urlscan.io logo urlscan.io
SecurityTrails logo

www.investigativepost.org Open in urlscan Pro
72.52.164.200  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.investigativepost.com/
Effective URL: https://www.investigativepost.org/
Submission: On July 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 5 countries across 20 domains to perform 74 HTTP transactions. The main IP is 72.52.164.200, located in United States and belongs to LIQUIDWEB, US. The main domain is www.investigativepost.org.
TLS certificate: Issued by R11 on June 16th 2024. Valid for: 3 months.
This is the only time www.investigativepost.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.33.251.168 16509 (AMAZON-02)
22 72.52.164.200 32244 (LIQUIDWEB)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 37.252.171.21 29990 (ASN-APPNEX)
2 18.172.112.8 16509 (AMAZON-02)
2 16.182.66.216 16509 (AMAZON-02)
5 104.17.111.223 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 23.67.131.235 16625 (AKAMAI-AS)
1 18.239.94.121 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
7 172.217.23.110 15169 (GOOGLE)
1 3.165.206.67 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.227 15169 (GOOGLE)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 172.67.159.162 13335 (CLOUDFLAR...)
2 162.19.96.13 16276 (OVH)
1 104.16.160.145 13335 (CLOUDFLAR...)
74 23
1    3.33.251.168 (United States)

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com
www.investigativepost.com
22    72.52.164.200 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host.hostdogdimeservers.com
www.investigativepost.org
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:10::ac43:209f (United States)

ASN13335 (CLOUDFLARENET, US)
widgets.givebutter.com
2    37.252.171.21 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
2    18.172.112.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-8.fra60.r.cloudfront.net
cdn-images.mailchimp.com
2    16.182.66.216 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
5    104.17.111.223 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
img.onesignal.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    23.67.131.235 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-67-131-235.deploy.static.akamaitechnologies.com
chimpstatic.com
1    18.239.94.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-94-121.ams1.r.cloudfront.net
static.hotjar.com
8    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube-nocookie.com
7    172.217.23.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f14.1e100.net
www.youtube-nocookie.com
1    3.165.206.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-165-206-67.vie50.r.cloudfront.net
script.hotjar.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net
www.google.de
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2606:4700:10::6814:25da (United States)

ASN13335 (CLOUDFLARENET, US)
givebutter.com
1    172.67.159.162 (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.mrf.io
2    162.19.96.13 (Paris, France)

ASN16276 (OVH, FR)
PTR: haproxy04.cl13.ovh.mrf.io
events.newsroom.bi
1    104.16.160.145 (None, )

ASN13335 (CLOUDFLARENET, US)
onesignal.com
Apex Domain
Subdomains		 Transfer
22 investigativepost.org
www.investigativepost.org
2 MB
15 youtube-nocookie.com
www.youtube-nocookie.com — Cisco Umbrella Rank: 4316
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 5708
onesignal.com — Cisco Umbrella Rank: 1415
img.onesignal.com — Cisco Umbrella Rank: 8171
90 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
371 KB
2 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 7639
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
3 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1335
script.hotjar.com — Cisco Umbrella Rank: 2017
60 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
74 KB
2 amazonaws.com
s3.amazonaws.com
140 KB
2 mailchimp.com
cdn-images.mailchimp.com — Cisco Umbrella Rank: 14304
2 KB
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 764
2 KB
2 givebutter.com
widgets.givebutter.com — Cisco Umbrella Rank: 190725
givebutter.com — Cisco Umbrella Rank: 125596
330 KB
1 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 10021
43 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3123
1 google.de
www.google.de — Cisco Umbrella Rank: 6716
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
252 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3773
1 chimpstatic.com
chimpstatic.com — Cisco Umbrella Rank: 9111
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
1 investigativepost.com
www.investigativepost.com
321 B
74 20
Domain Requested by
22 www.investigativepost.org www.investigativepost.org
15 www.youtube-nocookie.com www.investigativepost.org
4 www.googletagmanager.com www.investigativepost.org
www.googletagmanager.com
3 onesignal.com cdn.onesignal.com
2 events.newsroom.bi sdk.mrf.io
2 www.facebook.com www.investigativepost.org
2 connect.facebook.net www.investigativepost.org
connect.facebook.net
2 cdn.onesignal.com www.investigativepost.org
cdn.onesignal.com
2 s3.amazonaws.com www.investigativepost.org
2 cdn-images.mailchimp.com www.investigativepost.org
2 secure.adnxs.com 1 redirects www.investigativepost.org
1 img.onesignal.com www.investigativepost.org
1 sdk.mrf.io www.investigativepost.org
1 givebutter.com widgets.givebutter.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.google.de www.investigativepost.org
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com www.investigativepost.org
1 chimpstatic.com www.investigativepost.org
1 widgets.givebutter.com www.investigativepost.org
1 fonts.googleapis.com www.investigativepost.org
1 www.investigativepost.com 1 redirects
74 24

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.youtube.com
www.instagram.com
Subject Issuer Validity Valid
*.investigativepost.org
R11		 2024-06-16 -
2024-09-14		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
widgets.givebutter.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
cdn-images.mailchimp.com
Amazon RSA 2048 M02		 2024-06-24 -
2025-07-22		 a year crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2024-05-25 -
2025-05-02		 a year crt.sh
onesignal.com
GTS CA 1P5		 2024-05-31 -
2024-08-29		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-01 -
2024-07-30		 3 months crt.sh
wildcardsan.us15.list-manage.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-06-28 -
2025-06-28		 a year crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
*.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.google.de
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
givebutter.com
E6		 2024-07-06 -
2024-10-04		 3 months crt.sh
sdk.mrf.io
E1		 2024-05-25 -
2024-08-23		 3 months crt.sh
ssl03.cert.cl13.k8s.mrf.io
E6		 2024-06-18 -
2024-09-16		 3 months crt.sh

This page contains 21 frames:

Primary Page: https://www.investigativepost.org/
Frame ID: 7B52F7C62ADD8BED08B1DCBE940E78B4
Requests: 54 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/fXZoDfS7M1c?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Frame ID: 243045C4C3A4C4375F11E2C752D0717A
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/lnrMw0s2ZdE?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Frame ID: 15F92784549D41D06EEA6DB774A9C3B1
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/-iGmU478R3g?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Frame ID: 131A4B0089907432BA522E5F69C095F9
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/fXZoDfS7M1c?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Frame ID: 23759CC6565D4E73246C788DEAC0A079
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/lnrMw0s2ZdE?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Frame ID: 76243E205DDAE634FBAADEA57459340D
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/-iGmU478R3g?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Frame ID: 52D07322F2422B32407FD2C31C2FD4A1
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/iak2wDalRho?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Frame ID: 235D79D0B7481CA8A7FBCBF3B348B917
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/IHq-PdFMPUE?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Frame ID: BA4C9E719881FE3496E69A9FBBF95B57
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/fXZoDfS7M1c?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Frame ID: 6E4A70B35CE021BBAA2CD4E463ED6C19
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/lnrMw0s2ZdE?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Frame ID: 295B3140844F7C05E009DEC89B45A17E
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/-iGmU478R3g?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Frame ID: 4AC3BD9DE3C678CF7F05D6450D46B3D4
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/iak2wDalRho?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Frame ID: C3264C282FEA9F16FEA054B42392D81C
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/IHq-PdFMPUE?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Frame ID: 1A5177979C910103E27B0A4696854D67
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/fXZoDfS7M1c?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Frame ID: 796341A57D57173C6F61959727C92A38
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/lnrMw0s2ZdE?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Frame ID: 3EAAA8A11C1ACF8A3BD10994974DC0B6
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/-iGmU478R3g?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Frame ID: 38E7FC1483FB92D21C8538A9C71B7643
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/-iGmU478R3g?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Frame ID: AD5F477123682749F87DE3107A628149
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/iak2wDalRho?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Frame ID: 59ED3D79A379B565D11EE0AEAF012CF3
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/IHq-PdFMPUE?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Frame ID: A2CB8E03EE7FE9EC06E2C4A5AE19F77C
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/_LJi6xb7icE?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&autoplay=0
Frame ID: E11DA45BEF57A498A8F40E1500C26A32
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Investigative Post - Jim Heaney Editor & Executive Director, Buffalo & WNY Investigative Reporting Center : Investigative Post

Page URL History Show full URLs

  1. https://www.investigativepost.com/ HTTP 301
    http://www.investigativepost.org/ HTTP 307
    https://www.investigativepost.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • s3\.amazonaws\.com/downloads\.mailchimp\.com/js/mc-validate\.js
  • cdn-images\.mailchimp\.com/[^>]*\.css
  • chimpstatic\.com/mcjs-connected
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com

Page Statistics

74
Requests

92 %
HTTPS

39 %
IPv6

20
Domains

24
Subdomains

23
IPs

5
Countries

3384 kB
Transfer

5864 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.investigativepost.com/ HTTP 301
    http://www.investigativepost.org/ HTTP 307
    https://www.investigativepost.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://secure.adnxs.com/seg?member_id=14146&add_code=&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fmember_id%3D14146%26add_code%3D%26t%3D1

74 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.investigativepost.org/
Redirect Chain
  • https://www.investigativepost.com/
  • http://www.investigativepost.org/
  • https://www.investigativepost.org/
78 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
e88e869dcf5ae9ccf0ac6e1f0ac40888b3490b2e7a3ccb058fb1d7952fa8ac60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
16475
content-type
text/html; charset=UTF-8
date
Mon, 22 Jul 2024 17:10:42 GMT
expires
Mon, 29 Oct 1923 20:30:00 GMT
last-modified
Mon, 22 Jul 2024 16:55:32 GMT
pragma
no-cache
referrer-policy
no-referrer
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
User-Agent,Accept-Encoding
x-content-type-options
nosniff
x-frame-options
sameorigin
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block

Redirect headers

Location
https://www.investigativepost.org/
Non-Authoritative-Reason
HttpsUpgrades
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Source+Serif+Pro:ital,wght@0,400;0,700;1,400&display=swap
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae8e5a7a6a539aef99394e63436fe6bc13418f92047f757b667f7f4ec7add844
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 Jul 2024 17:10:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 Jul 2024 17:10:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Jul 2024 17:10:42 GMT
4e65h.css
www.investigativepost.org/wp-content/cache/wpfc-minified/ee53vvfl/ 		764 B
435 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.investigativepost.org/wp-content/cache/wpfc-minified/ee53vvfl/4e65h.css
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
70aad76ee6355f9960fac56851e1986dca70a50c1468229ffc5ad4c232fabfd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 22 Jul 2024 17:10:42 GMT
x-permitted-cross-domain-policies
none
content-length
345
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 12 Mar 2024 17:01:51 GMT
server
Apache
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
expires
max-age=A10368000, public
4e65g.css
www.investigativepost.org/wp-content/cache/wpfc-minified/12gs92ip/ 		107 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.investigativepost.org/wp-content/cache/wpfc-minified/12gs92ip/4e65g.css
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
8ea6992a69a092e9ef8e2acfef3cc3042c51234e560af5b5faf0f9282260e7ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 22 Jul 2024 17:10:42 GMT
x-permitted-cross-domain-policies
none
content-length
14457
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 12 Mar 2024 17:01:50 GMT
server
Apache
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
expires
max-age=A10368000, public
4e65g.css
www.investigativepost.org/wp-content/cache/wpfc-minified/33crgzy1/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.investigativepost.org/wp-content/cache/wpfc-minified/33crgzy1/4e65g.css
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
534a913039d46018814e8de168eef7c676fa6f49981a6bdba43db65c4d54667a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 22 Jul 2024 17:10:42 GMT
x-permitted-cross-domain-policies
none
content-length
1037
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 12 Mar 2024 17:01:50 GMT
server
Apache
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
expires
max-age=A10368000, public
4e65h.js
www.investigativepost.org/wp-content/cache/wpfc-minified/err23nwe/ 		383 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.investigativepost.org/wp-content/cache/wpfc-minified/err23nwe/4e65h.js
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
8c4ad2663bdc21c51dc27f198c5e15ec17cd9533a1ecee730647ceb73d4ff3bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Tue, 12 Mar 2024 17:01:51 GMT
x-permitted-cross-domain-policies
none
date
Mon, 22 Jul 2024 17:10:42 GMT
server
Apache
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
x-xss-protection
1; mode=block
expires
max-age=A10368000, public
js
www.googletagmanager.com/gtag/ 		305 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=GT-TQSC4FR
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ddacfe9bf1254c9dc396794d6d32fbcf030075572f2615c350c166662141b7c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 17:10:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103560
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 22 Jul 2024 17:10:44 GMT
latest.umd.cjs
widgets.givebutter.com/ 		329 KB
330 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.givebutter.com/latest.umd.cjs?acct=quEm2xccccrRp5Wd&p=wordpress
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:209f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9f58f97fe02dd7d38ea19f9165864ada6f4f929e6c39d13c9a8630d31f5125f

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 17:10:44 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 09 Jul 2024 17:06:08 GMT
server
cloudflare
etag
"04e852039a2e891532965301e665031d"
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8a750bbedef46964-FRA
content-length
337027
4e65g.css
www.investigativepost.org/wp-content/cache/wpfc-minified/sug04v3/ 		299 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.investigativepost.org/wp-content/cache/wpfc-minified/sug04v3/4e65g.css
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
410f93ed697c705b2e74d43f77d721906602629d310e29248bdd018f299ced97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 22 Jul 2024 17:10:42 GMT
x-permitted-cross-domain-policies
none
content-length
50540
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 12 Mar 2024 17:01:50 GMT
server
Apache
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
expires
max-age=A10368000, public
investigative-post-logo-w-1.png
www.investigativepost.org/wp-content/uploads/2022/09/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.investigativepost.org/wp-content/uploads/2022/09/investigative-post-logo-w-1.png
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
22e23f380bbe5cc16ff8778e46406ad4380fde378fe70f20a8c0f43bfd2c64d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 22 Jul 2024 17:10:42 GMT
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Thu, 14 Dec 2023 22:32:25 GMT
x-permitted-cross-domain-policies
none
server
Apache
x-frame-options
sameorigin
vary
User-Agent
content-type
image/png
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
22057
x-xss-protection
1; mode=block
expires
max-age=A10368000, public
Urban-Affairs.jpg
www.investigativepost.org/wp-content/uploads/2022/08/ 		255 KB
256 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.investigativepost.org/wp-content/uploads/2022/08/Urban-Affairs.jpg
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
0222cfa0b9ade89be954ac5298b0ec90c7b02406952418b673061387ab1f3520
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 22 Jul 2024 17:10:42 GMT
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Thu, 14 Dec 2023 22:29:30 GMT
x-permitted-cross-domain-policies
none
server
Apache
x-frame-options
sameorigin
vary
User-Agent
content-type
image/jpeg
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
261570
x-xss-protection
1; mode=block
expires
max-age=A10368000, public
Economy.jpg
www.investigativepost.org/wp-content/uploads/2022/07/ 		369 KB
369 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.investigativepost.org/wp-content/uploads/2022/07/Economy.jpg
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
c80c3bafc87630abfec18f3b4c29131e0b759b4aa772c0e0a902397a79970631
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 22 Jul 2024 17:10:42 GMT
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Thu, 14 Dec 2023 22:32:51 GMT
x-permitted-cross-domain-policies
none
server
Apache
x-frame-options
sameorigin
vary
User-Agent
content-type
image/jpeg
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
378079
x-xss-protection
1; mode=block
expires
max-age=A10368000, public
Bills-Stadium.jpg
www.investigativepost.org/wp-content/uploads/2022/07/ 		392 KB
392 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.investigativepost.org/wp-content/uploads/2022/07/Bills-Stadium.jpg
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
787a4e34016fc54f36ddbca24149ed0cf0f7fc1393ca7cf23b555a818dd0a3a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 22 Jul 2024 17:10:44 GMT
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Thu, 14 Dec 2023 22:32:59 GMT
x-permitted-cross-domain-policies
none
server
Apache
x-frame-options
sameorigin
vary
User-Agent
content-type
image/jpeg
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
401400
x-xss-protection
1; mode=block
expires
max-age=A10368000, public
City-Hall.jpg
www.investigativepost.org/wp-content/uploads/2022/08/ 		354 KB
355 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.investigativepost.org/wp-content/uploads/2022/08/City-Hall.jpg
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
590f1b6e85d0d999a3134674324732b9998521cecca09146cad0ff09147f767e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 22 Jul 2024 17:10:44 GMT
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Thu, 14 Dec 2023 22:29:28 GMT
x-permitted-cross-domain-policies
none
server
Apache
x-frame-options
sameorigin
vary
User-Agent
content-type
image/jpeg
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
362842
x-xss-protection
1; mode=block
expires
max-age=A10368000, public
Environment.jpg
www.investigativepost.org/wp-content/uploads/2022/07/ 		149 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.investigativepost.org/wp-content/uploads/2022/07/Environment.jpg
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
7f41df1f90b44d28185b69f70e170effff109bb3d8d4f616fc3d1965e81f8b0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 22 Jul 2024 17:10:44 GMT
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Thu, 14 Dec 2023 22:32:40 GMT
x-permitted-cross-domain-policies
none
server
Apache
x-frame-options
sameorigin
vary
User-Agent
content-type
image/jpeg
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
152820
x-xss-protection
1; mode=block
expires
max-age=A10368000, public
Politics.jpg
www.investigativepost.org/wp-content/uploads/2022/07/ 		209 KB
209 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.investigativepost.org/wp-content/uploads/2022/07/Politics.jpg
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
6931faf23e96176b1e6ae246cfd1f3d0c621e95cb6a1ef44d36ef99a771b5bac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 22 Jul 2024 17:10:44 GMT
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Thu, 14 Dec 2023 22:32:47 GMT
x-permitted-cross-domain-policies
none
server
Apache
x-frame-options
sameorigin
vary
User-Agent
content-type
image/jpeg
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
214229
x-xss-protection
1; mode=block
expires
max-age=A10368000, public
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?member_id=14146&add_code=&t=1
  • https://secure.adnxs.com/bounce?%2Fseg%3Fmember_id%3D14146%26add_code%3D%26t%3D1
0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fmember_id%3D14146%26add_code%3D%26t%3D1
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jul 2024 17:10:44 GMT
an-x-request-uuid
52ba8b31-6760-47f4-9448-75e7eed65711
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.103; 80.255.7.103; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 Jul 2024 17:10:44 GMT
an-x-request-uuid
6253044b-4ecb-497c-b6a3-e01c9d5c3a45
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://secure.adnxs.com/bounce?%2Fseg%3Fmember_id%3D14146%26add_code%3D%26t%3D1
x-proxy-origin
80.255.7.103; 80.255.7.103; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
classic-061523.css
cdn-images.mailchimp.com/embedcode/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-images.mailchimp.com/embedcode/classic-061523.css
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-8.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5883e7efce2f2f635eabad6906850ac83ac2236f675bc969ff508c2ad2c6e041

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
TLAqQVoBq2Hb5kr9KSEXmPqr6DohswZo
content-encoding
gzip
via
1.1 67697a0060e2336f6ffa8579d528820e.cloudfront.net (CloudFront)
date
Mon, 22 Jul 2024 03:50:29 GMT
last-modified
Tue, 21 Nov 2023 20:06:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P8
age
48016
x-amz-server-side-encryption
AES256
etag
W/"0d26555d70e62981c5039c0b5d571de9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
XU30n8E9GpmscJx8OM5dVRLaOM0PTZevSdSLwEO_gwEG-UcnR0zlqA==
mc-validate.js
s3.amazonaws.com/downloads.mailchimp.com/js/ 		140 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/downloads.mailchimp.com/js/mc-validate.js
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
16.182.66.216 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 17:10:45 GMT
Last-Modified
Mon, 20 Aug 2018 17:42:38 GMT
Server
AmazonS3
x-amz-request-id
QCXMN5ARQ70JY3PG
ETag
"6465dd4a8331265e6629cd069e03504c"
Content-Type
application/javascript
Cache-Control
public,max-age=2592000
Accept-Ranges
bytes
Content-Length
143249
x-amz-id-2
+Pxvj7p99UhKVercO0SSy5JwU3H980y3/h0UPDKU2YzVuChbzLY3ovxMLSc+InVx3s/55vYyKwU=
4e65g.css
www.investigativepost.org/wp-content/cache/wpfc-minified/d32r3qh7/ 		21 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.investigativepost.org/wp-content/cache/wpfc-minified/d32r3qh7/4e65g.css
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
c28cd2f4b5010793b7e54f25f95261198bd995db864d202fd40c3dc6ae3302d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 22 Jul 2024 17:10:44 GMT
x-permitted-cross-domain-policies
none
content-length
3473
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 12 Mar 2024 17:01:50 GMT
server
Apache
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
expires
max-age=A10368000, public
main.js
www.investigativepost.org/wp-content/plugins/advanced-responsive-video-embedder/build/ 		1 KB
592 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.investigativepost.org/wp-content/plugins/advanced-responsive-video-embedder/build/main.js?ver=65e39613de04e27403b1
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
5e0029ae2ede39230437136bb172fb8946f5b8c931c049485472d3a6fe490bd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 22 Jul 2024 17:10:44 GMT
x-permitted-cross-domain-policies
none
content-length
529
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 12 Mar 2024 17:01:22 GMT
server
Apache
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
expires
max-age=A10368000, public
polls-js.js
www.investigativepost.org/wp-content/plugins/wp-polls/ 		3 KB
711 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.investigativepost.org/wp-content/plugins/wp-polls/polls-js.js?ver=2.77.2
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
03d87f337bb68d971d9fdb8ed746c0ab6f4008e6060e63ed67057f444a05a6a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 22 Jul 2024 17:10:44 GMT
x-permitted-cross-domain-policies
none
content-length
648
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 14 Dec 2023 21:44:06 GMT
server
Apache
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
expires
max-age=A10368000, public
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=1.0.0
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 17:10:44 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
555
etag
W/"a87c48d211877c49b878679b2e3cdab8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8a750bbe0f48bf22-WAW
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Thu, 25 Jul 2024 17:10:44 GMT
jsPopup.min.js
www.investigativepost.org/wp-content/plugins/popup-box-pro/public/assets/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.investigativepost.org/wp-content/plugins/popup-box-pro/public/assets/js/jsPopup.min.js?ver=2.2
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
82a6ce5be6e364cf4a82ec7be0e67028a3bed0c01c08ee2d1ddf2e4788d30514
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 22 Jul 2024 17:10:44 GMT
x-permitted-cross-domain-policies
none
content-length
2079
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 14 Dec 2023 21:44:05 GMT
server
Apache
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
expires
max-age=A10368000, public
gtm.js
www.googletagmanager.com/ 		191 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WKW3HQJ
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0cf407005ab6ded8f5b90a40ed8ab92a2e60b3d20a6056b4afa60599ea4cf7a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 17:10:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69749
x-xss-protection
0
last-modified
Mon, 22 Jul 2024 16:10:11 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 22 Jul 2024 17:10:44 GMT
fbevents.js
connect.facebook.net/en_US/ 		224 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 22 Jul 2024 17:10:44 GMT
document-policy
force-load-at-top
x-fb-server-load
30
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58677
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=42, rtx=0, c=12, mss=1297, tbw=2790, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
9OOIbQRolQBLiKrwlHNGAm9o21bjGvDs6z83bjAmi5UNzDTU+psl1YzPbZ9SCc69J7q+F2+eS7H5npMJw+8vuA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
9140aac1148b142fefbe4933d.js
chimpstatic.com/mcjs-connected/js/users/2a06c22600092f2a2d0dc9a65/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chimpstatic.com/mcjs-connected/js/users/2a06c22600092f2a2d0dc9a65/9140aac1148b142fefbe4933d.js
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.67.131.235 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-131-235.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
9e7eb0c036a4aa626811ae4868c6398a8253d4daaaf679da8f5cbb4b32aecbbe

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency
402, 104
Date
Mon, 22 Jul 2024 17:10:44 GMT
Content-Encoding
gzip
x-amz-request-id
N9EQ1NFN7956189S
X-EdgeConnect-MidMile-RTT
1, 0
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
653
x-amz-id-2
4sMEeuo0g48xzrx6E598Q1Xu+gnQYGDy5ks3px/7nJmTyJ7ZjcINGPvm/lNIw5qIExbbP2vaoyY=
Last-Modified
Thu, 21 Dec 2023 21:29:57 GMT
Server
AmazonS3
ETag
"4b60d3ea13c42468679685c32a1680ac"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=209
Accept-Ranges
bytes
Expires
Mon, 22 Jul 2024 17:14:13 GMT
hotjar-3643723.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3643723.js?sv=5
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-121.ams1.r.cloudfront.net
Software
/
Resource Hash
3b834a8f76b13e94cb6f53f11358e84fa3d5ec857cc56658a0a407b107021b1f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 17:10:44 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 3f2f1c546e63f10a66abd1c978af36f6.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P3
etag
W/9082531030f6e88a227b8c0ff81137d5
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
WolpwjAvOCqBQAKgpg-AVTiRljTr7YSi8xoc1pX0bk5OiwRQovoi4A==
fXZoDfS7M1c
www.youtube-nocookie.com/embed/ Frame 2430 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/fXZoDfS7M1c?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jul 2024 17:10:44 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
lnrMw0s2ZdE
www.youtube-nocookie.com/embed/ Frame 15F9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/lnrMw0s2ZdE?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jul 2024 17:10:44 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
-iGmU478R3g
www.youtube-nocookie.com/embed/ Frame 131A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/-iGmU478R3g?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jul 2024 17:10:44 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
fXZoDfS7M1c
www.youtube-nocookie.com/embed/ Frame 2375 		0
0
gnuolanebk-regular.ttf
www.investigativepost.org/wp-content/themes/html5blank/fonts/ 		56 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.investigativepost.org/wp-content/themes/html5blank/fonts/gnuolanebk-regular.ttf
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/wp-content/cache/wpfc-minified/sug04v3/4e65g.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
e4427366f345127f5d52ccce36f0e8291bd2fc8127ca449c94a94569880489aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.investigativepost.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 22 Jul 2024 17:10:44 GMT
x-permitted-cross-domain-policies
none
content-length
26137
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 14 Dec 2023 21:44:06 GMT
server
Apache
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
x-font/ttf
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
expires
max-age=A10368000, public
Georgia.ttf
www.investigativepost.org/wp-content/themes/html5blank/fonts/ 		151 KB
96 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.investigativepost.org/wp-content/themes/html5blank/fonts/Georgia.ttf
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/wp-content/cache/wpfc-minified/sug04v3/4e65g.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
a7cd40982d435cfaa9f6871d64b28b0c47961f4a053ba315434b93378cce6981
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.investigativepost.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Thu, 14 Dec 2023 21:44:06 GMT
x-permitted-cross-domain-policies
none
date
Mon, 22 Jul 2024 17:10:44 GMT
server
Apache
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
x-font/ttf
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
x-xss-protection
1; mode=block
expires
max-age=A10368000, public
fa-brands-400.woff2
www.investigativepost.org/wp-content/themes/html5blank/node_modules/fortawesome/fontawesome-free/webfonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.investigativepost.org/wp-content/themes/html5blank/node_modules/fortawesome/fontawesome-free/webfonts/fa-brands-400.woff2
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/wp-content/cache/wpfc-minified/sug04v3/4e65g.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.investigativepost.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 22 Jul 2024 17:10:44 GMT
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
x-permitted-cross-domain-policies
none
server
Apache
x-frame-options
sameorigin
content-type
application/font-woff2
cache-control
max-age=10368000
accept-ranges
bytes
content-length
76736
x-xss-protection
1; mode=block
expires
max-age=A10368000, public
fa-solid-900.woff2
www.investigativepost.org/wp-content/themes/html5blank/node_modules/fortawesome/fontawesome-free/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.investigativepost.org/wp-content/themes/html5blank/node_modules/fortawesome/fontawesome-free/webfonts/fa-solid-900.woff2
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/wp-content/cache/wpfc-minified/sug04v3/4e65g.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.investigativepost.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 22 Jul 2024 17:10:44 GMT
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
x-permitted-cross-domain-policies
none
server
Apache
x-frame-options
sameorigin
content-type
application/font-woff2
cache-control
max-age=10368000
accept-ranges
bytes
content-length
78268
x-xss-protection
1; mode=block
expires
max-age=A10368000, public
lnrMw0s2ZdE
www.youtube-nocookie.com/embed/ Frame 7624 		0
0
-iGmU478R3g
www.youtube-nocookie.com/embed/ Frame 52D0 		0
0
iak2wDalRho
www.youtube-nocookie.com/embed/ Frame 235D 		0
0
IHq-PdFMPUE
www.youtube-nocookie.com/embed/ Frame BA4C 		0
0
fXZoDfS7M1c
www.youtube-nocookie.com/embed/ Frame 6E4A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/fXZoDfS7M1c?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/wp-content/cache/wpfc-minified/err23nwe/4e65h.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f14.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jul 2024 17:10:44 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
lnrMw0s2ZdE
www.youtube-nocookie.com/embed/ Frame 295B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/lnrMw0s2ZdE?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/wp-content/cache/wpfc-minified/err23nwe/4e65h.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f14.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jul 2024 17:10:44 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
-iGmU478R3g
www.youtube-nocookie.com/embed/ Frame 4AC3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/-iGmU478R3g?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/wp-content/cache/wpfc-minified/err23nwe/4e65h.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jul 2024 17:10:44 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
iak2wDalRho
www.youtube-nocookie.com/embed/ Frame C326 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/iak2wDalRho?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/wp-content/cache/wpfc-minified/err23nwe/4e65h.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jul 2024 17:10:44 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
IHq-PdFMPUE
www.youtube-nocookie.com/embed/ Frame 1A51 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/IHq-PdFMPUE?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/wp-content/cache/wpfc-minified/err23nwe/4e65h.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jul 2024 17:10:44 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
fXZoDfS7M1c
www.youtube-nocookie.com/embed/ Frame 7963 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/fXZoDfS7M1c?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/wp-content/cache/wpfc-minified/err23nwe/4e65h.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f14.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jul 2024 17:10:45 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
lnrMw0s2ZdE
www.youtube-nocookie.com/embed/ Frame 3EAA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/lnrMw0s2ZdE?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/wp-content/cache/wpfc-minified/err23nwe/4e65h.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f14.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jul 2024 17:10:45 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
-iGmU478R3g
www.youtube-nocookie.com/embed/ Frame 38E7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/-iGmU478R3g?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/wp-content/cache/wpfc-minified/err23nwe/4e65h.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f14.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jul 2024 17:10:44 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
-iGmU478R3g
www.youtube-nocookie.com/embed/ Frame AD5F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/-iGmU478R3g?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/wp-content/cache/wpfc-minified/err23nwe/4e65h.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f14.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy-report-only
base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-x2TIQ7pxp6Xzw2XOJ76aaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jul 2024 17:10:45 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
iak2wDalRho
www.youtube-nocookie.com/embed/ Frame 59ED 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/iak2wDalRho?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/wp-content/cache/wpfc-minified/err23nwe/4e65h.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jul 2024 17:10:44 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
IHq-PdFMPUE
www.youtube-nocookie.com/embed/ Frame A2CB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/IHq-PdFMPUE?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/wp-content/cache/wpfc-minified/err23nwe/4e65h.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f14.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy-report-only
base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-01v4csT09LXhs_7ECzH7ZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jul 2024 17:10:44 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
_LJi6xb7icE
www.youtube-nocookie.com/embed/ Frame E11D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/_LJi6xb7icE?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&autoplay=0
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jul 2024 17:10:44 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AsnbWYr3bqK88n/C2BgXPMpBC+msV4jf6vsgnAir+gFnHw3zXZEKmz271E4vhxTja+7SD2q3dr2BxZlHzvj9HA0AAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		299 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9Z1F1NQ70H&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKW3HQJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
16e0312cceaa9d983d2df3c2c9a6dbd4aa6f4afae979123b5b5723326ffc2759
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 17:10:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102115
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 22 Jul 2024 17:10:44 GMT
js
www.googletagmanager.com/gtag/ 		305 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=GT-TQSC4FR&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKW3HQJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a909624a8a4dbe0620005caceab10ff69fc115089a55b498d3925c5730b5e3c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 17:10:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103509
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 22 Jul 2024 17:10:44 GMT
modules.e4b2dc39f985f11fb1e4.js
script.hotjar.com/ 		223 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3643723.js?sv=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.165.206.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-165-206-67.vie50.r.cloudfront.net
Software
/
Resource Hash
619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 01 Jul 2024 08:11:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 3d6d8b79333ec716ccd2b6cf997a1600.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P3
age
1846778
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56291
last-modified
Mon, 01 Jul 2024 08:10:34 GMT
etag
"ca025d2d8ae4b3dc51e058b782590501"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
ZfOo1QeM85pZiNKbpKn4ivjniimpuyk8eCQZTuPkExggFCWMJpxhyA==
318683177615939
connect.facebook.net/signals/config/ 		68 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/318683177615939?v=2.9.162&r=stable&domain=www.investigativepost.org&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ea2e4907062ac6bc822669fed6938ea9fe77d6526b82e01c36995e493b94988a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 22 Jul 2024 17:10:44 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=48, rtx=0, c=64, mss=1297, tbw=64241, tp=-1, tpl=-1, uplat=72, ullat=0
pragma
public
x-fb-debug
yGrX8ZBTlyW7M3C4HmRPY+y9KBOxTIKYsCWkmXLhHXg2+EGJgDrgppO4HetpckJhaheGvHge3gf08KW2jblY2g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
1C366C_3_0.ttf
www.investigativepost.org/wp-content/themes/html5blank/fonts/ 		56 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.investigativepost.org/wp-content/themes/html5blank/fonts/1C366C_3_0.ttf
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/wp-content/cache/wpfc-minified/sug04v3/4e65g.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
72.52.164.200 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.hostdogdimeservers.com
Software
Apache /
Resource Hash
22f936869af8fadef2cc307c3f906ce0fe0b1d781a95d04f9fbfc14502c19b6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.investigativepost.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 22 Jul 2024 17:10:45 GMT
x-permitted-cross-domain-policies
none
content-length
33055
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 14 Dec 2023 21:44:06 GMT
server
Apache
x-frame-options
sameorigin
vary
Accept-Encoding,User-Agent
content-type
x-font/ttf
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
expires
max-age=A10368000, public
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-TV3TKKV95J&gtm=45Pe47h0v9129998068za200zb9104842212&_p=1721668242795&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&gdid=dZTNiMT&cid=795614410.1721668245&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721668244&sct=1&seg=0&dl=https%3A%2F%2Fwww.investigativepost.org%2F&dt=Investigative%20Post%20-%20Jim%20Heaney%20Editor%20%26%20Executive%20Director%2C%20Buffalo%20%26%20WNY%20Investigative%20Reporting%20Center%20%3A%20Investigative%20Post&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=4738&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-TQSC4FR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jul 2024 17:10:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.investigativepost.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TV3TKKV95J&cid=795614410.1721668245&gtm=45Pe47h0v9129998068za200zb9104842212&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-TQSC4FR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jul 2024 17:10:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.investigativepost.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TV3TKKV95J&cid=795614410.1721668245&gtm=45Pe47h0v9129998068za200zb9104842212&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&z=1134192416
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jul 2024 17:10:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=318683177615939&ev=PageView&dl=https%3A%2F%2Fwww.investigativepost.org%2F&rl=&if=false&ts=1721668245960&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1721668245904.83860028499226151&cs_est=true&ler=empty&cdl=API_unavailable&it=1721668244590&coo=false&rqm=GET
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=85, rtx=0, c=10, mss=1297, tbw=2817, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 22 Jul 2024 17:10:46 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=318683177615939&ev=PageView&dl=https%3A%2F%2Fwww.investigativepost.org%2F&rl=&if=false&ts=1721668245960&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1721668245904.83860028499226151&cs_est=true&ler=empty&cdl=API_unavailable&it=1721668244590&coo=false&rqm=FGET
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Mon, 22 Jul 2024 17:10:46 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7394508813163525664", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=82, rtx=0, c=10, mss=1297, tbw=3130, tp=-1, tpl=-1, uplat=309, ullat=0
pragma
no-cache
x-fb-debug
jxeggrborOmF3vmUkbDWP2n9zQPLM3Hp+4M35oLd89iKnzxgCl89GH3IVSDQskcSgHFAjZ90WtPKZdOZx+cf1Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7394508813163525664"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
classic-061523.css
cdn-images.mailchimp.com/embedcode/ 		5 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-images.mailchimp.com/embedcode/classic-061523.css
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-8.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5883e7efce2f2f635eabad6906850ac83ac2236f675bc969ff508c2ad2c6e041

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
TLAqQVoBq2Hb5kr9KSEXmPqr6DohswZo
content-encoding
gzip
via
1.1 67697a0060e2336f6ffa8579d528820e.cloudfront.net (CloudFront)
date
Mon, 22 Jul 2024 03:50:29 GMT
last-modified
Tue, 21 Nov 2023 20:06:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P8
age
48016
x-amz-server-side-encryption
AES256
etag
W/"0d26555d70e62981c5039c0b5d571de9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
XU30n8E9GpmscJx8OM5dVRLaOM0PTZevSdSLwEO_gwEG-UcnR0zlqA==
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-9Z1F1NQ70H&gtm=45je47h0v9105065447z89104842212za200zb9104842212&_p=1721668242795&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250752&cid=795614410.1721668245&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721668247&sct=1&seg=0&dl=https%3A%2F%2Fwww.investigativepost.org%2F&dt=Investigative%20Post%20-%20Jim%20Heaney%20Editor%20%26%20Executive%20Director%2C%20Buffalo%20%26%20WNY%20Investigative%20Reporting%20Center%20%3A%20Investigative%20Post&en=page_view&_fv=1&_ss=1&tfd=6856&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9Z1F1NQ70H&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jul 2024 17:10:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.investigativepost.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
givebutter.com/elements/api/v2/quEm2xccccrRp5Wd/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://givebutter.com/elements/api/v2/quEm2xccccrRp5Wd/ping
Requested by
Host: widgets.givebutter.com
URL: https://widgets.givebutter.com/latest.umd.cjs?acct=quEm2xccccrRp5Wd&p=wordpress
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:25da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 17:10:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff, nosniff
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
content-security-policy
base-uri 'self'
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
cross-origin
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
cross-origin-opener-policy
unsafe-none
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
sameorigin
access-control-allow-origin
https://www.investigativepost.org
cache-control
max-age=24552, must-revalidate, public
access-control-allow-credentials
true
permissions-policy
accelerometer=(self), autoplay=*, camera=(self), cross-origin-isolated=(self), display-capture=(self), encrypted-media=(self), fullscreen=*, geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), payment=(self "https://js.stripe.com" "https://pay.google.com"), picture-in-picture=*, publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=*, usb=(self), xr-spatial-tracking=(self)
x-server
prod-app-9
cf-ray
8a750bd24c5065bb-FRA
mc-validate.js
s3.amazonaws.com/downloads.mailchimp.com/js/ 		140 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/downloads.mailchimp.com/js/mc-validate.js
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
16.182.66.216 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 17:10:45 GMT
Last-Modified
Mon, 20 Aug 2018 17:42:38 GMT
Server
AmazonS3
x-amz-request-id
QCXMN5ARQ70JY3PG
ETag
"6465dd4a8331265e6629cd069e03504c"
Content-Type
application/javascript
Cache-Control
public,max-age=2592000
Accept-Ranges
bytes
Content-Length
143249
x-amz-id-2
+Pxvj7p99UhKVercO0SSy5JwU3H980y3/h0UPDKU2YzVuChbzLY3ovxMLSc+InVx3s/55vYyKwU=
marfeel-sdk.js
sdk.mrf.io/statics/ 		159 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=4946
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65f9f7030ba2df33001e3efb72f9f7ea40dd0fcabd6a2a4f541d8a2df6a015fa

Request headers

Referer
Origin
https://www.investigativepost.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-response-time
3ms
date
Mon, 22 Jul 2024 17:10:47 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Mon, 22 Jul 2024 07:48:52 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1800
x-envoy-upstream-service-time
19
accept-ranges
bytes
cf-ray
8a750bd3ce564d5a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43772
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=1.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 17:10:47 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1350
etag
W/"e3be409ac3c100e2a5d3f264ec260551"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8a750bd2f811bf22-WAW
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Thu, 25 Jul 2024 17:10:47 GMT
web
onesignal.com/api/v1/sync/d407f0df-cb7c-4199-bb7c-6b040c2a15c9/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/d407f0df-cb7c-4199-bb7c-6b040c2a15c9/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be8c4fdc6b6f0e5d0bf3bf6f0ee6fe52641ee9bebbd6c709522a8ee7f25bbc2d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 17:10:47 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
08735526-8a92-4d1f-b439-ddc8b243393c
x-runtime
0.030136
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"be8c4fdc6b6f0e5d0bf3bf6f0ee6fe52"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
8a750bd50b32bf22-WAW
access-control-allow-headers
SDK-Version
expires
Mon, 22 Jul 2024 18:10:47 GMT
ingest.php
events.newsroom.bi/ 		50 B
861 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=4946
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.19.96.13 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
haproxy04.cl13.ovh.mrf.io
Software
istio-envoy /
Resource Hash
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 22 Jul 2024 17:10:48 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.investigativepost.org
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
66
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 17:10:48 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1489
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
8a750bd68d53bf22-WAW
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Wed, 21 Aug 2024 17:10:48 GMT
icon
onesignal.com/api/v1/apps/d407f0df-cb7c-4199-bb7c-6b040c2a15c9/ 		254 B
799 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/d407f0df-cb7c-4199-bb7c-6b040c2a15c9/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
022f14fe4050150847bd3a5fb1f9ff550dc7877bed7458a9131921a73dc08361
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 17:10:48 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
f46ed713-5aef-492c-a31e-7a6b60a90cd1
x-runtime
0.013793
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"022f14fe4050150847bd3a5fb1f9ff55"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept, Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
8a750bd7989dc3fe-WAW
access-control-allow-headers
SDK-Version
rfv.php
events.newsroom.bi/data/ 		27 B
480 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/data/rfv.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=4946
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.19.96.13 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
haproxy04.cl13.ovh.mrf.io
Software
istio-envoy /
Resource Hash
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryHwZWfPP4oBYjWIHt

Response headers

date
Mon, 22 Jul 2024 17:10:48 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.investigativepost.org
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
42
BUSfwvANTiKa2FJmhhGq_ipostnews.jpg
img.onesignal.com/permanent/7d848b58-a3e2-4842-9bd3-0318adeda1e2/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/permanent/7d848b58-a3e2-4842-9bd3-0318adeda1e2/BUSfwvANTiKa2FJmhhGq_ipostnews.jpg
Requested by
Host: www.investigativepost.org
URL: https://www.investigativepost.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
add88496fb58de70b96a53544cdc89cf55105bc19ab7f7a99c61926e35deb9f2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-goog-encryption-kms-key-name
projects/core-infra-onesignal/locations/europe-west4/keyRings/keyring-kms-onesignal/cryptoKeys/img-persistence-bucket-onesignal/cryptoKeyVersions/1
date
Mon, 22 Jul 2024 17:10:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
MISS
x-guploader-uploadid
ACJd0Nr5kzzTXcVxBoLen1coRsfk3pUkJRPiKv5MWJy5bMFop2e4Ui4_4FpZg8cXnbHOsvOgXHFoD1LTlQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
6330
pragma
no-cache
last-modified
Thu, 28 Sep 2023 18:42:11 GMT
server
cloudflare
etag
"-CP+wgdT6zYEDEAE="
vary
Origin, Accept-Encoding
x-goog-generation
1695926531938431
content-type
image/jpeg
x-goog-hash
crc32c=+7MBYg==, md5=rVImKsG05Wa/OEz1jFXDrg==
cache-control
public, max-age=2678400
x-goog-stored-content-length
6330
accept-ranges
bytes
cf-ray
8a750bd8681bbf22-WAW
expires
Thu, 22 Aug 2024 17:10:48 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.youtube-nocookie.com
URL
https://www.youtube-nocookie.com/embed/fXZoDfS7M1c?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Domain
www.youtube-nocookie.com
URL
https://www.youtube-nocookie.com/embed/lnrMw0s2ZdE?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Domain
www.youtube-nocookie.com
URL
https://www.youtube-nocookie.com/embed/-iGmU478R3g?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Domain
www.youtube-nocookie.com
URL
https://www.youtube-nocookie.com/embed/iak2wDalRho?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0
Domain
www.youtube-nocookie.com
URL
https://www.youtube-nocookie.com/embed/IHq-PdFMPUE?feature=oembed&iv_load_policy=3&modestbranding=1&rel=0&autohide=1&playsinline=0&title=0&byline=0&autoplay=0

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| dataLayer object| _gsScope number| uidEvent object| bootstrap function| jQuery function| ScrollMagic object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| TweenMax function| TimelineLite function| TimelineMax function| BezierPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup function| gtag function| fbq function| _fbq function| powerpress_pinw function| hj object| _hjSettings string| ajaxurl string| views_url function| documentInitOneSignal function| OneSignal object| google_tag_manager object| google_tag_data object| hjSiteSettings function| hjBootstrap object| hjLazyModules object| hjBootstrapCalled object| $mcSite function| onYouTubeIframeAPIReady object| gaGlobal object| mc function| $mcj object| fnames object| ftypes object| _sentryDebugIds string| _sentryDebugIdIdentifier object| SENTRY_RELEASE object| gbWidgets object| litPropertyMetadata object| reactiveElementVersions object| litHtmlVersions object| litElementVersions function| iFrameResize function| iframeChildListener object| pollsL10n function| poll_vote function| poll_process function| poll_result function| poll_booth function| poll_process_success object| PopupBox_2 object| marfeel number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 object| webpackChunk_marfeel_marfeel_sdk object| tp object| __mrfCompass object| googletag

15 Cookies

Domain/Path Name / Value
.onesignal.com/ Name: __cf_bm
Value: XJYpbpMu3D32FkcwLpv8S3wgWm4FgWw9iA5Awvf1qJs-1721668244-1.0.1.1-Uz6cutFMBz_vPC6Qxv6OWrR8.I6AHBT_4dqWritCGRToAlOt0l7pf5qPBoPGTkdGnoSTUzWOC0zfRkqtCXrumQ
.adnxs.com/ Name: XANDR_PANID
Value: P1gSe9yts84BV2-4Wg0QEgZ8CoSqP1ZZS7e0yFczJpPYgwI0eFsZhFdrRtzXKiBls8ZLpMvnoYDBDWvnU2-5cJ5IXu6yxpuNNeGI4waihTo.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 2257283014622669239
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2GVIj@hPf!]tbP6j2F-XstGt!@Dz]%#f2?
.givebutter.com/ Name: __cf_bm
Value: vVtmE3zn44kJxYmgzsXKcs52Gi_Jj8zgWPGk3tNONVU-1721668244-1.0.1.1-lrRSR3FQjt5kIShHnee_x7eFAeXjR2Y9Y1kjLXTWFcoHQVO18mdNmQndEW9BsYexICM5rlFnpD_osIJqopsiHg
.investigativepost.org/ Name: _ga_TV3TKKV95J
Value: GS1.1.1721668244.1.0.1721668244.60.0.0
.investigativepost.org/ Name: _ga
Value: GA1.1.795614410.1721668245
.investigativepost.org/ Name: _fbp
Value: fb.1.1721668245904.83860028499226151
.investigativepost.org/ Name: _ga_9Z1F1NQ70H
Value: GS1.1.1721668247.1.0.1721668247.0.0.0
.investigativepost.org/ Name: _hjSessionUser_3643723
Value: eyJpZCI6IjlmMTliYTY3LWM0ZWQtNTU1YS1hNzFhLWMwOTEzZWU3NWNiMCIsImNyZWF0ZWQiOjE3MjE2NjgyNDc0OTgsImV4aXN0aW5nIjpmYWxzZX0=
.investigativepost.org/ Name: _hjSession_3643723
Value: eyJpZCI6IjkyN2I4MjE1LTFjNDQtNDc0NC1iNDhlLWE0OWRmYWQwZDZlMSIsImMiOjE3MjE2NjgyNDc0OTksInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.investigativepost.org/ Name: ___nrbic
Value: %7B%22isNewUser%22%3Atrue%2C%22previousVisit%22%3A1721668247%2C%22currentVisitStarted%22%3A1721668247%2C%22sessionId%22%3A%2218a22ae3-338a-44f1-be6e-f5b188f8ecd7%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//www.investigativepost.org/%22%2C%22referrer%22%3A%22%22%7D
.investigativepost.org/ Name: ___nrbi
Value: %7B%22firstVisit%22%3A1721668247%2C%22userId%22%3A%220776138e-9276-4049-b1d6-e24250ca89b5%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1721668247%2C%22timesVisited%22%3A1%7D
.investigativepost.org/ Name: compass_uid
Value: 0776138e-9276-4049-b1d6-e24250ca89b5

1 Console Messages

Source Level URL
Text
other warning URL: https://www.investigativepost.org/
Message:
The keyword 'push-button' used on the 'appearance' property was deprecated and has now been removed. It will no longer have any effect.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-images.mailchimp.com
cdn.onesignal.com
chimpstatic.com
connect.facebook.net
events.newsroom.bi
fonts.googleapis.com
givebutter.com
img.onesignal.com
onesignal.com
region1.analytics.google.com
region1.google-analytics.com
s3.amazonaws.com
script.hotjar.com
sdk.mrf.io
secure.adnxs.com
static.hotjar.com
stats.g.doubleclick.net
widgets.givebutter.com
www.facebook.com
www.google.de
www.googletagmanager.com
www.investigativepost.com
www.investigativepost.org
www.youtube-nocookie.com
www.youtube-nocookie.com
104.16.160.145
104.17.111.223
142.250.185.227
16.182.66.216
162.19.96.13
172.217.23.110
172.67.159.162
18.172.112.8
18.239.94.121
2001:4860:4802:34::36
23.67.131.235
2606:4700:10::6814:25da
2606:4700:10::ac43:209f
2a00:1450:4001:813::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:82b::200a
2a00:1450:400c:c00::9d
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.165.206.67
3.33.251.168
37.252.171.21
72.52.164.200
0222cfa0b9ade89be954ac5298b0ec90c7b02406952418b673061387ab1f3520
022f14fe4050150847bd3a5fb1f9ff550dc7877bed7458a9131921a73dc08361
03d87f337bb68d971d9fdb8ed746c0ab6f4008e6060e63ed67057f444a05a6a6
0cf407005ab6ded8f5b90a40ed8ab92a2e60b3d20a6056b4afa60599ea4cf7a4
16e0312cceaa9d983d2df3c2c9a6dbd4aa6f4afae979123b5b5723326ffc2759
22e23f380bbe5cc16ff8778e46406ad4380fde378fe70f20a8c0f43bfd2c64d3
22f936869af8fadef2cc307c3f906ce0fe0b1d781a95d04f9fbfc14502c19b6b
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63
3b834a8f76b13e94cb6f53f11358e84fa3d5ec857cc56658a0a407b107021b1f
410f93ed697c705b2e74d43f77d721906602629d310e29248bdd018f299ced97
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
534a913039d46018814e8de168eef7c676fa6f49981a6bdba43db65c4d54667a
5883e7efce2f2f635eabad6906850ac83ac2236f675bc969ff508c2ad2c6e041
590f1b6e85d0d999a3134674324732b9998521cecca09146cad0ff09147f767e
5e0029ae2ede39230437136bb172fb8946f5b8c931c049485472d3a6fe490bd6
619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0
65f9f7030ba2df33001e3efb72f9f7ea40dd0fcabd6a2a4f541d8a2df6a015fa
6931faf23e96176b1e6ae246cfd1f3d0c621e95cb6a1ef44d36ef99a771b5bac
70aad76ee6355f9960fac56851e1986dca70a50c1468229ffc5ad4c232fabfd4
787a4e34016fc54f36ddbca24149ed0cf0f7fc1393ca7cf23b555a818dd0a3a4
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7
7f41df1f90b44d28185b69f70e170effff109bb3d8d4f616fc3d1965e81f8b0d
82a6ce5be6e364cf4a82ec7be0e67028a3bed0c01c08ee2d1ddf2e4788d30514
8c4ad2663bdc21c51dc27f198c5e15ec17cd9533a1ecee730647ceb73d4ff3bf
8ea6992a69a092e9ef8e2acfef3cc3042c51234e560af5b5faf0f9282260e7ef
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
9e7eb0c036a4aa626811ae4868c6398a8253d4daaaf679da8f5cbb4b32aecbbe
a7cd40982d435cfaa9f6871d64b28b0c47961f4a053ba315434b93378cce6981
a909624a8a4dbe0620005caceab10ff69fc115089a55b498d3925c5730b5e3c6
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
add88496fb58de70b96a53544cdc89cf55105bc19ab7f7a99c61926e35deb9f2
ae8e5a7a6a539aef99394e63436fe6bc13418f92047f757b667f7f4ec7add844
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857
be8c4fdc6b6f0e5d0bf3bf6f0ee6fe52641ee9bebbd6c709522a8ee7f25bbc2d
c28cd2f4b5010793b7e54f25f95261198bd995db864d202fd40c3dc6ae3302d6
c80c3bafc87630abfec18f3b4c29131e0b759b4aa772c0e0a902397a79970631
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
ddacfe9bf1254c9dc396794d6d32fbcf030075572f2615c350c166662141b7c7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4427366f345127f5d52ccce36f0e8291bd2fc8127ca449c94a94569880489aa
e88e869dcf5ae9ccf0ac6e1f0ac40888b3490b2e7a3ccb058fb1d7952fa8ac60
e9f58f97fe02dd7d38ea19f9165864ada6f4f929e6c39d13c9a8630d31f5125f
ea2e4907062ac6bc822669fed6938ea9fe77d6526b82e01c36995e493b94988a
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629