA&4961dc526005a0&da61dc525c2760&c461dc526005a0&0361dc52612760ee3861dc-525e-4500-ba51-154383c5c538&e661dc52602760&9c61dc526205a00&8261dc5260a8c0&2e61dc526005a0&5861dc526005a0&9861dc526327604d82d812-27dc-4dae-bda6-170f06a7d781&0d61dc525c05a0
live.soapps.net/ Name: route
Value: 872bc5198f93a7f2c1a22140cd652841
crooksandliars.com/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%7D%2C%22C1105644%22%3A%7B%22page%22%3A1%2C%22time%22%3A1641828964308%7D%7D
.eyeota.net/ Name: SERVERID
Value: 18663~DM
.pubmatic.com/ Name: SPugT
Value: 1641828964
.audrte.com/ Name: arcki2
Value: cf9M5H9UE4XSQSWg5jWxc27Ig!20210804!1641828964972
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 869932d30e106d0a3467deb1a3d587eb
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQsDCztDQ2SjE2SDU0MEsxSDQ2MTNPSU0yTDROMbUwT01iAILEO0GpIBoKAEj3CqU%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIvBOUCqSgAAAYuwH1"

17 Console Messages

Source Level URL
Text
javascript warning URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his(Line 1279)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://statcounter.com/counter/counter.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://crooksandliars.com/2022/01/bannon-s-anti-vax-correspondent-blames-his(Line 1279)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://statcounter.com/counter/counter.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=72
Message:
Failed to load resource: the server responded with a status of 451 ()
other warning URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://soapps.net/live/comments/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&extPageId=173440&contentId=68acbe83-2c92-47e9-b8ad-be33fc593fd4&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=886de358-7f35-4af0-b0c5-495d4ba57907(Line 237)
Message:
A preload for 'https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;600;700&display=block' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
javascript warning URL: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-5155643920455169&fa=1&ifi=11&uci=a!b&btvi=1
Message:
The resource https://fonts.googleapis.com/css?family=Roboto%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=dbf1dfc7-c982-4a77-5c87-d7146f2213f0&reqId=575ae0a0-5588-416f-6d65-7adf8c2cc58d&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://ssum-sec.casalemedia.com/usermatch?s=$UID&cb=https://usr.undertone.com/userPixel/sync?partnerId=57&uid=$UID
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://eb2.3lift.com/xuidmid=7976&xuid=BARgT424p&dongle=u6nf
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&noAccelerate=true&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=8de1105c-5af0-404b-8cd1-59428832380c(Line 20)
Message:
A preload for 'https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;600;700&display=block' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
javascript warning URL: https://soapps.net/live/comments/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&extPageId=173440&contentId=68acbe83-2c92-47e9-b8ad-be33fc593fd4&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=886de358-7f35-4af0-b0c5-495d4ba57907
Message:
The resource https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;600;700&display=block was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fcrooksandliars.com%2F2022%2F01%2Fbannon-s-anti-vax-correspondent-blames-his&pageTitle=Bannon%E2%80%99s%20AntiVax%20%27Correspondent%27%20Blames%20COVID%20On%20Biden%2C%20BLM%2C%20Antifa%20%7C%20Crooks%20and%20Liars&integrationId=bf354797-2feb-4d2a-ad39-b31b027bc5f3&noAccelerate=true&sessionUUID=492cc403-c65c-41f6-9e6f-bd6520b35883&frameUuid=8de1105c-5af0-404b-8cd1-59428832380c
Message:
The resource https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;600;700&display=block was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.sportradarserving.com
a.tribalfusion.com
a4337.casalemedia.com
a5264.casalemedia.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-cdn.technoratimedia.com
ad.360yield.com
ad.mrtnsvr.com
ad.turn.com
ad4m.at
ads.playground.xyz
ads.pubmatic.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ap.lijit.com
apex.go.sonobi.com
api.bounceexchange.com
api.rlcdn.com
as-sec.casalemedia.com
assets.bounceexchange.com
assets.newsmaxwidget.com
assets.revcontent.com
ats.rlcdn.com
aud.pubmatic.com
auth.instiengage.com
b1sync.zemanta.com
b2c.insticator.com
b2c.instiengage.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
biddr.brealtime.com
bids.proper.io
blueamerica.crooksandliars.com
bn01.er.bemail.it
btlr.sharethrough.com
bttrack.com
c.amazon-adsystem.com
c.bing.com
c.mgid.com
c.statcounter.com
c1.adform.net
capi.connatix.com
casale-match.dotomi.com
cd.connatix.com
cdn.ampproject.org
cdn.districtm.io
cdn.id5-sync.com
cdn.mgid.com
cdn.onesignal.com
cdn.syndication.twimg.com
cdn.undertone.com
cds.connatix.com
cm.adgrx.com
cm.g.doubleclick.net
cm.mgid.com
cms.analytics.yahoo.com
cms.instiengage.com
comments.yappaapp.com
confiant-integrations.global.ssl.fastly.net
connect-metrics-collector.s-onetag.com
connect.facebook.net
conversations.yappaapp.com
core.iprom.net
creativecdn.com
crooksandliars.com
cs.admanmedia.com
cs.emxdgt.com
csync.loopme.me
d.adroll.com
d3lcz8vpax4lo2.cloudfront.net
d52bfc3189c2b6869880ca8c5fe84190.safeframe.googlesyndication.com
d5p.de17a.com
dclk-match.dotomi.com
de.tynt.com
df80k0z3fi8zg.cloudfront.net
dh014lg6uwepv.cloudfront.net
dis.criteo.com
dmp.adform.net
dmp.brand-display.com
dmp.theadex.com
dmp.v.fwmrm.net
dmx.districtm.io
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb.proper.io
eb2.3lift.com
ecs.mantisadnetwork.com
embed.crooksandliars.com
embed.yappaapp.com
eua.instiengage.com
eus.rubiconproject.com
event.insticator.com
event.instiengage.com
events.bouncex.net
ex.ingage.tech
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geo.privacymanager.io
geoip.insticator.com
geoip.instiengage.com
get.s-onetag.com
glisteningguide.com
global.proper.io
googleads.g.doubleclick.net
green.erne.co
gu.dyntrk.com
gum.criteo.com
hb.emxdgt.com
hb.undertone.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.e-planning.net
ib.adnxs.com
id.crwdcntrl.net
id.rlcdn.com
id.sharedid.org
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.getadmiral.com
images.newsmaxwidget.com
imasdk.googleapis.com
img.connatix.com
ins.connatix.com
insticator-d.openx.net
insticator.technoratimedia.com
js-sec.indexww.com
js.cookieless-data.com
jsc.mgid.com
loadeu.exelator.com
mantodea.mantisadnetwork.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
media.crooksandliars.com
mug.criteo.com
mwzeom.zeotap.com
nep.advangelists.com
node221.impressionssl.adshop.infolinks.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onesignal.com
onetag-geo.s-onetag.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.twimg.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.mathtag.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
pixel.yabidos.com
platform.twitter.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pre.glotgrx.com
prebid.a-mo.net
prod-static.yappaapp.com
product.instiengage.com
propermedia-d.openx.net
protected-by.clarium.io
ps.eyeota.net
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.moatads.com
px.owneriq.net
resources.infolinks.com
router.infolinks.com
rt3042.infolinks.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s-img.mgid.com
s.amazon-adsystem.com
s.cpx.to
s.e-planning.net
s.tribalfusion.com
s0.2mdn.net
s1.adform.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
servicer.mgid.com
signal-beacon.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
simage2.pubmatic.com
simage4.pubmatic.com
soapps.net
spl.zeotap.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
ssp.behave.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
statcounter.com
static.adsafeprotected.com
static.instiengage.com
static.newsmaxfeednetwork.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.crwdcntrl.net
sync.e-planning.net
sync.extend.tv
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync.tidaltv.com
syndication.twitter.com
tag.1rx.io
tag.bounceexchange.com
tags.bluekai.com
tags.crwdcntrl.net
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
trc.taboola.com
trends.newsmaxwidget.com
u-ams02.e-planning.net
u.openx.net
uipglob.semasio.net
um.simpli.fi
um2.eqads.com
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
usermatch.krxd.net
usr.undertone.com
usync.proper.io
vid.connatix.com
video.twimg.com
visitor.fiftyt.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
z.moatads.com
hbopenbid.pubmatic.com
media.crooksandliars.com
pubads.g.doubleclick.net
px.moatads.com
sync.adotmob.com
104.109.78.125
104.111.215.191
104.111.219.144
104.111.242.53
104.16.200.58
104.16.68.69
104.17.120.107
104.19.133.78
104.19.136.78
104.20.229.67
104.244.42.8
13.32.99.35
13.32.99.88
141.94.170.77
142.250.184.194
147.75.61.140
150.238.37.130
150.238.37.138
151.1.205.165
151.101.129.194
151.101.129.44
151.101.194.137
151.101.65.108
151.101.66.137
151.101.66.49
151.139.128.11
152.199.22.191
154.59.122.79
159.65.197.210
168.119.146.39
169.50.137.182
172.66.42.247
174.137.133.49
176.34.153.222
176.34.73.162
178.162.133.149
178.162.133.150
178.250.0.163
178.250.0.165
178.250.2.146
18.157.246.64
18.159.247.85
18.170.15.31
18.189.50.229
18.194.149.16
18.194.172.208
18.195.155.181
18.213.10.151
18.66.109.174
18.66.112.29
18.66.112.41
18.66.97.109
18.66.97.124
184.30.20.198
184.31.84.150
184.72.220.63
185.170.61.205
185.170.63.49
185.184.8.65
185.29.132.241
185.33.221.89
185.64.189.112
185.64.189.229
185.64.190.79
185.64.190.80
185.86.137.107
185.86.138.144
192.132.33.46
193.122.128.135
195.5.165.20
198.47.127.19
198.47.127.20
198.8.71.129
199.212.255.247
2.18.233.201
2.18.234.21
2.18.235.40
2.19.35.65
2001:678:cb4:bbbb::11
205.234.175.175
209.54.180.3
212.82.100.182
213.155.156.184
213.19.147.42
213.19.147.45
216.52.2.39
216.58.212.130
23.88.75.187
2600:1f18:6593:f602:8bd3:480b:a39:d536
2600:9000:223c:7400:1f:2473:9080:93a1
2600:9000:223c:c000:6:6801:f140:93a1
2600:9000:223d:3800:9:78a:e540:93a1
2600:9000:223f:5200:1c:386f:ec80:21
2600:9000:223f:6600:6:44e3:f8c0:93a1
2600:9000:223f:ba00:8:48e:53c0:93a1
2600:9000:2251:3e00:10:3422:3f00:21
2600:9000:225e:1200:17:5bae:c7c0:93a1
2600:9000:236e:3400:1a:5302:20c0:21
2602:803:c003:200::61
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:233:1ab3:789:1032:20e3:21
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:1857
2606:4700:10::6816:b7
2606:4700:20::ac43:4a81
2606:4700:3031::ac43:d645
2606:4700:3034::6815:4466
2606:4700:3035::ac43:b142
2606:4700::6810:76c3
2606:4700::6811:4f22
2606:4700::6812:c05
2606:4700::6812:e134
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:80:800::7001
2a00:1450:4001:808::2002
2a00:1450:4001:808::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2006
2a00:1450:4001:811::2001
2a00:1450:4001:812::2001
2a00:1450:4001:812::2004
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:830::2008
2a00:1450:4001:831::2001
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9a
2a02:2638:1::13
2a02:fa8:8806:12::1370
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42:200::300
2a05:d018:24:b002:6973:f435:affb:5901
2a05:d018:d29:3602:74fc:7750:9e36:ae36
3.120.57.46
3.123.178.108
3.123.179.172
3.126.56.137
3.225.222.206
3.234.103.215
34.102.163.6
34.102.253.54
34.117.4.53
34.120.133.55
34.120.253.250
34.149.20.76
34.199.172.6
34.200.142.247
34.205.3.24
34.210.253.33
34.254.143.3
34.254.166.91
34.98.64.218
34.98.67.61
34.98.72.95
35.164.220.10
35.190.74.49
35.201.81.244
35.201.96.126
35.207.10.239
35.227.248.159
35.227.252.103
35.244.159.8
35.244.174.68
37.157.3.28
37.157.6.235
37.157.6.246
37.252.173.38
38.27.122.101
38.91.45.7
46.105.202.126
46.249.52.248
5.178.65.253
51.158.28.83
51.178.20.139
51.89.9.253
52.0.35.69
52.2.181.133
52.200.32.220
52.210.109.111
52.210.237.91
52.213.153.198
52.22.106.223
52.222.214.123
52.223.40.198
52.24.171.117
52.29.163.83
52.30.14.23
52.49.138.193
52.57.150.20
52.70.120.137
52.72.173.84
52.94.223.167
54.149.4.149
54.224.99.233
54.235.119.75
54.36.109.183
54.70.210.121
54.77.47.243
54.80.147.122
63.251.232.165
66.155.71.149
66.155.71.150
67.202.105.21
67.202.105.32
69.173.144.165
70.42.32.63
74.214.196.131
75.2.13.80
76.223.111.18
77.243.60.138
8.2.111.137
8.39.36.141
8.39.36.142
8.43.72.97
85.114.159.118
89.163.159.102
94.23.73.243
0013c88ee4495a861519f66361d12a922b234de71d5fdd9dce84a74ffae48963
00a96008a7dc2241ecdd204793579f09c36810f3f42f86e21cac8636c9690ffc
015fe53a47903430d7d5cdeea266d92571be3e535ed9321bf1db9ea2c6363746
017100a1d28f9dd94f54e7d812803134c0a36f6b05c8ff71e02cfd2d1ce1d5a3
01ce1bee94b62cf2f5a2126185610761dca98aa36e65758727f02a7186375271
01faf18c8eec9dde1557cc1ebb093733c53a1b432623c5e56ea3e499eea7c914
0213bc44ead6718b244d5a465c655a164c2eafad5fcca094b54a6270574772c1
048a133d4651b77595e7fcbb30d01cafe69c887c9af5beda4d71cae4c300b754
04b23695c5196ff9c1a5049ce1bddc19645a6403e1f94a68427ea893e460cf90
04c399a7f971435e3304ba9e8bd774b599ad88158a4d07b1a1d75bac7c462d8c
04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05ac06ee325f239671ee8a7c7915694f79fa1b4549e91a36d2247bbe91b2cd67
05d37070f844b99cb56ee5da29859d89fde717ee632cb7aebd944726b009a2a0
0651dec239d8752440324a6dda9339c03fa68eda296ab9acf2d065eec3f4c3df
06549935068edb46e3bf860e4435bb850f777fcaf5d24b0b7383130baf3622e0
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
088e29b57af9f0dba09c8f44bc0259822e55ada489ef8352908ea809fb6b2a96
09557c464b55544459b20653f1e31abd29c693c4e6da393745567a599cf16158
09d7f52f9853a4bceabae389f3a70b61a292b7d5c8280b7276ed73a917503ea1
0a371129a6e67d3eb2f475322a81243cf98611e5efcafdff660485b22bdfc1c6
0a8a07129f0d6c3c3ec92530b2fb31362c48bc4b6058f8d784c5df763232a0fd
0aa900c43537f2033211adb263b21e424397bc66aba2383df7ad62e7d4e9a075
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c1b12828169e3a9277dd6ed4f807e8dd4db342cbce696b2093170dbe9af7a1a
0c6db587745b9b254a14a56e743b8eb428671717b6d2861a4dd4f2cea7bec0da
0c743a880dc0cfd9028f74d7b23db7131ff230f0927129418de147be4f556031
0c99284f4e6560be7065537fdc7215fd0bc4bcb1c2b5eb16feeaf40fa7913ce6
0cd993faa79e79ae073b231ca8a74d29c0dc6dda364047771c795ac2c50cd7e9
0e8670554443313b972c10ae1a34baeb408d060fc5e82c6a358f77d7e98dd15e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1102609ea6a0c6229b8bc92bbaa3b814c24f89191954f8141b902f42d2705272
1129654ac52be55932cbe8483d6c8b6cc7e5124f054aafd34b0f05d04fe806e6
116e644aa3c0cf28db9a7e287acbe60a7b1e42532aa4433fd99e0593537f8e5e
12560714dff96817e6da55eefc53a537ac7f9361fb8e3fd4fa24143777d281fb
12af13a8d0ba0da59544535c897879a458ab82ee413cfcf7bf9d62bfe988859e
147fdc981f995669d8cc3fb86665e6577c4010a20d6d89dcb3358816f5d943a7
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
151c4c52c25dd28c33321aaaeabe879c4814087d4eaf7545d93f5d81d4d1c4f3
15517b02abee442cf6136797578aff166411f068fd866a37940d772e8d2db9f2
158c52a04fdfa34bcb90a320eb3a4a7ce24df58a3deb8bbc6b83996733ab5087
15bd3b782c22b1f64a17915dfb1495cfb7eb35223b0496b1a0119d990722bb99
15f8609c966aff96efa6c3a73e544369d2f8a2cf4b9745f162d69e06d6b04fdc
166abb06d677dd6657ba4a3940993b906a3801f4afb5f99d551d051fd1417fce
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
16d6d7ba4006096fb536c7321f156e466e93bad8397ead0a325368974436037f
1716e458428b65fa6208522eba0fe7971a103ce88e9063126941dec741fd0163
17af0a6fc3294f7ecb3811215172ab6e4172f0d221c6c03005eddc5bf6e645c3
18191afabdd55f31f8da7876213eb471318fcbff80cd186aba13bbe8d7461585
1842981c34db6bebcb18075adba5136cf9c7f9985313cb2ab7990ff85f35da83
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18cf4dfa4207df3b4a427036d0fcd3f428d9ef02d578d695871fc55f1d31b68b
198eeedfe64dd3f4d642f41078b1ea3e1072aed61407bb2db572238f8f685f42
1a4a46833ab1e9eebecf51246819e76342de29b3a0f96da7558d13d8539c0cd8
1a909107fab0dd34e9898b660689246a64f6b9b7f72627ee27f010992de6d85d
1b5aae7e7331fb19ed584bc23aa60c439e41708b2b2f04adb687aff0dc90ad49
1c5ea15becf5b0063dbf7115a802701a0b96f3d3907608b37732922d235b1420
1c62070a452c4d13bbdd242bb89363ad291428e0c3d6caede17cc28e71203682
1c8cd1053a9a2b6eac79d312fb5ff5c6c0f0891fb79aa909b16c7f919a9d2dd4
1d5a54e77957198a8d13763c94597359487cecbac0ab2bed81bbe19a82c8cd22
1e053bd99cf697a58e1e0c5192a13c7035b61a1f81e0b4c28f12833fd034321b
1eab91be691fbe6e9b973e814c30249e2c1db45a4edb65884adb0924fe428cee
1eb1b6e1e688ba61d00ccf66b2a294712a2020fea57ce41189e6d380b8574de2
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f647589f081c26a24954bf8f32fb7ea1b828fe3a41cebc760154191a167efea
1f66c0fbb5aeb0dd2d14a7f6e7d13873dcae81af3cd74beb437f604dad1245f6
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
20b2bb36e937d744519d7c8d585515b03d3b130dd4c92e61d93e7cc0ea452748
20c2d1666247904f1e30dc9d1f03e66d8a2a90ec11594aed6f1572561e892e1c
2154e018e59aeb164b2295468e97a6699e83bf981ba46114801980a471b99ef7
21f6baf6f437f5ae0d94897041095becbd1c836b75f5111bd2c2c620f8a4d6b7
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
229624ad9cd76da7a456326bfb601344e506ef08416fca467bbf5f2ac3f06948
22a56f65d6148542e21c487ea42b104b05167ffd2c24a89b400fe3565c5e16ce
2411c793f521e4b4549af40a97c9ad3bbe3cca8c2013b7f8ffdd5342b89c070c
2423d7f14862fe955684a6b0c9e549f412936be33e5b53ab92cc919ef8e03888
248735377e21aa8464d5b1cd5e3954dd821caf39868f43ef42ccfcff5fe7c096
249430d69e27553764da0bc80dc0705aa5f80776c6785271020825a96dd1fd30
26c646d0039ed7c861015503f11779e53e41edc1e9c620729f3cfa5784abef95
2a5b1dce23395f1bb97fd821142b7602a6ffca17477fab09a1817f22268bb9c3
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2bdb25de1aa97fe8cdfc5476db721396756d3300346e6a2863a6230899be149e
2bffd27deccc4940c0be1a637adfdc98a16fb615ac0b0a8a6909624224ed65e7
2c3c2d7dd5ca1f4534c63319a72806487aeb5b74f094056798aad56dedd94d3d
2caed79550c84018f7884125fd3e77e1ee5d2391383365be65f3bd7e2b0f4763
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e0b76760753ecabd92d6562f5900f745acbefc7226fd4af4127f9aaeea9dba2
2e2f8485434c1dc7ba8426b78bcdcce5d13462028693bc1b749957ef88909763
2ea21fcaf145d663c5436dab743625556a2621d339a8e953eb5ea8c8ff7fc914
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
322d976642feb8a836b55bf9204647bc8c505842da8a465b1107d819b8ed9516
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
349f8aadb10eede699236f9a996020d6d634dffdba301e73d971f3aa05281b3d
34c32eeae87ec0ddd2efd4762a8fc9c0aeca9cade89f466923ad23ff8bb849a0
354dda008302b8ece37f73ccb0562cf6ec7ca2537a39c964e6b480bfd35dbb09
35846f57081b1dbfb834d54744933ab04f2679cd1961422cfd9188d499c0d8bd
35bcb837f43ab5006496b8bb433ea8ee78f08ff7da0ccb92b146c6b8d2485e2b
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
370e5d6e2600d0d0a3d2f2b54557e1ab8c11578ba82f612b78de467fe270610f
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
386f30efa7e5c8d3016432f273329e7a95ec708a3603245cb5b0404c876bbb4e
388d2f5e626dec1988b5e8492f6856d16228570edd27f36ecf39e70da96da95a
39ae94009ec5715f2eb0d4f092bd2d6280554ae486d05fde9c878ba9cdf1d634
39c8be8e8b2b7895d4da7ed4e0fa4d89cd8e200dbb5ee886bbb7d34fb90f4f46
3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5
3ad88cfeb51231ef2c348b1fdf4af5dc9b828dc2e87546b1b01951063649f278
3b3093330ac587c596accfcb2ce0a5c0eb0ec48be4ef9cd3820ec442db90a57a
3b45f771edb3f44cff3ccce014039a37f6f2f402ba16c96ceb73ef0b4ea476a9
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c111bf8421ba681e6a4ea5e498d459d1f37e89544af26734f1cca85cc30ff06
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
3d8693cddca8ef95b6b06ab98ad4ae68d7c7a30aa8d781e418c28b84bfcca7cd
3da7daeb348e147594792a28e2766e204d3123c4dc79432c78fe654dcb26ced8
3e9e01354478cafbb69fea2c888c0d78a467f5fa137b6c51bde283bfd2a234cc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eb71df93b7cebcdf5b0cfb6e19a5bf76aa0498303b6924a326182f0f5112948
3ee631c3f6b123d42207c89e8e6d8a31cfc857829f5c9104f923e759bed3afd3
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
409bec5f9ae32c1c8e12043afad0f0c0ef9c9057dc4cd64e04c6e90e02ad083e
4182666b867c3a3a51a46d83c47655c8b6371ac57666a87d998e06bf4387771b
420643ecb93acc621299cc1676638c51bae2f11498301a1aa96ed4cd4ec80056
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
45487612f3817d95cfcd0d0555734168dedf00e8e1832cfb39ea327ec23cf3c2
454f1b58ed74d45febd1bc926050f98145593ca8c15917f84ba3e8adb3977ccb
4663fbcb6ece2376df5b0057eb81ef062d13997e5c556146e3eb2b0d918044f4
468bd6764eff264452e2cd22f06d3ccb569941caceff828cd1bc0374a4774eff
46b048b983905049aa879341b18e8b731fd1094860c2fd0b7d46a0798da39417
4788aa41e5c2baf4838e97c2be52a34ff91e535da3d352847ae0d3c1ec9cdcb3
47f939d447b1f96bd45972df4f933992f168f2a4d34d981a225023cc0559f37b
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4998c74ff02ea8b3a61f9859f1224bfd9dccb639a9726e933428a5fbf90cd405
49f9c7248bcacd2ce1f629f69e7a7c83e0549677f179aee7fe0fbc375438252a
4a059ea4926328e48d91cae16a2f7d34c3a8cd7248c4eaa44cb6f52ff00d1763
4b8b57482dc1388a35edd1d44221fed0bf18ec4248a9b101ec2e8df01192b708
4cf0498d6f16d928751dae8b235dab5e250f65d561f43e2dc20d982efac6016f
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4db03aa022984d6d1aaf8d974052e001563b598b2d5431c88f463b3ac0cc5b9e
4dc1d1b418bfb18f455005f0eb43c89dae82cf1280af88b91d8933f26b9d6361
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e1e3534cd3dc977db196bf47b9c20924218aa39a5db8181261b4429f40b56bb
4e82f7358ecdf8b9b7bd1ba09b899071aa026dd07192dee4bb1c3ad9c29b1cfd
4e937e6636b7dda33402ca7899484227e744ab126566bae037c6195f5aab0478
4f3b9c5ea9ef7455c059addb4e3611cd087b70091fb2bcdb46f8c295334de9a7
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fb768542d08fc59e0564e5caf6ba0ea254588001bc4b78e52147ddac7e60972
4ff74492a820e9959aaa54aa9fb84c2bf338038c76f41db4d7c81b3fe5ba942e
5053fd24623763276d63f41fc2f6c4e65a3a4fd3d55ed383e95d8a15a8e62996
5074fade910f40c6d3d087a1ec63ff87eabf176ef237e406657ba7a3600412fc
514cc5597f0501916af66e54fc446da3d134a936f55295b408b73234799bc1fd
515256187aef2bd5da6fda3ee25e54a53fe2520bd375a692eb62c9226d793bf6
5158a4f31c9c535fc4f6ff4b35387850fa211dd6e7fb84ca52cec739a82c1bff
5195742b5ef26f87ce37381c7aaf211c2679755961206aea2eae5097a108df17
51bb5424ac5dc34ffb15ebf3c46c064a2d72efb7791a15598367a14c95933fe9
51efa64739a62d888b20194381ef1a14eef553dd303829181021f9ef781c308d
51f2c4f64b90c4ab7373996bb4fbe847ac17813c6dca8eceb66ee2f82eb07a5b
52b651ec0b12dbeee0b4a867db39d362320383c372b7f02fc58eff1f54bca16f
53123902e82d3866b54be6c77545d856b9a2ba7ca1a07f31d6b4181dd2ccfd1e
5368514f7f9a9efc7b4cf729244550cd5f2a97486cbc716efbdca256ba170f77
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
573f0be502559eb5ef349ede1ac802407cd2228da8e136ab2cce5d86b9d20f6e
5912bf0e78a35dc4840b4ce5e5c739ff7f62c216ac6564f17969921e9edb0ebb
59563301bce57390efe2bba55a186c611fac7ff708e771ec0cd8b959970732b9
5ad74d61563c99368b518f7d5ac4d8165f6be7c2a6a5d3026bfd95cbb2add80c
5b03de173c6e0b673d00c0408ef34b0b01ebd58aba228c13cf111bae2149dbd2
5b424693fcd3201cd4c6b09ec49c7ef431ec826db6b8a3558c55c0e6800312b4
5bd5c81ed2892e35e7b6f4fb3809e3539610c1a23c21d93cadaf9385492d8089
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d7fcc6fcc8f7cad5e4057c7add47caf4bf89bf5368158fe7a7285c0f63a1733
5de1d1b3bb2946f6e2a697ff3c94d88f9bc4622c34cb7945ff348314fe703c0f
6034ef66d58adbe1313bfe3cc17a0afd15316cedb10e75b6b4efe39df03519b4
610a427b4b6da16af92fa70bc4ebc4bc85ab2fbfc59bfea7d01a58e78412c88a
618442dd4bbea7d6a3dd92289773ab6b09f2fc42d3a740dcfe54ef3487bfd7ec
61a75b3f52d74dbd7be2122848d0b7c97c8a26656ba24db2bb3d6fa88a8e7342
62bd6969eaf7d4b12f45d086623a97ff1edacd912a77a514bc9a1b8a4640a46c
62ef3f35e05829f05a938328c077400b7937140e4936d00dae1a68efd878656f
637d414442545af9528d885e9a00356bbc0466ed608d80b9cb2a6220d5f648b0
6408adda93d4b9b6da67a997e9415fd6b15131db8a8fc290633a42235bcdc8bc
6509fc300d5da31fac0a3f658bad6a07ff2aa4095be874d8e096b783a40169bb
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
6601e3aee2be03fcc65c194fcc9e492a76b111bd9dddfa87dd9f039c7b9ae655
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67904ff0c4ac70c6c6d20f4b91a1047b396a0b5683c6f6550c6706a08a344178
67a2326a52adf037c12e7c296101fcd3361463ae815e6603e674bb055f097142
67ecae2176c57750a105c28037d326728f7a60ccbd7214d3fb6a12571c7e01ff
68cbc4442c158a51bf273df0a099fee7a6e98ea0d81cda9256d3052b26f103a4
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
695ce10188e5306fcbf679b7cc125b6eac681d124a85a5908bbd8d0079a47e9a
6963af239ecfb1f9722ba86fe3456a19c1d64a995295b3f3b220f5c8c22ef13a
6ab8da720d07fe4cb6ff1307d2f8663d410bd72a13f1d70150e3b8b951c4654a
6ac92e70058c44e5a5dee833057b97874cfa406a163fbd0079e885730eef0179
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b2612c718234da702ea006e4927c721f4eb073a6c82d1e59906d0f49d748f3e
6b746405edc5c79f4b40f8392d475bf2cf4023e2c6ca60cee9324941bec30019
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cc7182c107a7e7fba05121efc87fc19f24191cd77e3adae71a22b1a40755d81
6db0db45a211f4a6d9bba32c50d6c208ec95a0601927791de0eb9dad4dc90683
6dd9dc02e883c609cfdcf09de45bcb001f9f47a57496ff8fe082d745906c41af
6e403e2d554aa481361609012af929dcbc5b8f4a531561905a743b548735ff1f
6edae227c579f6d6138d0d46cb5c00646985582aa9d34d59b5e0ff75a836d505
706d83ce071408e15bed000798a035a355cad0ca200f014a8c0e1c93ca4e7767
709a5591dae1de6c53336d06b7193199505efb7f8a07acc4b61f193427d7c84f
71a2d4d17fa341504b931b8e2ac60bff5d53f81871a965b1e10925a76bfbe48f
7200187b2f513d8e5958491d82f4c6b8adaa548c2e718af1277756cd6bf43438
72280a56f563c583ed3411579aa1cbf6f3f7b81a52d0d1ed1f68b609147414ad
724cbce1a1c2578fb46d5f9a1400d76654cc184064a793508134372bcdbb7ec3
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
7289709ae46707bed0ee806280f219e63afaa5602ca8f1d5dd88a5b22b9c9010
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229
73271f83e0d89e09da51434a964dde15ced7b91331f3b96357eb05ee81a85567
732cde5447c457c1d068340db6b2c5ea8c8aa2e3580b52d5ddd2b6b70df80487
737a3cbde3a00573fbf4f8c5f64861a10cbbed6ddfb6317c8e9b2efc6c38bf7d
73f2ca310ea243effe01df47375783b630646fff06c885ef9e8a818d49b03454
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
74451338e2c54133271452ebaf00ae652c31526b939675ff0af90678827a2e28
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7544b5fa99487bcaca11c7f6904a6c0d693df80a986e7fd4b99a35505d4a8ac0
76c3204c16180551c6575195c88969110daa632706c71fbfa154e5c2024b7022
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2
77a2a2da3462a92e5d25f6d22a4b8a5abd9ecdb57f1769a644a2788f861d254f
7838acd6a8bd0836972523ffbe20c9745d03b07d89968d9cc9bc57f46e567895
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
790af3ee5382e0055bf2b561b46957daeeab4c9720a406f8011db7e8d08aefb4
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7a542f4a9339c46375dc651de903e3ede596f04c48cb061c292bc2e75052d06d
7a591f4319432694f7856ed068d5cbc848aa46b72209c87afcab79d80f8c67cd
7abdd47254800f35ffef0fc434fa7fcf432e13651b27670b2e6f8e08143d4b00
7b32af52876ce17886b034fd38bb3ac3c5037523ab2e7198b4b43decf65be408
7ca703a20171d4d4440daefb529292d7720e3bb2b0aa1aa6d797228bcd3b762c
7e19eba3c8b38c55a49607c4e99341b0f5941dbdd03f702f927c73387aa92ed1
7e323abec7f395e7328c60a9e34e43ccdb4940262362d7cd0999f65a7f8daf16
7e5d71bf37926539e1b55691822f0e5e02304f73ba99d3cede0ffa2c1f3d5324
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7ffa645ef842062bcbf4a9cbe8ad089b24fd8e4677be19f28ef363409460922f
80254c5d2966b83ca375d8ffcc626d1ba39dcc6e4e3653218a92a37c14b09d57
802f9d6af32ade3a6f07a782c8fe649c58385c3c85a61dc0507abfc5f211821f
80a54b365af151b67e637a67cd7b1cf388653aa8971669380da749442c69cfa9
80e1dff4e7d1df23d82a08e2e30e2d37d7695b6a96c6f4553f7dc367ec9205c4
817f24491ee782887a93ac57e51e2d055224b2b47259664675cf59c80491510b
81d9a567b6d4a27c0ede6829ff56307a3522d28394418e31bcaa53eae310c995
831eaf6f1c288f766382de0ff923046ec00f3e7346af39b1849c0630203215ec
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
836ab705526221b8f0c5006c7e16a6cd4a26eb9e1c1533e73520e82fad6b2c43
837ff30ab885bbd308d80aa091da1b292265376efa0582db599cc3d0b4fcad31
83af3eed9bc9713193f2ad86f6214e2554ec29f8022e054dcf696a10d59ff9d2
83c0617525366a4c29fe5a998aaf4bbf72d3aa1dc2f48f032b5ab719ef171e33
844c08aa7055085454093624a5030ff7432450add861ebaff60b4cef759d8f28
846339e8fd4f5615b523b1b65423fa2cee96e43d63398c9e2470b4160129723e
846cfb597e4a8cd07d60d48198b5d71b608575add0702073e61452d5d05464b6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
86efdef3bf366b1dc2ece37d5e9495613882c35eddad9df966f77cf25c1ed914
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
8745f08ab7e1f2986c6a6c6fe710f5f3289f05d8ea6f5a935630de85fae14db4
8838c15a093042dda8446ae18d93db16218d1c8810dae5cfa21e0e889dc0ec68
88522cca257c7b55886862e9549236b005c2fcbb1246bcd986621476739c2127
88749e1046b7c581e4cf3b693d5662da7ff482b195e561688c843c0890ee95bb
8910eda6921f46c9c05c0b9ec5a1700b07db92583767107dabef4e4b498b3df9
892481627b04c76730adbc4f35801fb327d86237ae6237c037dd4b6504ad1834
8941f55ce38f172b17086023856f60ef45f68b1abcec4db60b88a3ef16d695b1
89a3f1faa1fc642771515952c5434e58f0b983a4eb0297f3120a15c91901909a
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a09ac31a67065c84917aa611d21c8258a2140b9f759d21ca0fae38af7b5c287
8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e
8c5e20112f6cd0712afa8d8fcefa232ccf777918fc915e9a9e32b7993b29f430
8c9491df289fd37795d7cc1038afc56611023961184d8c095837adb593a5aa14
8cbe9bda008b0507a0076c7dd3b03c6074bd4d48817234e897cb9940581947a5
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8cd7f685a9830171c88699be19ea24172ecc7c4d78c816bf0b30af06c21c690d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e58a86fb73eafe94682b7f64bc34cb6df640779141f97804768b0dbc73dbc9b
8e60f604f0ca5f472149b3e3a02c184ae1082ad59b54ce7eb26c1b6ff51ccfc4
8eb55a5a836670be78c05907572caf0901b0f7f627f4af90e3949eec45a0cd76
903064921db670aa11375e08bf10fd18296b6bbe8e86496d89e3f1160b3d43ac
909a289a6071fbbd5c13c9cab985f7bb6b12cf0c9dbcf112b967682d0a5cce7c
90f38fa2c7302d04056afb97c9c2e779f08b8c01ec2b5407d250e393a8f069cb
917b81a2558d11812dd8efd03f131c925e7142ee6d262c701c66c3f97450a491
932c66bf18c66b833a7ce49f34acab64a28673352241ca7053618fa07f31663c
947094990b0286fc70c9929451b6e53672176eca58423f3cf5575a3e5ab903a9
94f2d998919340c0c7393bb4e8a41e58741417d9329255e39674a94a57d75729
958d46af4272fd75603fbcd0680896efbe73e2609987de68b0665500e607a6d5
95c053147d91937015a02b47a68b61283011b1fd2aaffec4b166b466c5a93cbc
95c423bf8171e23d66d1b74a7f5bd90ad1806e8a3bea717280f9d71577389230
9668c68366824daa2560f50f5d7adff24f57898da99e096f6c8d571ab9cefed0
96d6cf72c977b8465ce4a8dfc1db34cbac31e01f3f94cf2bde327c08e98a3648
97437ddda31de1d9582d9959a3eac685b57e88c061945e8b61624656cff97a25
97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46
97c4049e4693d80234ca02c53b4dd15ce3c5f9239ca2cee32909a6a02f2e9511
984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7
9863c7532e26b3e9a2e1ac1d7ee7d96bc03db512a2af9174aa5c1d07046376cd
986aad8897c676d490c46f0b03f18459b9e6fd31d3ede1f0886da9a66534cfa1
9896a3293f2ce6362746377e61d7e83fd04fc6602af098f64ec4d4dacb0657ad
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
99a6e7e8525e31082d65aec2c452238eeaa7197141314bda490c70fe7c822a5c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ab5e5775a3716a887510d73cd49eaf0e526494b4195c6dc4b6ecdedeb22de62
9bccc8819bd7821140ca478a8e4b97c8d3690a7aa9cdf3c42f7a750045589421
9c43cba006e461f4da246854d7d069671a30eb6be16ae52b62dcb09df886a2cb
9ccc9714fd4c1a6a0bb7c531cac3bc1264568b78f5205066889808c339771521
9cd3c75804e2ae8052ed78d37fddf681f2ad49472b276cca4cc6bad29b356425
9d6f2fc160a880bae98880a5534a797eca34e94a7af2d79229a3480be8cce870
9df853e81b2edecdbf0ddbf8e650226d1f698be56e243fa82ba3413f6ef0ca4d
9e000e7805a03b275608d64f0ee40fc1140ea80bcb3daa6bc9a5406dd107f9d0
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
9f90b1d6f886480f7a961aa071ac28fc98a8a7347812f0acd5b2d3c7a51215b8
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0cb3f2818e372b9be6fcb696542290272c717b16979e023cee991ac56889d62
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1dce8675b1d4112cccf82d715db0d58289d2709a19910bc91bbfb356867cb03
a1f83e9fba03728f15ed3378e7510ca4168cdd47a193061c957e70f248f3b27f
a21f6f5f7c47bf542d9f7b13bd15dfa0b4694d2db35c0eeb939935a3216c6fe7
a3930c59a0de8f6716415416a01a3ef8ea72e4df5f9145d39f19164db53658d2
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e5a5c39be306c635d491912a54940830f24a3bfe31d321c031004035884d26
a572e976a54f59c0426d02f1bf23fb4b0b711132e1b7d377b8087aefc0230569
a5b40ab15c9b4fd99052ca5af37ce22f2379f8d2722d8e64f41bb3dc5389c75d
a6a1f1f8b7123f3df0bd479f657c951c6dfd5e3c9c22b0bf897efea3e97b214e
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a89adf784f7d54cd1d3f7e34a7b3d200eaf57abcb3cd8f0e418a0462c7ecf19a
aa61101654955533172174acee2c1630beb0201da906f750740320d985039ab3
aa79b84bd70e1ff4b0960cf83dc05b1b58e48c3671150186ad73c82b5df31dcd
ab0bd339a2bb4364ba2966bb9274e9845df3eee8b6ea37e4967e5cd010f7304f
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ab8a2802bf3879ac0b6dae1c03b2adc6706750c2ceb633fbc20462f015385ea4
ac0bd9ccf76dab801b622a469ce0fd0959a1b359f3eae79c0c8d816285014ea2
ac78a10789ce36d8ac70037de52ea213a4aca8de7595f039c1961525717df5d0
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad1e6142ee4942d81f5db672be8ecbe0a3252751e92ee31d1167426fcb3b3f9b
aea40ee29d20a605d1700651de80f47ac7741dfc4b2074817f7a2c222b766e90
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af4656ff22c9e73a1c4cb5dfd6cbd7a725c1bebb06b8817bd09c7c2ecc91650d
afc9dbc00248a190b1598bc33732f6151e3cd2569aa15ecb5fafe2b4a34f2bda
b0a6edbce214b6e95daf7e93848732e2ce9e209f2d48dcce5a2962885c489384
b0b8992bcfb8da2a9e51764ee7c7d4705fa88a1df4f5d46f10cb3713dae0065a
b0c1f37aea0070615b1a788c82137a9a844508960217eee3990e77fe1498e6d5
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b2f63edf41c2dd793b54f1a0c1c35bc5ea6da64b77c7fe9e322151489a5a7a98
b42a34c9060e736fc7c941400a69fbd4be5441f6cbed8018eccbb5ba0d0054ae
b459607bb7efdc1c777bd357a45f72b10e16b20f1e5632dd10eb9d5781adb9be
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b4d227fc02e20acc5fe46199f6f0f1333190dc5e24822679fb2d19bb6962b3de
b5bc6ae7f2e3a467118afe44d22cf308e4950382a2f8514fc4e4775e6137639b
b70a2e8691e6a71a2a41f52c0ce2140b420fe995fbfa64d1727e8d4255dc5ebf
b796165ed3148a5530acf9ab582506a9c43f81c62aba9ac6c57c3bd8c5662e97
b7bb77c311cf88e0d0dad0bec5d5bc03e41394f92724a91750d387ba558d9e19
b893356e07a4c625453e4896b24f86d2144c9a7228221fc138719049e039dd60
b943ac9eb37bac5937d3fdec8a4295e7e330f8c1ff4b481fb2810d3ae4bca8dd
b96e68dd88ef88d00c41a0e6322dcfdbacf5bd30508405278376ae97fcf889a6
ba1ab31c0baa328a01132704ed3c7f669e8e92485a64517ae1b0cc3ecb67029e
ba285a6c4b8006b2d95e1ebd8e05f1b53030179ef2ec02fdf349a4caff7d8938
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bdb20f234b74de6b619f498caa506ecc2e9e1e39fed98d59c6d0a30ebaa7723c
bde381fcf6a08739f9741449955410c48d311960224876fb309ff3a756b61493
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
bf6961f0eaa23456720fd5ac71dd70aeb468a5fafa4b4a7372027c924dbf5f8d
c10980b914bf7d7f932f3c2b801203b7712b8aa4a7bfd161c77d58a13859c139
c1110b1518b3a57618a438245bc322c16fe1a1e9d2e3b97929ca20d76b7bdaab
c145340c60400acb9f4de271d0b14728863e8808ddfdd8d7f53c923b54d6aff9
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c41b05bc76f39b7e6f53985419b24a7894ed8a4cf8cdff3092af03f71477dd04
c4e31fe511dbace58d8919d22f8abcfa241e19d85a32f473af8c2633795d0cff
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c9cb94b7e1647f7f23e5928a1d54d9f17be0931ef8545ad38e7476a97940da87
c9eea1b694f6cefdb979aa9f57be5abe565d198ec9a60b7911d5726486409555
ca0d58f9456f1f20979712848b65b0311c245676094d710c2b274136b9ea5170
ca111e34edd206852e0d65ac8fafc269e4ae722cd3766943cedf57d5a385ad52
cbdcf54f5d42211db2ab2b2381c1d1334c2db619602f74f82848e21614a419e1
cc267b6ba6c4578259b191cf5f23abbba37c69721ebd60389bddd574bd0a2579
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd22c397f04eb61e3e9ad14b6149f294e4b8ae69b74b2140b237a31b26c99275
cd596b89160f57911ac5c63cf77f0a1c66bca24f96fd1760d640f296329014e1
cdc269f3acfe8628f8868a3c59f97084877f263578b117e90e93ffd62518764a
cdccc07af4d0fea744c71669667210b49c44079fbe8c14ff7270bede83c83bb6
cde656a12f1ed0da35a8dd07f29c366ac443fc6f12239869036f0f776440d08d
cec138acc9569695becc1075e8fc70edeafe1f2ea124ffdc2ba7e2648f33f292
cf176d3ca578ff933382af1d53e31f4ea489f6fb170b4f9428c191d84bfc55c9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d155e549e3c9e8a150bab1d9183352ca07d308d8db4e711a80e553df70450ad4
d2356e61091c8a28c9672a0f7bf0743bbff03d240950c72a714ff3e18b4a8742
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d373af1af4166280bf539db501154833cb695142d31b2d969f024e6749fea4fc
d4b3cc9023f3c8daabacc14c13478f50076e849e3657e31edb32b0fa70210f1f
d4bedc56dfbdc79492c1f85a37c069a4e817d6efb7591cd7b87616636c6cbfd9
d59d44534b47f73fe8b5b5c463f3ef53b22b3bd47816b8083e560cb1c8dab990
d64fcf3d7439beb92086ade76b81a353e72f4293fd0bdfcdc140fff05a7688f1
d6c1a2f9215ebefb6d1860b25295492273b42b2c9dde336ea04bf0687d020ad6
d74a21c1ddcf76e1a3f17146847284b109ce428d6fa7a84ada044dcd0d195dd1
d74ae3de04d8c55302d3ec3c4113bc5ffa32ea11040b56bc1e4ac3e6ee1cff56
d77ba1508c7261da2ddeaaa98c7596cdf467aed4e0b68914d597316eb939e963
d8690f36fe580430c8a28b6006fde816dee9aa330ac93ce8e23af15537763f10
d89ddf30ec7c8687516d93e8cdcdd2b892d47e6fd7cd166cdb839283203edf5f
d8bb62feaca29c6331af00715eb59493562b5213706522a97cd6ada5e8316313
da30cd9898ddf2651fcd39478f65313a7d10e5fa824d81203ca5aec839b540c9
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
da66c7f365019f52169e77ecea62d44c64ee9100d9c8e294a17e7f61f7467fa8
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dbd5e5c6f492cb57725acb0285b903b83c24dfe4337eea573ff6e6168733156a
dd5b09d87bacd6639d48f38a2a374d8931143247796ff22a98305f51768e137c
de1d71710ebc6ffb20b84b7d507ecd8bb524210aa4d184cf139b16965cfd6911
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de740dfbf446e1e7877ff5efc5f341734505ba9ba51d742027003716056f8f73
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185
e0ed4b80efbb81a92a82a727735aa23cd0e64ba7f8fe99507b31154f3042b9ba
e10667a93b0cb2e23efa1f03b79c612419f7515fce81b9a968dfbae5d454481a
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e23f902d6e4516d77eb8bf9a88b89a790dc646af511cfd26f75768a77ef4c029
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bf4936fbf82a51c0dbd4b478287e19915d0c3dd2ef15d32042b360bd7365f6
e500e478c9c3073f1d08c18e6d2aa0737ea56fe5d149e0d643107aaf1c43c4da
e501ed997f22eb67b34ec2b72799937179fa2a211678c88539bdca0b66ee5a45
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
e7916e26498bf49c4bfc2a1b8351b43cbe67a2965d3fb0046eb438cd7d139a21
e7fd91bdcbf604d107007b4a7cf73579068b35b701def3721908e285d73c2c36
e8ae68a17c57a751288a12f79c49da833531c5a8bf7764b0f8c30a2897e1af10
e95177b92790416765eb4bdd0bb90b724c90e7fd72aa4255be97a3a246383526
e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba
e97f0915bc0167c1d4ed42614c00dbe4dcbf184d25758d4bb884e7cbca4bf5df
eaea2958487176ec1524ecc1a04eda2977455e35c62836a29687a3c8cc842bb2
eb3c357495544d7c72902c3f08d90f086d358969fa2d8656eef048b325c619b6
ed15ed8e9eecce711a4a56a736c346cd82a73c520dbdf5f8060f46d735962353
ed6cc3e4d411248d84eed9acc1d13ad3fd98396734464cf07173588aeb9d02aa
eea4c76ed6cc7bb2bd1c4fd6146114b8f2a3901b078e51746eff6124b1aef2ca
eec3858c10015aa48ad6b41699da545031b26063661a970c168b46d8312c551b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb4ee9d952dfc92350440acada2536d7246f1ad576e20ac4f0fdffb3cce081c
effdb42581d0ff03e56f43d6a62d50267ba1087d9ba84e7d6214dfed9d0986ca
f06f508e5643d1fe08170ba3a541e92c6ded761d292df9b600109a163f51e49c
f0b4fe10b76015de9004e6dc22e8791f7d2dc251e00e02b00a365dfc4fa83945
f1284bd89f02e092c5dade10cdc853d3f572964f6bb2960cd6e3a6a6e04ea373
f1ba5ca9ae3eebdc575cda57fbce8793068707ae93cc750abab1216e8d36fa5d
f1ccdf09adebe92ab445c323413d4d59dcdfba58ac9c9e51fabe63e0b17ce11a
f1f421d21e296096c7938237a3164834899e3ea35867e6d2274fd249a9b3c5a7
f24a6a7d78e4a99caf119573507d8ccd650d0919ad9c647441b86d10dc1c8f85
f2f11e4d45030f1f21ec7d3ae67a65b83c4c67016fe861fbebdff04ca0c8cd60
f3b402482a4e5307d324fd07d7b20e07cd893913ef816adbe9213079b617fc4b
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f52c267b1d211b721bac434b3922339d68451d4e48f0085a4cdda3d415066123
f595aad54b0770323cfc1a7b544d992ab6dea7a85ab698712243913f53bfbfbc
f6ceb15916d30de858e8421153406106d460b029f0a5fc14153539c410d4bf91
f6cfaf3fd482204c13251e3e85a47b078726e23d10e6ef7d7957a64ae69fcc0b
f85352e80d1f49f87680fdbe10256f58f6113e8cebf724653878e3168812c844
f8931fb54a893eb8399cb625262171e4dee6a7c74f8fb7e7db94fffb015872e7
fa1b996f995650f284fe656d02eed6c3c91fa5e63499b6fa1a0715f945e62d71
fa477d40d51f7c7e4c9c8c2b6ea56937d87cf16c3e3a9e7f58a8359d36f730c5
fa5d5795a68772af43db8edbe4a8bb19871ff4b0e5baa5dbfcf3300decbefb92
fae15250c020a98cd1e28cb1db970dd8116a80e43f395fff1f2f8530d808e869
fb6e95966333e927df9ab6e3286310ce0919429e299800fe10e21a564a1db022
fb7e70becd9b9f29c4afe8b2b82eef24739e120c0abafc812e24c8362657f37d
fbf1090e91d4df14521c1ff28fdcdc604d28abb8cb7b508bf8b9e318c82fb9b4
fd1b66bc123fb56b869fc687bdd1fd077b7a4b375dc326c2b00dd1d1b2d46b51
fd6de22bea23412c07dea5014cb261e95a237556c30b6f3ec0a032d787faf0c9
ff6148c387eccc3429992beeec33ddd0a4608155c89e97f55da8c55aa303dc5f