urlscan.io logo urlscan.io
SecurityTrails logo

thetruedefender.com Open in urlscan Pro
2606:4700:20::681a:842  Public Scan

Go To Rescan Add Verdict Report
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-conta...
Submission: On October 31 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 85 IPs in 13 countries across 85 domains to perform 482 HTTP transactions. The main IP is 2606:4700:20::681a:842, located in United States and belongs to CLOUDFLARENET, US. The main domain is thetruedefender.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 5th 2021. Valid for: a year.
This is the only time thetruedefender.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
33 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2600:9000:223... 16509 (AMAZON-02)
2 2600:9000:225... 16509 (AMAZON-02)
5 192.0.77.2 2635 (AUTOMATTIC)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
7 192.0.77.37 2635 (AUTOMATTIC)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 18.66.139.91 16509 (AMAZON-02)
2 192.0.76.3 2635 (AUTOMATTIC)
2 2600:9000:223... 16509 (AMAZON-02)
3 172.217.18.98 15169 (GOOGLE)
1 2600:9000:225... 16509 (AMAZON-02)
2 53 151.101.2.152 54113 (FASTLY)
10 95.216.186.40 24940 (HETZNER-AS)
4 199.232.196.134 54113 (FASTLY)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
5 178.250.2.131 44788 (ASN-CRITE...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
15 51.38.120.206 16276 (OVH)
5 185.86.139.58 201081 (SMARTADSE...)
1 21 96.46.186.57 7979 (SERVERS-COM)
11 2606:4700:10:... 13335 (CLOUDFLAR...)
5 60 2606:4700:10:... 13335 (CLOUDFLAR...)
5 147.75.61.140 54825 (PACKET)
15 36 185.33.220.242 29990 (ASN-APPNEX)
10 212.77.99.29 12827 (WIRTUALNA...)
5 185.184.8.65 204995 (RTB-HOUSE...)
3 104.154.142.214 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
27 149.154.164.25 62041 (TELEGRAM)
15 2600:9000:224... 16509 (AMAZON-02)
4 151.101.64.134 54113 (FASTLY)
2 2a04:4e42::729 54113 (FASTLY)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 213.174.135.36 39572 (ADVANCEDH...)
2 151.236.71.19 204720 (CDNETWORKS)
2 2600:9000:225... 16509 (AMAZON-02)
1 2a03:2880:f13... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
6 7 3.120.169.248 16509 (AMAZON-02)
2 2 35.210.53.219 19527 (GOOGLE-2)
2 2 194.190.76.38 48061 (UMA-TECH-AS)
5 5 31.172.81.172 44066 (DE-FIRSTC...)
2 2 31.172.81.158 44066 (DE-FIRSTC...)
7 7 72.251.249.14 29791 (VOXEL-DOT...)
2 2 2.19.35.65 16625 (AKAMAI-AS)
4 23.79.143.124 16625 (AKAMAI-AS)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2 104.16.201.58 13335 (CLOUDFLAR...)
2 5 2001:6d0:4001... 52016 (TNSMSK-)
8 130.211.115.4 15169 (GOOGLE)
1 199.232.198.49 54113 (FASTLY)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 37.157.6.251 198622 (ADFORM)
1 185.86.139.59 201081 (SMARTADSE...)
4 4 185.29.132.241 30419 (MEDIAMATH...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 69.173.144.138 26667 (RUBICONPR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 37.157.6.234 198622 (ADFORM)
2 2 89.108.120.68 197695 (AS-REG)
4 4 142.250.185.226 15169 (GOOGLE)
1 31.172.81.160 44066 (DE-FIRSTC...)
2 4 2a02:2638::1c 44788 (ASN-CRITE...)
3 178.250.2.146 44788 (ASN-CRITE...)
1 34.254.122.11 16509 (AMAZON-02)
1 2 2a02:6b8::90 208722 (YNDX)
1 82.145.213.8 39832 (NO-OPERA)
5 2.18.232.130 16625 (AKAMAI-AS)
1 24 2.18.234.21 16625 (AKAMAI-AS)
6 6 51.178.20.140 16276 (OVH)
2 185.86.138.144 201081 (SMARTADSE...)
1 51.68.57.71 16276 (OVH)
2 5 52.16.229.21 16509 (AMAZON-02)
1 185.255.84.153 200271 (IGUANE-)
5 212.77.98.32 12827 (WIRTUALNA...)
15 15 213.19.147.45 26120 (RHYTHMONE)
10 10 35.71.131.137 16509 (AMAZON-02)
10 178.162.133.149 60781 (LEASEWEB-...)
14 16 3.126.56.137 16509 (AMAZON-02)
5 146.20.128.142 27357 (RACKSPACE)
8 8 54.93.162.63 16509 (AMAZON-02)
5 10 54.36.109.22 16276 (OVH)
5 5 54.93.151.69 16509 (AMAZON-02)
5 2.18.233.180 16625 (AKAMAI-AS)
5 2a05:d018:d29... 16509 (AMAZON-02)
5 185.33.220.244 29990 (ASN-APPNEX)
3 3 2001:678:cb4:... 56396 (AMOBEE)
1 1 52.19.99.3 16509 (AMAZON-02)
1 2 52.46.133.124 16509 (AMAZON-02)
1 1 34.237.93.25 14618 (AMAZON-AES)
2 2 193.0.160.128 54312 (ROCKETFUEL)
2 192.132.33.46 18568 (BIDTELLECT)
2 2 3.125.99.7 16509 (AMAZON-02)
1 2 169.50.137.190 36351 (SOFTLAYER)
2 2 151.101.2.49 54113 (FASTLY)
1 37.157.4.25 198622 (ADFORM)
1 2 18.213.10.151 14618 (AMAZON-AES)
1 198.47.127.19 62713 (AS-PUBMATIC)
482 85
33    2606:4700:20::681a:842 (United States)

ASN13335 (CLOUDFLARENET, US)
thetruedefender.com
1    2600:9000:223c:7800:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.optad360.io
2    2600:9000:225e:7400:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
5    192.0.77.2 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com
i2.wp.com
i1.wp.com
1    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    192.0.77.37 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
c0.wp.com
2    2606:4700:10::6816:39ae (United States)

ASN13335 (CLOUDFLARENET, US)
users.api.jeeng.com
2    18.66.139.91 (United States)

ASN16509 (AMAZON-02, US)
clientcdn.pushengage.com
2    192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
2    2600:9000:223c:4e00:b:6268:b880:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn1.lockerdomecdn.com
3    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2600:9000:225e:b600:a:cbb7:a940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn2.lockerdomecdn.com
53    151.101.2.152 (United States)

ASN54113 (FASTLY, US)
www.scribd.com
de.scribd.com
s-f.scribdassets.com
wa.scribd.com
html.scribdassets.com
10    95.216.186.40 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.40.186.216.95.clients.your-server.de
xn--r1a.website
tlgr.org
4    199.232.196.134 (United States)

ASN54113 (FASTLY, US)
thetruedefender-com.disqus.com
referrer.disqus.com
1    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
5    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
2    2606:4700:20::ac43:49e4 (United States)

ASN13335 (CLOUDFLARENET, US)
rtb.adpone.com
15    51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
5    185.86.139.58 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
21    96.46.186.57 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
lbs-us-east1.ads.betweendigital.com
11    2606:4700:10::6816:37ce (United States)

ASN13335 (CLOUDFLARENET, US)
i.connectad.io
cdn.connectad.io
sync-eu.connectad.io
60    2606:4700:10::ac43:2ac6 (United States)

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
sync.quantumdex.io
ms.quantumdex.io
5    147.75.61.140 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
36    185.33.220.242 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
10    212.77.99.29 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: ssp.wp.pl
ssp.wp.pl
5    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
prebid-eu.creativecdn.com
3    104.154.142.214 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com
lockerdome.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
27    149.154.164.25 (London, United Kingdom)

ASN62041 (TELEGRAM, VG)
cdn4.telesco.pe
15    2600:9000:2240:2600:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
c.disquscdn.com
4    151.101.64.134 (United States)

ASN54113 (FASTLY, US)
disqus.com
2    2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)
browser.sentry-cdn.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    213.174.135.36 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
i.cdnkimg.com
2    151.236.71.19 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)
cache.betweendigital.com
2    2600:9000:2250:ce00:a:deb0:3380:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.ad-score.com
1    2a03:2880:f130:83:face:b00c:0:25de (France)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
7    3.120.169.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-169-248.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
2    194.190.76.38 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp10.sender.ltmse.com
px.adhigh.net
5    31.172.81.172 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
2    31.172.81.158 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync3.adsniper.ru
7    72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
2    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    2a02:26f0:6c00::210:ba29 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ced-ns.sascdn.com
2    104.16.201.58 (None, )

ASN13335 (CLOUDFLARENET, US)
pixel.yabidos.com
5    2001:6d0:4001::226 (Russian Federation)

ASN52016 (TNSMSK-, RU)
www.tns-counter.ru
8    130.211.115.4 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 4.115.211.130.bc.googleusercontent.com
data.ad-score.com
1    199.232.198.49 (United States)

ASN54113 (FASTLY, US)
a.disquscdn.com
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2a02:26f0:6c00::210:ba0b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
apps.sascdn.com
3    37.157.6.251 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
track.adform.net
1    185.86.139.59 (France)

ASN201081 (SMARTADSERVER, FR)
itx4.smartadserver.com
4    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    2606:4700::6810:4036 (United States)

ASN13335 (CLOUDFLARENET, US)
pre.glotgrx.com
2    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    2606:4700::6810:a40d (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.viglink.com
3    37.157.6.234 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
2    89.108.120.68 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51803.reg.regrucolo.ru
x01.aidata.io
4    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net
1    31.172.81.160 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync3.sniperlog.ru
4    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    34.254.122.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
2    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
an.yandex.ru
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
5    2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
24    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
6    51.178.20.140 (France)

ASN16276 (OVH, FR)
PTR: ns31193670.ip-51-178-20.eu
gu.dyntrk.com
2    185.86.138.144 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    51.68.57.71 (France)

ASN16276 (OVH, FR)
PTR: ip71.ip-51-68-57.eu
cookie-matching.mediarithmics.com
5    52.16.229.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-229-21.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    185.255.84.153 (Paris, France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
5    212.77.98.32 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: wifi32.ras.wp.pl
std.wpcdn.pl
15    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
10    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
10    178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
16    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
5    146.20.128.142 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
8    54.93.162.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-162-63.eu-central-1.compute.amazonaws.com
pixel.advertising.com
10    54.36.109.22 (France)

ASN16276 (OVH, FR)
PTR: p09.id5-sync.com
id5-sync.com
5    54.93.151.69 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-151-69.eu-central-1.compute.amazonaws.com
match.sharethrough.com
5    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
5    2a05:d018:d29:3605:dc78:e42b:b41a:32a0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
5    185.33.220.244 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
3    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    52.19.99.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-99-3.eu-west-1.compute.amazonaws.com
d.adroll.com
2    52.46.133.124 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    34.237.93.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-93-25.compute-1.amazonaws.com
sync.extend.tv
2    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
2    3.125.99.7 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-99-7.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
2    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    18.213.10.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-10-151.compute-1.amazonaws.com
um2.eqads.com
1    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
Apex Domain
Subdomains		 Transfer
60 quantumdex.io
useast.quantumdex.io
sync.quantumdex.io
ms.quantumdex.io
10 KB
46 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
113 KB
40 scribdassets.com
s-f.scribdassets.com
html.scribdassets.com
432 KB
33 thetruedefender.com
thetruedefender.com
415 KB
27 telesco.pe
cdn4.telesco.pe
1 MB
24 casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
30 KB
23 betweendigital.com
ads.betweendigital.com
lbs-us-east1.ads.betweendigital.com
cache.betweendigital.com
45 KB
21 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
17 KB
16 disquscdn.com
c.disquscdn.com
a.disquscdn.com
547 KB
15 onetag-sys.com
onetag-sys.com
9 KB
14 wp.com
i2.wp.com
c0.wp.com
stats.wp.com
i1.wp.com
pixel.wp.com
305 KB
13 scribd.com
www.scribd.com
de.scribd.com
wa.scribd.com
47 KB
12 criteo.com
bidder.criteo.com
gum.criteo.com
mug.criteo.com
9 KB
11 connectad.io
i.connectad.io
cdn.connectad.io
sync-eu.connectad.io
4 KB
10 id5-sync.com
id5-sync.com
12 KB
10 sonobi.com
sync.go.sonobi.com
5 KB
10 adsrvr.org
match.adsrvr.org
4 KB
10 1rx.io
sync.1rx.io
6 KB
10 ad-score.com
js.ad-score.com
data.ad-score.com
116 KB
10 wp.pl
ssp.wp.pl
2 KB
10 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
199 KB
8 advertising.com
pixel.advertising.com
3 KB
8 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
22 KB
8 tlgr.org
tlgr.org
111 KB
8 smartadserver.com
prg.smartadserver.com
itx4.smartadserver.com
rtb-csync.smartadserver.com
15 KB
8 disqus.com
thetruedefender-com.disqus.com
disqus.com
referrer.disqus.com
links.services.disqus.com Failed
62 KB
7 adform.net
track.adform.net
s1.adform.net
c1.adform.net
115 KB
7 lijit.com
ap.lijit.com
4 KB
7 bidswitch.net
x.bidswitch.net
3 KB
6 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
27 KB
6 dyntrk.com
gu.dyntrk.com
3 KB
5 sharethrough.com
match.sharethrough.com
1 KB
5 lkqd.net
cs.lkqd.net
2 KB
5 unrulymedia.com
sync.targeting.unrulymedia.com
2 KB
5 wpcdn.pl
std.wpcdn.pl
136 KB
5 bidr.io
match.prod.bidr.io
2 KB
5 tns-counter.ru
www.tns-counter.ru
2 KB
5 bumlam.com
sync.bumlam.com
3 KB
5 creativecdn.com
prebid-eu.creativecdn.com
905 B
5 a-mo.net
prebid.a-mo.net
1 KB
4 mathtag.com
sync.mathtag.com
2 KB
3 turn.com
ad.turn.com
1 KB
3 lockerdome.com
lockerdome.com
5 KB
3 lockerdomecdn.com
cdn1.lockerdomecdn.com
cdn2.lockerdomecdn.com
22 KB
3 google-analytics.com
www.google-analytics.com
21 KB
3 optad360.io
cmp.optad360.io
get.optad360.io
231 KB
2 eqads.com
um2.eqads.com
563 B
2 everesttech.net
sync-tm.everesttech.net
647 B
2 simpli.fi
um.simpli.fi
845 B
2 w55c.net
pm.w55c.net
2 KB
2 bttrack.com
bttrack.com
760 B
2 rfihub.com
p.rfihub.com
2 KB
2 amazon-adsystem.com
s.amazon-adsystem.com
1 KB
2 yandex.ru
an.yandex.ru
673 B
2 aidata.io
x01.aidata.io
1 KB
2 viglink.com
cdn.viglink.com
531 B
2 criteo.net
static.criteo.net
54 KB
2 yabidos.com
pixel.yabidos.com
2 KB
2 sascdn.com
ced-ns.sascdn.com
apps.sascdn.com
11 KB
2 adsniper.ru
sync3.adsniper.ru
1 KB
2 adhigh.net
px.adhigh.net
822 B
2 admedo.com
pool.admedo.com
715 B
2 gstatic.com
fonts.gstatic.com
32 KB
2 facebook.net
connect.facebook.net
79 KB
2 sentry-cdn.com
browser.sentry-cdn.com
20 KB
2 adpone.com
rtb.adpone.com
2 KB
2 4dex.io
script.4dex.io
23 KB
2 xn--r1a.website
xn--r1a.website
18 KB
2 pushengage.com
clientcdn.pushengage.com
24 KB
2 jeeng.com
users.api.jeeng.com
119 KB
1 extend.tv
sync.extend.tv
546 B
1 adroll.com
d.adroll.com
112 B
1 omnitagjs.com
visitor.omnitagjs.com
158 B
1 mediarithmics.com
cookie-matching.mediarithmics.com
85 B
1 opera.com
t.adx.opera.com
410 B
1 gumgum.com
rtb.gumgum.com
238 B
1 sniperlog.ru
sync3.sniperlog.ru
103 B
1 glotgrx.com
pre.glotgrx.com
304 B
1 facebook.com
www.facebook.com
1 cdnkimg.com
i.cdnkimg.com
43 KB
1 googleapis.com
fonts.googleapis.com
1 KB
1 jsdelivr.net
cdn.jsdelivr.net
1 KB
1 gravatar.com
secure.gravatar.com
39 KB
1 googletagmanager.com
www.googletagmanager.com
35 KB
0 brand-display.com Failed
dmp.brand-display.com Failed
482 85
Domain Requested by
50 sync.quantumdex.io get.optad360.io
sync.quantumdex.io
ssum-sec.casalemedia.com
39 s-f.scribdassets.com de.scribd.com
s-f.scribdassets.com
36 ib.adnxs.com 15 redirects get.optad360.io
acdn.adnxs.com
ssum-sec.casalemedia.com
33 thetruedefender.com thetruedefender.com
27 cdn4.telesco.pe xn--r1a.website
thetruedefender.com
20 ads.betweendigital.com 1 redirects get.optad360.io
thetruedefender.com
srcdoc
16 ups.analytics.yahoo.com 14 redirects ssum-sec.casalemedia.com
15 dsum-sec.casalemedia.com ssum-sec.casalemedia.com
um2.eqads.com
15 c.disquscdn.com thetruedefender-com.disqus.com
disqus.com
c.disquscdn.com
15 onetag-sys.com get.optad360.io
cache.betweendigital.com
sync.quantumdex.io
10 id5-sync.com 5 redirects sync.quantumdex.io
10 sync.go.sonobi.com sync.quantumdex.io
10 match.adsrvr.org 10 redirects
10 sync.1rx.io 10 redirects
10 ssp.wp.pl get.optad360.io
9 ssum-sec.casalemedia.com 1 redirects sync.quantumdex.io
ssum-sec.casalemedia.com
8 pixel.advertising.com 8 redirects
8 data.ad-score.com js.ad-score.com
8 tlgr.org xn--r1a.website
7 ap.lijit.com 7 redirects
7 x.bidswitch.net 6 redirects ssum-sec.casalemedia.com
7 c0.wp.com thetruedefender.com
6 gu.dyntrk.com 6 redirects
6 wa.scribd.com s-f.scribdassets.com
browser.sentry-cdn.com
5 secure.adnxs.com ssum-sec.casalemedia.com
5 pr-bh.ybp.yahoo.com ssum-sec.casalemedia.com
5 ads.pubmatic.com sync.quantumdex.io
5 match.sharethrough.com 5 redirects
5 ms.quantumdex.io 5 redirects
5 cs.lkqd.net sync.quantumdex.io
5 sync.targeting.unrulymedia.com 5 redirects
5 std.wpcdn.pl ssp.wp.pl
5 match.prod.bidr.io 2 redirects ssum-sec.casalemedia.com
5 cdn.connectad.io get.optad360.io
5 acdn.adnxs.com get.optad360.io
5 www.tns-counter.ru 2 redirects srcdoc
5 sync.bumlam.com 5 redirects
5 prebid-eu.creativecdn.com get.optad360.io
5 prebid.a-mo.net get.optad360.io
5 useast.quantumdex.io get.optad360.io
5 i.connectad.io get.optad360.io
5 prg.smartadserver.com get.optad360.io
5 bidder.criteo.com get.optad360.io
5 de.scribd.com thetruedefender.com
de.scribd.com
s-f.scribdassets.com
4 gum.criteo.com 2 redirects static.criteo.net
4 cm.g.doubleclick.net 4 redirects
4 sync.mathtag.com 4 redirects
4 eus.rubiconproject.com thetruedefender.com
eus.rubiconproject.com
cache.betweendigital.com
4 disqus.com thetruedefender-com.disqus.com
c.disquscdn.com
3 ad.turn.com 3 redirects
3 mug.criteo.com
3 s1.adform.net track.adform.net
s1.adform.net
3 track.adform.net ced-ns.sascdn.com
s1.adform.net
3 stats.g.doubleclick.net lockerdome.com
3 lockerdome.com cdn2.lockerdomecdn.com
3 securepubads.g.doubleclick.net get.optad360.io
securepubads.g.doubleclick.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 i2.wp.com thetruedefender.com
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 sync-tm.everesttech.net 2 redirects
2 um.simpli.fi 1 redirects ssum-sec.casalemedia.com
2 pm.w55c.net 2 redirects
2 bttrack.com ssum-sec.casalemedia.com
2 p.rfihub.com 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 rtb-csync.smartadserver.com
2 an.yandex.ru 1 redirects
2 x01.aidata.io 2 redirects
2 cdn.viglink.com thetruedefender.com
2 token.rubiconproject.com eus.rubiconproject.com
2 static.criteo.net get.optad360.io
static.criteo.net
2 referrer.disqus.com c.disquscdn.com
thetruedefender.com
2 pixel.yabidos.com 1 redirects srcdoc
2 secure-assets.rubiconproject.com 2 redirects
2 sync3.adsniper.ru 2 redirects
2 px.adhigh.net 2 redirects
2 pool.admedo.com 2 redirects
2 js.ad-score.com srcdoc
js.ad-score.com
2 cache.betweendigital.com srcdoc
ads.betweendigital.com
2 fonts.gstatic.com fonts.googleapis.com
2 connect.facebook.net s-f.scribdassets.com
connect.facebook.net
2 browser.sentry-cdn.com s-f.scribdassets.com
2 rtb.adpone.com get.optad360.io
2 script.4dex.io get.optad360.io
script.4dex.io
2 thetruedefender-com.disqus.com thetruedefender.com
2 i1.wp.com thetruedefender.com
2 xn--r1a.website thetruedefender.com
tlgr.org
2 www.scribd.com 2 redirects
2 cdn1.lockerdomecdn.com thetruedefender.com
cdn1.lockerdomecdn.com
2 clientcdn.pushengage.com thetruedefender.com
clientcdn.pushengage.com
2 users.api.jeeng.com thetruedefender.com
users.api.jeeng.com
2 get.optad360.io thetruedefender.com
get.optad360.io
1 image6.pubmatic.com ads.pubmatic.com
1 c1.adform.net ssum-sec.casalemedia.com
1 sync.extend.tv 1 redirects
1 d.adroll.com 1 redirects
1 sync-eu.connectad.io cdn.connectad.io
1 visitor.omnitagjs.com
1 cookie-matching.mediarithmics.com
1 t.adx.opera.com
1 rtb.gumgum.com
1 sync3.sniperlog.ru
1 pre.glotgrx.com srcdoc
1 itx4.smartadserver.com ced-ns.sascdn.com
1 apps.sascdn.com ced-ns.sascdn.com
1 a.disquscdn.com thetruedefender.com
1 ced-ns.sascdn.com thetruedefender.com
1 www.facebook.com connect.facebook.net
1 lbs-us-east1.ads.betweendigital.com srcdoc
1 i.cdnkimg.com srcdoc
1 html.scribdassets.com de.scribd.com
1 fonts.googleapis.com xn--r1a.website
1 cdn.jsdelivr.net get.optad360.io
1 secure.gravatar.com thetruedefender.com
1 pixel.wp.com thetruedefender.com
1 cdn2.lockerdomecdn.com thetruedefender.com
1 stats.wp.com thetruedefender.com
1 www.googletagmanager.com thetruedefender.com
1 cmp.optad360.io thetruedefender.com
0 dmp.brand-display.com Failed ssum-sec.casalemedia.com
0 links.services.disqus.com Failed c.disquscdn.com
482 121
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-01-05 -
2022-01-04		 a year crt.sh
*.optad360.io
Amazon		 2020-12-17 -
2022-01-15		 a year crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
jeeng.com
Cloudflare Inc ECC CA-3		 2021-09-13 -
2022-09-12		 a year crt.sh
*.pushengage.com
Amazon		 2021-01-27 -
2022-02-24		 a year crt.sh
*.lockerdomecdn.com
Amazon		 2021-02-24 -
2022-03-25		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
xn--r1a.website
R3		 2021-10-28 -
2022-01-26		 3 months crt.sh
*.scribd.com
R3		 2021-10-16 -
2022-01-14		 3 months crt.sh
*.disqus.com
DigiCert SHA2 Secure Server CA		 2020-04-20 -
2022-05-09		 2 years crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-11-16		 2 years crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
onetag-sys.com
R3		 2021-10-14 -
2022-01-12		 3 months crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-19 -
2021-12-20		 a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2021-05-16 -
2022-05-15		 a year crt.sh
*.a-mo.net
R3		 2021-10-21 -
2022-01-19		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.wp.pl
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-05 -
2022-03-14		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
*.lockerdome.com
Go Daddy Secure Certificate Authority - G2		 2021-09-27 -
2022-10-29		 a year crt.sh
*.scribdassets.com
R3		 2021-10-16 -
2022-01-14		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
tlgr.org
R3		 2021-10-26 -
2022-01-24		 3 months crt.sh
*.telesco.pe
Go Daddy Secure Certificate Authority - G2		 2020-03-10 -
2022-04-13		 2 years crt.sh
a.disquscdn.com
Amazon		 2021-10-31 -
2022-11-28		 a year crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-02-22 -
2022-03-26		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-08-10 -
2021-11-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
i.cdnkimg.com
R3		 2021-10-07 -
2022-01-05		 3 months crt.sh
cache.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2019-11-08 -
2022-02-05		 2 years crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2		 2021-09-02 -
2022-10-04		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.sascdn.com
DigiCert SHA2 Secure Server CA		 2021-09-13 -
2022-09-13		 a year crt.sh
*.disquscdn.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.glotgrx.com
Go Daddy Secure Certificate Authority - G2		 2020-12-14 -
2022-01-12		 a year crt.sh
ssl1029306.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2021-07-12 -
2022-06-30		 a year crt.sh
*.tns-counter.ru
GlobalSign ECC OV SSL CA 2018		 2020-11-10 -
2021-12-12		 a year crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-14 -
2022-06-10		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
*.mediarithmics.com
Gandi Standard SSL CA 2		 2021-02-17 -
2022-03-01		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-24 -
2022-06-23		 a year crt.sh
*.wpcdn.pl
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-05-14 -
2022-05-15		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.lkqd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-09 -
2022-07-14		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2022-02-16		 6 months crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-17 -
2022-02-09		 6 months crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
um3.eqads.com
Amazon		 2021-06-26 -
2022-07-25		 a year crt.sh

This page contains 71 frames:

Primary Page: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Frame ID: C9647000A09913DEB4750AD2363DB4DB
Requests: 146 HTTP requests in this frame

Frame: https://xn--r1a.website/s/TheTrueDefender
Frame ID: EC3DCE7E7E43100DA6C309AD5854743D
Requests: 42 HTTP requests in this frame

Frame: https://de.scribd.com/embeds/535977673/content
Frame ID: E1E907E0B1A4791284519E0647AD304E
Requests: 52 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13997836195017830?pubid=ld-5318-880&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Frame ID: 107D13B1F154D1AEC48EEB7738396631
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/14009642120598886?pubid=ld-7836-312&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Frame ID: 28638EC8436EF2E46B554853C94F5593
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/14447308783736934?pubid=ld-14447308783736934&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=1560
Frame ID: 46D0927638FF0006099C50BB1417D05D
Requests: 2 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34320%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34320&t_u=https%3A%2F%2Fthetruedefender.com%2Fbreaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified%2F&t_e=BREAKING%20NEWS%3A%20Mesa%20Country%2C%20Colorado%202020%20Election%20Reviewed!%20They%20Found%20Thousands%20Of%20Ballots%20Contaminated!%202020%20Election%20Must%20Be%20Decertified!&t_d=BREAKING%20NEWS%3A%20Mesa%20Country%2C%20Colorado%202020%20Election%20Reviewed!%20They%20Found%20Thousands%20Of%20Ballots%20Contaminated!%202020%20Election%20Must%20Be%20Decertified!&t_t=BREAKING%20NEWS%3A%20Mesa%20Country%2C%20Colorado%202020%20Election%20Reviewed!%20They%20Found%20Thousands%20Of%20Ballots%20Contaminated!%202020%20Election%20Must%20Be%20Decertified!&s_o=default
Frame ID: A3A97048D5A94F186BDB0C83CC9B2534
Requests: 16 HTTP requests in this frame

Frame: https://ads.betweendigital.com/load?randsalt=48160&context=AAAAACMJoThhdgACaQAtAs1Vza8kNxGf531arVZPC6wigRCHERJPiZSe6bb7Y4bo6e1uNrBos2GVLNoDoJXdbXe7u2332O5PCZQrl1wj8R8gbtz5DyKhcIAkyiUkB0QuKxEQhyjCM29mV5AEJE6UeqbsclW5_CtXGdyJ0ggmLCQeyiLkhQyF3jrwEw-F67WTZKsAIxD84bd_f_PkT39--2-_fHSZi2Y2A2-BwtrGfHe5tAW1uqUZZVRmVC9SJZZEU1xxmXuS9sYT1GAvVa20enS8VhpnyoM-9D1a09RyJT1NO057mnnO3egxp7wdqtZgmRlPMY_gulbWOHtpseASW6f8rz5Ea6xHqJfRlGrLGafZEqz-U5zgm-tgEazXiyBYLRIEPjq6pyZe13gZLfz5sw-5zFRv5q88mAf-wn9h7gRx-MJ8iMPn5jebpqYPKbnL7TJCyQLF82fv3nlw7-Xn5zWv6Pz7NK3Uc_MXC60EXa6dw0UYo9UiCuevYYY131uBqyFCYXJgJ3EQB2gNroV-FPowAO8cg08ugRn4KgDufwZOv-AgTnzdIfjIFFjTrdLVH9y8FcA9mzkC298z-wM9CnxwNfZRgMDx7ZfAt7-nsaxYq-0ci_k9zCU4vvMSuAIXvg-OMwqu7e0ACMDVH7r99YFdCXy0cp7DVx_cckrz5fwuzpyTnpL5fU0FbwW4Xvbc1Cqt-EUg4FsP7r-8fnTzdhRA5Ierz81PwiiJVyG4_OL9e-CZzGVaLrYXCVx-9Ue33EHATw45xZlZEGp76pDgObe43qUVZ6VR8tyeNZoSnrktT6TSAtdu9NYfAXjvw79c2kUyc5gegaMdOrv57ju5yBk4Xkc7-W51r__7k8Pe7aLj3N2z3Y6y1fVytU6WUkIKJSpImeCY6FaUIa6mqm6YZWFsoiwahjCGfdOxHsORsE7hVNih4TjPobEipEPfb1JRoq7o2tT5U6QNnQaDVrDWTrwjU6dgNeUQG6MiYrO2TohmTLMihfkI9ZCTEbWscimDcVmbliSTykNUGs1KInKYkRraaeorI0iT5yotJZ2YsLChVGBaV6YgDnBh-iGCKm3rCenSsr7mehipjRHemKJNoJ6GSDe0ixwoomOy6hCrMtEmRRUVEMabje2qjqqsZIVkqo-QIHSsOhEXKGdFbgaVRT1uY1y1eYJNMaQwo-FGTlWu-cRa2MNaoEpuygp3mbtNBspasl52-Ui7tNJNblmuRlToUca2qgXjZCN0CyckcpE6G5HWYwZNM8ISUjv1LSIyw6aMaNxPY-kgpZ1pynCjs0pw1BAbs2mTjg3tx2rTkIoxk_UtHZuNFZOQ3EViNCIMyTzXfTVOUR0WnSwjbFA0kKpVidkIrjIxwbAZQpt2aihJ2-B4UgmPWt2XukaodcgNU1lNVEVoTEnXFJB36VjJDPZhx_It_iSOepZLHOc2q43bkpR06hFr2RiOnZ4i1kfasHYkNtkkaRfyuBnwMLQVUqiHZiS8rPO4mzJa7e8P3LQpOg_OglNXWvjHPz0LYhQlvh-tYtf5gziO13ESIZRA_7Rzy2GSQBSvIDxNW33mSvDU1dQZXKAgSCIfnVrl6u7pPFklYZy4Qp59Cd3-9cc_-_pjcn7g33j_r-9-rXn4X-cH-xvf-cfj7ufgxpf5_9_o8flsX-cH7vrCE3Ki188PK0f7ngA-_dUHN9zgDdeUjsCTPuEUthr_B0_LZ9sT_Fsg2_A-O9p20s9BAC5a4BfQlR6bYGv5yaUDWkfXkO8PMPIv_-bK0eu_mPa2v_vK9rug6we_J-4ZSjzXTLeP2U6yfcoO8G5b7v4deYL97MaF1lNM_wk=
Frame ID: E61051119FAB82B4C6A33F4169910006
Requests: 1 HTTP requests in this frame

Frame: https://i.cdnkimg.com/auto/300/image/tesr/3048/48/616f3101f2264t1634676993r4399.jpg
Frame ID: 3CCFE1A5DFD3CFF66BF4B26ED095C90B
Requests: 26 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=4d6f224f-4400-5330-9268-7736f316b85d&CACHEBUSTER=285296
Frame ID: 605FB6D8AB6AB70522A0ADA8295CD835
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Frame ID: A4AFF3F1BBC04027ACB67517ED424650
Requests: 3 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Frame ID: E4DF5B6298A6AB9253EFF208E6A0CD45
Requests: 1 HTTP requests in this frame

Frame: https://js.ad-score.com/x.html?pid=1000787
Frame ID: 9E150B4161774A832930967A637A9B8C
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 0DC805BC659FBE1C54B69EE7D9E92670
Requests: 1 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22460881734149018315%22%2c%22adomain%22%3a%22videoslots.com%22%2c%22page%22%3a%221366485%22%2c%22format%22%3a%2289189%22%2c%22crid%22%3a%2244760290%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%222502%22%2c%22cid%22%3a%221675546%22%2c%22adid%22%3a%2244760290%22%2c%22hash%22%3a%22915631889033589873%22%7d
Frame ID: C1A79C9EDD8A47FE2FB843E962D5C618
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=44760290;rtbwp=05OadWY7OG16CTmI1CBxS4KAho2d0JhcnMXRfg;rtbdata=Kjn_Dmzoips0_mwX9F7jWf9rJSN-Pjk4sPiOcvtqZVDXj-fEYzgmm_3EdzY6iRaxKGIsPpfsgVtABzAewheSpaQxuFGxZylsvmTE0o7CowCFIQIbZK0Q-rZawB6gw7oVOY1r1Qs5JMADhZoZs_0HUQOCjXJ4pkxAJEv0DZKJVqrhf-E7Svz7ULNA_8xAwVYKHIjw9p8qfGowKvLjvM_hhvl0IVPlGatpg8id5EPEn4Toc0RYJZwOkfWeUiXw_IdwV4cNgfjq2cmrZnv5W_Evql6TJEUvcBlScM-vyPUvk-qvs-xl4YTkom-3qCV-0BPU3o9HQ5S6PkaTGJWq5R7Vfec1WZEscE_SejuXK1CiyBvZSFDRdLfbVG0n9ACSdag9J66wd7eqnNJXhND6bicRKxUCzFW9muloOycMMnD-fYXiEZLnu-L3zIUuRASEZw1nuBYaO0OyCybE4_sQZGQgqA2
Frame ID: F4C45A4B0111CF8BDDB8538D853C0F98
Requests: 7 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 16E5229D43FCAEF043091D21D85D4784
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 278605FE8AA0CE1707F9F4417CF1312A
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=thetruedefender.com
Frame ID: B1B82ECFD3DBFB54E26F5328C4589E60
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 2747AE2450A22F59855B6FDC5E823A57
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: 7A1E802DF4C9DB774BB5E81EC97D080A
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1D8639D8768BC55D1BC0A58E53E67722
Requests: 3 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: A5681664C86793294593878DA1BBA810
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: AD635529E97A98D0E853087370E48ED1
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: B2096C6C86C26CE90E7401027BD6A4E1
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: 8DF8DF33B98B21473E1F4EFF5F309FC2
Requests: 12 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: 8EB91C1E24B5A9180DC1EF36573C0439
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 41FB6A93800633BB813BA8B4C7BC117F
Requests: 3 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: D0DDAC2979BD0ABFD5C4749FB53B256A
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: FCFA226A4D7900E6F1EC32701264EE81
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: 57132715695EE478060482E3D4E10D69
Requests: 2 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: D959E2E5AF625EC716D8E7D524FEDC25
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3D5025702120B7152815AAE1E068DE9B
Requests: 3 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 9B82095FBB6FEE18201DF62F07FB5A98
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1635700586860
Frame ID: 83DCD865E1D6F3C562BB18BFC67E115D
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1635700586840
Frame ID: 5C8B942A61FE1DFA1BED9C6A4ED90B4D
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: D10E9DAA48831946B6F125138618692F
Requests: 12 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 3D2526EE4AF24FA9567819229EC20214
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: 0948CAE3ECB5C7E24B2C82214D30D6D4
Requests: 12 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: E8F545B1A0124CC17EB587A2D0E8E886
Requests: 2 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: 3AC0BF5A27E55459AF1430E3A9BEC8C7
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1635700586843
Frame ID: 8270210BC8606A1642A55D031DA66573
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: FB7E5010B2377FB627BEFF244DC7DCFA
Requests: 2 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: CCFC4ECF9D99B4B552B71A2670C50E1E
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: 68DCCBA483D6754A5E85FAFF30A83B55
Requests: 12 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: A61AB59409FBAC3F5BA807387926F632
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6E0AEE1C047D646DF695CE8739145B69
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9FFBAC06E0E302CA8D35C4F2ADDAB3F7
Requests: 3 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: C9A629F8314D1A9F6F6766955325FFFE
Requests: 12 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1
Frame ID: CDA547A3820DA9BEE4467980051F7A2C
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 2A9D5F8ADA7093A21FB279E03624FE52
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 3249182392FA088DB32AC9E17B267F4C
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 3D26058F770A4F82EEF1CDF4145178D5
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 6555A255DA4201186E016F696E203059
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 630F1C749FEBB8DE8CDBCAEB911235E1
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 5E0BA009468B10891BF4E117DD9D7447
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: AB873E3850E9E49B808795B09F768397
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 9F0E70D2868849262173561F67BFF157
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 03206B16826FCE2FF03C8F44BE1A6AE0
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: C7FD6776E732BC2D7561048D3E419A51
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: D62A0DB5CB07F9A204330874A52E6767
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: B9BF3EC20CC61F048B7A96BA2F3E2CB4
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: A2EB4B8C69F0C6B42ED404A71B52913D
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 50D7B6A5868B1B23E75FC33E9D2A83DE
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 6E8335283F808F62B640702C27F5ADC8
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: C99C1CF774818FAF303DE45C309F2919
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: AEF226D319F0F2B0AB8E64F5753F7835
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 3FEB2523D2859A719CAA9AD94B83E377
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: D2AE733B0E66427BBCF013D2F389046F
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: B9730C12737ED49CE575794225F886E6
Requests: 1 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 1F318C659B58A68C700CF72141A5E6DD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BREAKING NEWS: Mesa Country, Colorado 2020 Election Reviewed! They Found Thousands Of Ballots Contaminated! 2020 Election Must Be Decertified! - The True Defender !

Page Statistics

482
Requests

82 %
HTTPS

31 %
IPv6

85
Domains

121
Subdomains

85
IPs

13
Countries

4637 kB
Transfer

10680 kB
Size

93
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53
  • https://www.scribd.com/javascripts/embed_code/inject.js HTTP 302
  • https://de.scribd.com/javascripts/embed_code/inject.js
Request Chain 57
  • https://www.scribd.com/embeds/535977673/content HTTP 302
  • https://de.scribd.com/embeds/535977673/content
Request Chain 241
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=b2f4a99e-30f3-4bee-9f25-941ddf052f7f HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=b2f4a99e-30f3-4bee-9f25-941ddf052f7f HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=0c50b2c8-bfb8-4394-b4a6-ef0c8cce0388&user_group=1&ssp=between&bsw_param=b2f4a99e-30f3-4bee-9f25-941ddf052f7f HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b2f4a99e-30f3-4bee-9f25-941ddf052f7f
Request Chain 242
  • https://px.adhigh.net/p/cm/btw HTTP 302
  • https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=u6CIhlQkKavG.AikABlF811o8Iw
Request Chain 243
  • https://sync.bumlam.com/?src=bw1&uid=4d6f224f-4400-5330-9268-7736f316b85d HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjrnvuLBlIFvp7KygpiJDRkNmYyMjRmLTQ0MDAtNTMzMC05MjY4LTc3MzZmMzE2Yjg1ZA** HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjrnvuLBlIFvp7KygpiJDRkNmYyMjRmLTQ0MDAtNTMzMC05MjY4LTc3MzZmMzE2Yjg1ZKIBEEhRSB46bhHspukAJZDIJDc* HTTP 302
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQABjrnvuLBmIkNGQ2ZjIyNGYtNDQwMC01MzMwLTkyNjgtNzczNmYzMTZiODVkogEQSFFIHjpuEeym6QAlkMgkNw** HTTP 302
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQARjrnvuLBmIkNGQ2ZjIyNGYtNDQwMC01MzMwLTkyNjgtNzczNmYzMTZiODVkogEQSFFIHjpuEeym6QAlkMgkNw** HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=18&external_user_id=4851481e-3a6e-11ec-a6e9-002590c82437
Request Chain 244
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.betweendigital.com/match?bidder_id=114&external_user_id=f33dc8278e5dc37df697c81e
Request Chain 247
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Request Chain 252
  • https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=thetruedefender.com&x=&nci=&adtg=HB&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon= HTTP 301
  • https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=thetruedefender.com&x=&nci=&adtg=HB&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
Request Chain 253
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/71690777 HTTP 302
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/71690777
Request Chain 254
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/61361106 HTTP 302
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/61361106
Request Chain 282
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3Db2f4a99e-30f3-4bee-9f25-941ddf052f7f&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=640c617e-cf6b-4100-af15-3fe960b07d48&expires=30&ssp=between&bsw_param=b2f4a99e-30f3-4bee-9f25-941ddf052f7f&gdpr=&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b2f4a99e-30f3-4bee-9f25-941ddf052f7f
Request Chain 293
  • https://sync.bumlam.com/?src=aid0 HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=4851481e-3a6e-11ec-a6e9-002590c82437 HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=4851481e-3a6e-11ec-a6e9-002590c82437&bounce=1 HTTP 302
  • https://sync.bumlam.com/?src=aid1&uid=mmr8rjtJ%2FLlFSt6UTtpQ4Q& HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=mmr8rjtJ/LlFSt6UTtpQ4Q&extra2=aidata HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm=&extra1=mmr8rjtJ/LlFSt6UTtpQ4Q&extra2=aidata&google_tc= HTTP 302
  • https://sync3.sniperlog.ru/?src=ggl&extra1=mmr8rjtJ/LlFSt6UTtpQ4Q&extra2=aidata&google_gid=CAESEFYonpEcKWedapkIGE1CGoc&google_cver=1
Request Chain 298
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=thetruedefender.com&sn=ChromeSyncframe&so=0&topUrl=thetruedefender.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=S4yh2XxiSXpYMTFEQzljL3czV3NEOVpFeW9sRlp5V1ZxTzlYQTJyMHUxNXdsSXM5RjBlSHl3dS9MeFNjQ1JwZ0lTR3N2UE9zbVFLYjUzQURvNUQrbStiRDBvdGsya0F1KzMxTmdld2ptWERsQzJFaFR1dWhQZGx3WThiRGdUNnhsc1dvYk9lczVHQUQ4TXp2NEhLelNhNDBYNys0K1p3azNVdE9WSTlYQzFLcnRTMWc0Q0U1dFN6Q0daY1E1QmhTUnEzRDNpNUFCb0RGZGMzeVVyejlVbXkzTkJwcEs2TDRMOGxIbFNraytPMUQ3NGQ5NEl4L2NvY2gza0VkUklTam1ZQzh0NVkyNTdTRUFPZTNHN0tNVXcxYld6UT09fA&cppv=2
Request Chain 302
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Request Chain 306
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=4d6f224f-4400-5330-9268-7736f316b85d&expires=60 HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=b2f4a99e-30f3-4bee-9f25-941ddf052f7f
Request Chain 310
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F4d6f224f-4400-5330-9268-7736f316b85d HTTP 302
  • https://an.yandex.ru/mapuid/betweendigitalis/4d6f224f-4400-5330-9268-7736f316b85d HTTP 302
  • https://an.yandex.ru/mapuid/betweendigitalis/4d6f224f-4400-5330-9268-7736f316b85d?redir-setuniq=1
Request Chain 312
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthetruedefender.com%2F&domain=thetruedefender.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=8qPa_XxkbWd2MXFCc29BZHE3OTZCVU1OOTkyckRlWXhXaGpEdGJLNFY1cS9hRGFOdVp0bkJyUjBKVnhvYno1YllUUlRwOFJvOU1yUXBBMkc4MktVVXlXYjZKN01HZDV3ZXNvVTNKamphZ1NpV0swMGhWa202MTFDV0J5c3JMVWJTZlpxbnBDdlFadHdxcnhSRnNPU2lsS05xTFpDZUQ2MWc3c3podGNHd0c1WHZUUHJ1bVFLZUlRZk9yZXF2K25DVWVJd3IrVVJ6UjR4a1E3aGNDYWZaODB5eFEyU1FwTi9Vb2NBT3dUaC9pVkl2OHdveGdHL2VMZ3paaGhUMitJbXBUbzhsZjRQZ2FCNW94VDlZakx2VkE4T1M5Q2h1bFA0aVZEWFhNOXIvWTRVYTZqaz18&cppv=2
Request Chain 342
  • https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fgdpr%3D0%26issi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
Request Chain 344
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 302
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent=&prevuid=03030001_617ecf6e35a5c&knw= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=03030001_617ecf6e35a5c&gdpr=0&gdpr_consent=
Request Chain 346
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAD8O07C_Z8AABb-5bJB7g&gdpr=0
Request Chain 351
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 352
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 354
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 357
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 358
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2291873998 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2291873998 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/cf29c773-4f35-4361-babe-f078b1a40e96 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-c421bd82-e47d-4518-a33e-828541fe0754-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-c421bd82-e47d-4518-a33e-828541fe0754-003 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-c421bd82-e47d-4518-a33e-828541fe0754-003
Request Chain 360
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7876132081178951649
Request Chain 361
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-RCOBwotE2uEhFcXWFG6gd1WEQzQFvvhu0saLL5c-~A
Request Chain 362
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7876132081178951649
Request Chain 364
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP4a00e9a7-3a6e-11ec-8798-06bcf37db48a HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP4a00e9a7-3a6e-11ec-8798-06bcf37db48a
Request Chain 365
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Request Chain 366
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=852bd4cc-04ef-4061-8d3f-81b917f89f17
Request Chain 367
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=57635a82-5293-496a-ab37-f64f7605e1ff
Request Chain 368
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f33dc8278e5dc37df697c81e
Request Chain 371
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP4a00e9a7-3a6e-11ec-8798-06bcf37db48a HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP4a00e9a7-3a6e-11ec-8798-06bcf37db48a
Request Chain 372
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Request Chain 373
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=dda0f77f-d162-49ab-b55e-dd782d2f6861
Request Chain 374
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2282844342217095484
Request Chain 375
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=7fed4a6b-e3dd-4ab6-839c-ff18b426fc3a
Request Chain 376
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f33dc8278e5dc37df697c81e
Request Chain 377
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7163654611 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7163654611 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/cf29c773-4f35-4361-babe-f078b1a40e96 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-c421bd82-e47d-4518-a33e-828541fe0754-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-c421bd82-e47d-4518-a33e-828541fe0754-003 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-c421bd82-e47d-4518-a33e-828541fe0754-003
Request Chain 379
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-RCOBwotE2uEhFcXWFG6gd1WEQzQFvvhu0saLL5c-~A
Request Chain 380
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7876132081178951649
Request Chain 381
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 383
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP4a00e9a7-3a6e-11ec-8798-06bcf37db48a HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP4a00e9a7-3a6e-11ec-8798-06bcf37db48a
Request Chain 384
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Request Chain 385
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=28489953-e1ac-4750-8311-3e27f24886aa
Request Chain 386
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2282844342217095484
Request Chain 387
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=3c1994bc-f9bb-4539-996c-06234b8575fd
Request Chain 388
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f33dc8278e5dc37df697c81e
Request Chain 389
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2308815295 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2308815295 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/cf29c773-4f35-4361-babe-f078b1a40e96 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-c421bd82-e47d-4518-a33e-828541fe0754-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-c421bd82-e47d-4518-a33e-828541fe0754-003 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-c421bd82-e47d-4518-a33e-828541fe0754-003
Request Chain 391
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-RCOBwotE2uEhFcXWFG6gd1WEQzQFvvhu0saLL5c-~A
Request Chain 392
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2282844342217095484
Request Chain 393
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7876132081178951649
Request Chain 395
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=e37c2af4-a9ba-4a35-856d-3d29520dec47
Request Chain 396
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f33dc8278e5dc37df697c81e
Request Chain 397
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4733305801 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4733305801 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/cf29c773-4f35-4361-babe-f078b1a40e96 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-c421bd82-e47d-4518-a33e-828541fe0754-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-c421bd82-e47d-4518-a33e-828541fe0754-003 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-c421bd82-e47d-4518-a33e-828541fe0754-003
Request Chain 399
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-RCOBwotE2uEhFcXWFG6gd1WEQzQFvvhu0saLL5c-~A
Request Chain 400
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2282844342217095484
Request Chain 401
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP4a00e9a7-3a6e-11ec-8798-06bcf37db48a HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP4a00e9a7-3a6e-11ec-8798-06bcf37db48a
Request Chain 402
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Request Chain 403
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=bc0e3a55-12a4-46f3-b0d0-474bf9a296ff
Request Chain 405
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7876132081178951649
Request Chain 407
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP4a00e9a7-3a6e-11ec-8798-06bcf37db48a HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP4a00e9a7-3a6e-11ec-8798-06bcf37db48a
Request Chain 408
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Request Chain 409
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=6b94e309-f034-4c3a-9033-357417c31149
Request Chain 410
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2282844342217095484
Request Chain 411
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=1e9fe48e-7b8b-4682-a458-e583aa10c26c
Request Chain 412
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f33dc8278e5dc37df697c81e
Request Chain 413
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7524076729 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7524076729 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/cf29c773-4f35-4361-babe-f078b1a40e96 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-c421bd82-e47d-4518-a33e-828541fe0754-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-c421bd82-e47d-4518-a33e-828541fe0754-003 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-c421bd82-e47d-4518-a33e-828541fe0754-003
Request Chain 415
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Z2h7C4NE2uGZoACZaN91Jt_v5zK1xAFAXk4Ad8k-~A
Request Chain 438
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3675597560054672788
Request Chain 440
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 441
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 442
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX7PbnPFISXP6cwQ_GTN1wAABHcAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX7PbnPFISXP6cwQ_GTN1wAABHcAAAAB&dcc=t
Request Chain 443
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=819e74f5-af01-4d34-a503-5cd241bf61d9
Request Chain 449
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433821574542215
Request Chain 455
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=640c617e-cf6b-4100-af15-3fe960b07d48&gdpr=1&gdpr_consent=
Request Chain 456
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3459424777940888980
Request Chain 460
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YX7PbnPFISXP6cwQ_GTN1wAABHcAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPXHVsCshTaa6eT42XJyrO4&google_cver=1
Request Chain 464
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=640c617e-cf6b-4100-af15-3fe960b07d48&gdpr=1&gdpr_consent=
Request Chain 465
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3676441984984804756
Request Chain 466
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=eb5MUShp1MHerA5&gdpr=1
Request Chain 467
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YX7PbnPFISXP6cwQ_GTN1wAABHcAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPXHVsCshTaa6eT42XJyrO4&google_cver=1
Request Chain 468
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 469
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YX7PbwABEEdbxQBR HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YX7PbwABEEdbxQBR&gdpr=1&_test=YX7PbwABEEdbxQBR
Request Chain 475
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=640c617e-cf6b-4100-af15-3fe960b07d48&gdpr=1&gdpr_consent=
Request Chain 476
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433821574542215
Request Chain 477
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 480
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1

482 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/ 		219 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15deefc3d77630e6de98c0d791608e8794e25ab2b524c9904ff0d4dd399f63e0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-type
text/html; charset=UTF-8
cf-ray
6a6e87f278b94e8b-FRA
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://thetruedefender.com/wp-json/>; rel="https://api.w.org/", <https://thetruedefender.com/wp-json/wp/v2/posts/34320>; rel="alternate"; type="application/json", <https://thetruedefender.com/?p=34320>; rel=shortlink
vary
Accept-Encoding,User-Agent
cf-cache-status
BYPASS
cf-apo-via
origin,no-cache
cf-edge-cache
cache,platform=wordpress
cf-railgun
direct (starting new WAN connection)
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pragma
no-cache
x-pingback
https://thetruedefender.com/xmlrpc.php
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KwvtpHJqqahlY42fTcJfBt0WRjFcYx1M4V%2BQ5qQEWfG8wraRNDfqtWjZWe3mE0vVqRE5rDTS1YOO2KJq8gbUQHPtiOR%2F4UYrFg0Tsynosi%2BbjflPWAeTvN8FKwxyCLj5ah5EuMEc3HvioRSDbKk6s9w%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
f8ec1629-32c3-44fb-be24-9764b22efcd2.min.js
cmp.optad360.io/items/ 		2 B
352 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.optad360.io/items/f8ec1629-32c3-44fb-be24-9764b22efcd2.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:7800:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:01:45 GMT
via
1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
last-modified
Thu, 28 Oct 2021 09:48:14 GMT
server
AmazonS3
age
882
etag
"99914b932bd37a50b983c5e7c90ae93b"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
2
x-amz-cf-id
We0Ll8wRiCyIECFVa2j5P450M4ZArRzLGBGH2z-_heqqJ1CY8-WVNQ==
plugin.min.js
get.optad360.io/sf/ab4db02e-f004-4923-8d56-ed722ad49704/ 		384 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/ab4db02e-f004-4923-8d56-ed722ad49704/plugin.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7400:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b27e0fd58dabc8c58c7944cfda0a7fcdefcab27547fbe4d939b27d93af483ca2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:15:58 GMT
content-encoding
gzip
last-modified
Fri, 29 Oct 2021 09:22:37 GMT
server
AmazonS3
age
29
etag
W/"274e65d5213db929459b72fc2944ec63"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
C21lLgs_3mlzR1OMMgPca6tCNoYmc54poXuyEfuhZ2wRkxLqdMek3g==
this.png
thetruedefender.com/wp-content/uploads/2021/01/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thetruedefender.com/wp-content/uploads/2021/01/this.png
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efd9e824a1e4ebcc1191decc082d4718bc50ca3ac692bb9529753d4cc97c5ecc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
52142
cf-polished
origSize=21749
content-length
19502
last-modified
Tue, 05 Jan 2021 23:49:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gq%2FuPbCjl8CXAR4RCSuqm4lBj7siHujdFn7aG1JkAr3xy5w8JtrWlqO58SEzPf4oFc%2BZCyvmfRoFsGwGO3qwR3M2aGGqzsFl2tlQObFhTa0sk%2Fn%2FkF3yzCkltBiDaY8jtVBy%2Frdcf0sOWBgsmNqvGnY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6a6e87f87daf4e8b-FRA
cf-bgj
imgq:100,h2pri
Capture-350.png
i2.wp.com/thetruedefender.com/wp-content/uploads/2021/10/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/thetruedefender.com/wp-content/uploads/2021/10/Capture-350.png?resize=377%2C219&ssl=1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
b19b9e1c13db650045da6731522c1b57b4ea0aef5544c5d4e1bb4704ba120385
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 31 Oct 2021 17:16:26 GMT
x-content-type-options
nosniff
last-modified
Sat, 30 Oct 2021 16:41:08 GMT
server
nginx
etag
"a97b9817e13c9662"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://thetruedefender.com/wp-content/uploads/2021/10/Capture-350.png>; rel="canonical"
content-length
36920
expires
Tue, 31 Oct 2023 04:41:08 GMT
tielabs-fonticon.woff
thetruedefender.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82649ad7d4ec9c61f1e525b2dade75153ffb03610b88d22e1ba3ba98fd55de81

Request headers

Referer
https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
1362
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=un5r00wWsuuoOwcwCPNQRLtp0YnwhvAb2XuNQDMM8D80JrzWQxx9Dsi2mXy1XFWrYuK8pVkvB%2FNhPQA%2F4k2jQ4RVqAR4KEHeAsogQxyU7d2EjSxC5EL1TLYBRK5V5j4%2FXRljyRR%2Fr5d1CBISoNvgmvY%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a6e87f7dc524e8b-FRA
fa-solid-900.woff2
thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/ 		78 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-solid-900.woff2
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Request headers

Referer
https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
1362
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3iFovpJMBYHz5BB3vYHA%2FgqECJkZdgAPY3zgT39wfiGKrmzQr7pArSh2d%2FKdt2cwGn3XLmE1DE6H1ftpZyXc8p9zaWHO3eBGHnnWQ4Q8UwncxsrlMu9BfcLXgEUhG4oRCDk%2B88nxSSkleJBJOqlpsg0%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a6e87f7dc544e8b-FRA
fa-brands-400.woff2
thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-brands-400.woff2
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29

Request headers

Referer
https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
1362
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1oHuGViF3H953wURcFMyB4ylzgqzrOGXGC7K8YlT%2BSIBRWPeCDEe%2Bbzel5HqGpU%2BDAOWNO05vMXXsBX5aYmasxEd5xMjHDXh5b663TyTmxChpnjpZreoThfq9WgUnNIGJY8Lk1T8jTz%2FauFKuHayCv0%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a6e87f7dc564e8b-FRA
fa-regular-400.woff2
thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-regular-400.woff2
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65

Request headers

Referer
https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
1362
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L9f%2BOSLKJ9iWGsepL6OPpiCkpgSx%2BLPMRJi3%2B%2BUr%2BQfVBaCE2g2%2F6BMUiC%2BUy61UqIP3sL%2BAg3%2FxP0%2F0iYWmHcF8uSF0HVqpnjuTm83NAxOU0FXlt7RlyAC1Hy5%2FQOXZJeMCaPC5hmfDvnBwr8J0rYI%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a6e87f7dc5b4e8b-FRA
js
www.googletagmanager.com/gtag/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-186892928-1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c75429499f420d0994f7d0ed1784189a42968efae2155f18c7ab74f5d92203c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35744
x-xss-protection
0
last-modified
Sun, 31 Oct 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 31 Oct 2021 17:16:26 GMT
frontend.min.css
thetruedefender.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/css/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/css/frontend.min.css?ver=6.6.2
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7145e35459692778d48ee4720e0897425811356b8e60ecdf87decaa8db0fdd6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Mar 2021 22:03:52 GMT
server
cloudflare
age
1362
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CktWkQSSOzpjmsoOyJ%2Fd%2BrJgFteTFudRoX%2FSd4c%2FlLz1Njsp0KHs6quVIeelOZ7yMn2%2BPfCMwleNquWRZkpa2rpfsjCuInuetg1J5u968sRSfSBfQc7ATgg4nXoXMazjG7c53Fik0HT0xBmVd4XkjuI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a6e87f7dc584e8b-FRA
base.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/base.min.css?ver=5.4.9
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aae68d7418f7820c7267d6dc0ec4f3f0935d15e965d5dfd0730ee15265cb932e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
1362
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMmU%2FslB1LGE%2B9SmsLjQztZxnyFeewKAFfo2%2BpNnWFVuW4kEPb%2FGWKlzAE1SoBdc%2FIV4GKJlElUosxLp06Q%2Bm%2BOtl1bPPyNaNe1NKh7IrTvF%2By8IqBbIAW8E%2FD4PPc9KKeYXYxsI1uFo9y4KLmtQyKs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a6e87f7dc5a4e8b-FRA
style.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 		171 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/style.min.css?ver=5.4.9
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4e54900492e7fa37b1da9dfb701b52ce20eb8709219e48f9db66b9fd547c429

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
1362
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJ%2FYfMCboygI%2F%2B600Ro8P67g%2FLC4rGOMclQwEP1oq2ol7pQOkSOROauqrhECMfad%2FVl5fd6E9YAXYEgrCZOZ3s9V%2B0Hrp%2FEn3q%2Fx9UqNgOkvf11Jd7tvUTGvUPqQWEimFbXKdMYoeYaF2NC8gaKtAo4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a6e87f7dc5d4e8b-FRA
widgets.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 		53 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/widgets.min.css?ver=5.4.9
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
300c2a57d0ed169063b3daaff0550227cf8be6e702a58ab79f40a351df655243

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
1361
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ozm5fhAq1UsCac6lnAjlYJKX%2BdV2PseH5KSjKvakv7oZ3YAyu6VvV8s6AZTM2xoyHIoSXDPlwH5Ra6fxPq7QYfUdnxf%2BUUUT5APe4smWg691V2tdcHtcuOPh%2Bs8QJ9DBwpVqGUbzGDInJcbSw%2F34bQA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a6e87f7dc604e8b-FRA
helpers.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.9
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efd5ad608d8f3603b3eb9ca9f2c65ed45d7ca18acd0296fe5fc24b150eb4c4e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
1362
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LXSLY2lQuWvy9o4CntKcmE9FuTwnzG8hwvAOPz6BEjaQNAE7RwbLY5BM%2BQWBzX%2BMwcZwP7LaR0byWks9%2F9HKHpJsOgcO%2BFlefsiRxWEPl%2F3vHw1STWZe%2FK%2BOeGr5KTiDmETKTFGKSjgitTbu0kURcxc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a6e87f7dc624e8b-FRA
fontawesome.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 		57 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/fontawesome.css?ver=5.4.9
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e994c6b869ce31ac6a8997cfcdaca22ac6c47f137ec735b2ac413e466b7ca0c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
77
cf-polished
origSize=58662
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kiYGFDnW8dzFbIECE85V5ep4bs5F8ivA%2B3EzrcQDs%2BxlKTLxToOM2%2FSk%2BacSJSAcx77GDBhU4ydTvsS%2FvKhOW8DJjABnz%2F36CeXj1jL%2BF%2FPcBI6ImJ1%2Bf0VOxcfwDi41lls76dYQzSS0ZvBoXK7iZU0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a6e87f7dc644e8b-FRA
cf-bgj
minify
skin.css
thetruedefender.com/wp-content/themes/jannah/assets/ilightbox/dark-skin/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/ilightbox/dark-skin/skin.css?ver=5.4.9
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff17f08db808e813e0f3270329ce38e06376065502acddb467d39eea8d84d67c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
1362
cf-polished
origSize=12018
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fNE3%2BnQotZ3JlQSxVonqEEFfk5Hvf5mgPk0sQRcpzLHobKW4nafqrAQV8W%2B1r5Kkptzax%2FabN2VM5MNatpauRsFbcXfsi6kB3tSa5fgtiAkvvDXsGjOdRXVa8p%2BBm6gioQXSdMpjqGmyLKXCJQkkd64%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a6e87f7ec904e8b-FRA
cf-bgj
minify
shortcodes.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/plugins/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/plugins/shortcodes.min.css?ver=5.4.9
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf3b52f874aebd7cfc4c49cc840977ec1fa179df6026c7cbb23794a3ccbde172

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
1362
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RhGrtII2buJKIIFjAf1ruQeD5CGa3yztghR4SH1PrwyzI%2BCv7kiRJMkEJsQ3sWATOfTiKxeVd97hlXr93RmdzfRtBwdZlRVyM6unh6TsybwrXR5FWpxpe7GSVbXMY6yU%2Fl6QqbPsRDUWj7LoWvsAxUs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a6e87f7ec914e8b-FRA
single.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 		40 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/single.min.css?ver=5.4.9
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5010764339d94d1fa6a5cc219dd0ab07cfca326a11e866768b80d6081773950

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
1362
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=51TQW2AAAaLRsNQRz6aST0V5TGbEy%2FbJ2CsxxjX6ClFXkGS1y13B%2F5caCJmCL2A8qkhWcj5r1EkB6vm3bJn%2B3DJYAIBlyKCCo6s5jeZzAKx%2Bshl7t55aaP42XuzNwzdDMMB0V9%2BmfUBgJMh%2B1AMVX7k%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a6e87f7ec924e8b-FRA
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-186892928-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 Oct 2021 23:24:02 GMT
server
Golfe2
age
4552
date
Sun, 31 Oct 2021 16:00:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sun, 31 Oct 2021 18:00:34 GMT
wp-emoji-release.min.js
thetruedefender.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 12:55:33 GMT
server
cloudflare
age
1036
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SMQucgLNwq2svyNqUcamCWDbMs4TAFWlgGZfYAT8n093Wy7acgWjmMG1ovCqzLwMnOZEM7b85GFl4QsbEOlbm64YsPbIoVdGB5Bl2MeKmd3GeQ0MfawKqPVS7vgaC7VFJeqZOB8LIi%2F38sevd0W1Vn8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a6e87f94f9b4e8b-FRA
print.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 		2 KB
959 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/print.css?ver=5.4.9
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1672b6adb575ab5321d426ebcca1e8b00217bfb2704fb41797f0dc91f5f5061

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
1360
cf-polished
origSize=2175
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nLp%2Byr9cZYFpM0oIn11cC%2Bs4LU21E%2FmUyeEjRsH2V1pJbTHIyrhATIU%2BWjCQYV4mHibbYPzc49zTtOQhRDnTMVVOPEYpOmQAZ4yzgP1NnzZUwhxWEY9wmbIbOwXYMR3LZXTRr9raVjvsExt46P8X814%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a6e87f94f9c4e8b-FRA
cf-bgj
minify
jetpack.css
c0.wp.com/p/jetpack/9.5.3/css/ 		75 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/9.5.3/css/jetpack.css
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
0b721ba64a02eb660eb62d1b6d7558ec8d86490c0e4444262b38ac5a54004e88
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
last-modified
Tue, 23 Feb 2021 16:08:42 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Mon, 31 Oct 2022 17:16:26 GMT
frontend-gtag.min.js
thetruedefender.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=6.6.2
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a1fc524469c189ab3ef5bb0fd741d4ca4b9397535b88666e87b412fb78cb4f1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Mar 2021 22:03:52 GMT
server
cloudflare
age
1362
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b0%2FnwV996z2Xu9aH6832DiIFsPTPBrLUQ6lv5ieKmWV0uxs5ZyxJDpQSRgdtx4XejiaRPg6Wg5wL7NUXrl80QtoweUhFFCCrA7oaxc3od9hRHGfwhb%2BDDLHfnScT984I83VjtfAdxMyMLm4wWUSc370%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a6e87f8ce734e8b-FRA
jquery.min.js
c0.wp.com/c/5.8.1/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.1/wp-includes/js/jquery/jquery.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Mon, 31 Oct 2022 17:16:26 GMT
jquery-migrate.min.js
c0.wp.com/c/5.8.1/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.1/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Mon, 31 Oct 2022 17:16:26 GMT
frontend.js
thetruedefender.com/wp-content/plugins/fullworks-anti-spam-pro/frontend/js/ 		439 B
601 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/fullworks-anti-spam-pro/frontend/js/frontend.js?ver=1.2.3
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c84b15475645a583ebcacf9dce3e2ac8ada4feacf3640b2ba60c9139dc9e382

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 07 Jun 2021 12:31:13 GMT
server
cloudflare
age
1362
cf-polished
origSize=1539
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=30gWhMze2FSi7u%2FiwopobWo9Omv9NrTfD0F4sp8%2BY8arGv3uTYb371TyIUIQOjG8iazO6%2BXcRec5EpBE4CaGDVtNTDY0bKogK17UOEN6cJm9pOpzgdum6DLHfsxoYjXxoJfwEr%2B0pXUWbcnxtWx1uNs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a6e87f8ce754e8b-FRA
cf-bgj
minify
jquery.form.min.js
c0.wp.com/c/5.8.1/wp-includes/js/jquery/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.1/wp-includes/js/jquery/jquery.form.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
7dcbd9ddb813cf06084d60b6158da5289b9e33ba3f9e7c463fd20e7ec8462014
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
last-modified
Thu, 18 Mar 2021 17:53:19 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Mon, 31 Oct 2022 17:16:26 GMT
just-contact-form-ajax-script.js
thetruedefender.com/wp-content/plugins/just-contact-form/js/ 		388 B
612 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/just-contact-form/js/just-contact-form-ajax-script.js?ver=5.8.1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae5df397c5c0dac0b9a5156343d18306f38b277664010be4121bd082f795131c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 22 Nov 2020 12:53:32 GMT
server
cloudflare
age
1362
cf-polished
origSize=463
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NATmYTEnHNK2P3Grb3xe4uCyiuVIJsp53Qo3dptS%2B2bgJFbb5KxhsLmQbazqkpXw8TpPcDLSN5O3%2Fd8oFSIoCWfwHas1Q93rgXBs0dUbJcfsehcmPC%2BTe4eKHmm873hFad2c1KfhPXz9397qggxjPIk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a6e87f8ce764e8b-FRA
cf-bgj
minify
/
users.api.jeeng.com/users/domains/0Lvxx4MBY1/sdk/ 		354 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://users.api.jeeng.com/users/domains/0Lvxx4MBY1/sdk/
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:39ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
23b800e029b29e46cec33c547cda6c13c22b8db4e46af74cbb929fdf68605764

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
age
1452
x-powered-by
Express
x-cache
Hit from cloudfront
access-control-allow-origin
*
server
cloudflare
etag
W/"589e3-3HWiE9Czg/7K9ZMi6+LRpSKdkOo"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 d9bf8acc1da383db4531789bbb03ac07.cloudfront.net (CloudFront)
x-cloud-trace-context
4bb6710c7450d0c3a0c9478d7d1c1841
cache-control
max-age=3600
x-amz-cf-pop
FRA2-C2
cf-ray
6a6e87f98a525c50-FRA
x-amz-cf-id
aTAGYnv-Rcb10MlUAKaPSYlv89EWIeQDXd_oKZwdCzXsVlD77cJ-2Q==
email-decode.min.js
thetruedefender.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 12:26:29 GMT
server
cloudflare
etag
W/"616eb975-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cELh4fA73tU17t0OkE3EFk9ccK1ZUFlF3MYfxwKGmkEY9vpK0JwOPkyS8EdzM1NjX6MFF%2FJt9o2F%2F6NTmxRXLPZn1JQgPmPcdc0f4ULUsG132tfeYx7dr7kSRCt1e6GFMO8D6OJxpDUdKSB8KZ9S5sM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a6e87f93f5e4e8b-FRA
vary
Accept-Encoding
expires
Tue, 02 Nov 2021 17:16:26 GMT
photon.min.js
c0.wp.com/p/jetpack/9.5.3/_inc/build/photon/ 		758 B
425 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/9.5.3/_inc/build/photon/photon.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
last-modified
Tue, 31 Mar 2020 17:26:38 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Mon, 31 Oct 2022 17:16:26 GMT
comment_count.js
thetruedefender.com/wp-content/plugins/disqus-comment-system/public/js/ 		708 B
700 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 12:35:35 GMT
server
cloudflare
age
1362
cf-polished
origSize=889
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2BklDENU8MyBnAQVrBIqoatZ4nsZIOBW8L2OkkN3SlFJnsDZsK%2FyZME1L0MxQkkMLTIwEwcoCt0ImmsvCVDi5ZAT7Oxwxfl9lgW5s%2BddvqAlZV0mcZokIEiz%2Bg3D3dtgSryjkYYlU3fJjw%2FGc43u3J0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a6e87f94f814e8b-FRA
cf-bgj
minify
comment_embed.js
thetruedefender.com/wp-content/plugins/disqus-comment-system/public/js/ 		878 B
670 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.22
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60631ed8f1dfa6713ff9e30fec41786aadc477c0cac5a75dca66b5a49f76b901

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 12:35:35 GMT
server
cloudflare
age
77
cf-polished
origSize=1232
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BSkRD6LRlD%2FBajx0tBOuDXgx7VK7qBnN621F9YOf3ZBKisNvBBbQDU43SFvHHuiDyWiPERS1Wv6bOkv41PB%2BR0%2BUVHz1aQbos0KMp43qKF%2BuPjDndXZrwKg7%2BuhCmBwkUHJWIz%2BKdTI0aUinWWc80OE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a6e87f94f8e4e8b-FRA
cf-bgj
minify
6aee8e32-15aa-46b8-b94d-8d12cf53c25c.js
clientcdn.pushengage.com/core/ 		76 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientcdn.pushengage.com/core/6aee8e32-15aa-46b8-b94d-8d12cf53c25c.js?ver=5.8.1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
80b5f56879cce5196b2c10bf238bd7e83df53c26ecf581637249d0ff8c28d770

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
FRA60-P4
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=120
x-amz-cf-id
Al_uhgcEeUG9TlvWj2S0CarzdpTOUtSlu5N_ZLEiMeRXGtL0dCIPdw==
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
intersectionobserver-polyfill.min.js
thetruedefender.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/intersectionobserver-polyfill.min.js?ver=1.1.2
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88264adf3d3193fb56c229f0b92e2a6096770eb76996d1fedc95f5bcb208ccda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 03 Jun 2021 12:23:44 GMT
server
cloudflare
age
1362
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HRPEavq64%2FDeNVFlqF6fnJXRdUfKbb9f0qfa7EuERb5OWst1sWxIHMjQcnt50wSncVD4vDh%2FaFyrTGYVsc%2FuUjCJTezX5KM1YjI2RTl9mGPQPFGOtglBDDto9lsOukxHtTqKVjgaF5BOTGKE9qURLq4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a6e87f94f8f4e8b-FRA
lazy-images.min.js
thetruedefender.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/lazy-images.min.js?ver=1.1.2
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51e78e904c795ed5b0154a9995d1ab0b7e3667f5aede719bda86ba38236c5989

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 03 Jun 2021 12:23:44 GMT
server
cloudflare
age
1362
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C0DX5HgQjwndeFAxR0dHvSD4inZ%2F%2FHO0Zna5IuEG0xR5jR%2F0IoB8QnX0YC%2FEUlOLOlJU%2FM1Q34GAtLvA4JmZXtVoFUoqG%2BcXBoep7JAXFQ4XQ4yEb8cKOcUbUk7MlaoMedvUJqt2vSGi%2F7l2%2FAe0qkU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a6e87f94f914e8b-FRA
scripts.min.js
thetruedefender.com/wp-content/themes/jannah/assets/js/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/js/scripts.min.js?ver=5.4.9
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d90a92a7cfa091e8b08b8a24572b8c67d1aa35d4e2a9b09887cfb412acc3adfc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
1362
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=amvdruvuSef0mj7qtjcj%2BG0xRNj84B5l0pfzSVJcxOTenUzCVFqQLKp56XfPYhIXoUGZb6xJWtvQN0lu8Ik0bCWRQO9cnBZg8ODMEk5m1iHDjqlIdP%2Fqd79O8N5XxlsSQbFmhACw4LXc9FMm1Dd6rgI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a6e87f94f924e8b-FRA
lightbox.js
thetruedefender.com/wp-content/themes/jannah/assets/ilightbox/ 		79 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=5.4.9
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
545f7284439440fac6a2ce4a53a16cf7e9c7f9f6dc7a6f09877bd2af7c85e3b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
1362
cf-polished
origSize=81423
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=syCSLdyes3CwYLnVk3pM5E0okQbnG07NNVBlwnH73Y4QMXqvlmg48Zuhu5Ub1pLNz8Td83e9%2FTxlSnIM0C68iPzj3h2dW59oAscAG3omk10EfA8CZyZTTweSXdBD1rT6i9X4r8ZC08BKm%2FMBvr%2FgPkk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a6e87f94f934e8b-FRA
cf-bgj
minify
sliders.min.js
thetruedefender.com/wp-content/themes/jannah/assets/js/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/js/sliders.min.js?ver=5.4.9
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4aedd618e5afdcceeaeb82c1d6926175a4bb43dd363e9c64eacfca2ae80c9b60

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
1362
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4jUveUykLzgWqJgYq8DWwra8VEjIoRiWmmn7eJxoH4%2FuPOPqvmvVVSMc0w%2FjB19F6NSArVkWDL51Aof5%2BKogKhtpa5sSMJS4LQnsBFvwuGY%2FgQD52Zc%2BhhT%2FmPND2tuw77f6SXu0%2BPl8%2BqTlEwq8mPU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a6e87f94f944e8b-FRA
shortcodes.js
thetruedefender.com/wp-content/themes/jannah/assets/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/js/shortcodes.js?ver=5.4.9
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a211890e04f6342daafeab7c7d11cd15419e8a4830f530176b28d872e6a1d9a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
1362
cf-polished
origSize=11181
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8NnoVCyN%2Fxf5j2w613ycbH76YsLhWzf%2FZRzYgKkVxnAmixWHoWdQbZPr7OseXVWnCjLnOWG9h%2BUF8r73IPv4LJs4bBYxlddelhUpd8o%2FnEYiWXyQcqsUSQXegnQhuWKFEUGZ8pdKu%2BKaa2hxpb1Kt1I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a6e87f94f954e8b-FRA
cf-bgj
minify
desktop.min.js
thetruedefender.com/wp-content/themes/jannah/assets/js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/js/desktop.min.js?ver=5.4.9
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7462bdf789a89db34e26ce9deeb27e2d532113145d71bb560aad30c67dceaf88

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
660
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iXsj%2F0Gw4qRmSF%2BhL8G2a7l7fCSVddZn7pjhxTf9fcQKg5PC6LWqi5tz73D2yMcCzF%2BMY97uLVZTHo9%2BFc6H99GGyIkQNiRDqaNGyvuvw0RW%2FhETMpdZKkKj7kNL6iaO3QjiRQ9%2BbuQXAusCoIUww74%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a6e87f94f974e8b-FRA
live-search.js
thetruedefender.com/wp-content/themes/jannah/assets/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/js/live-search.js?ver=5.4.9
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ebe3ff6e3d8d47304ff7bbcb28cc0579ca64c2cd7989015db2fbdb08ec8dd92

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
660
cf-polished
origSize=14601
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tg5IjsfRezR%2BOvHrvillo8tEJ%2Fae%2FRm9gokeznEjuilW8cS7ET1DpXGZCYnXH9d%2Brp90vs3pHdYntbObjVPhqISl5aA7PnN1e3uOID1c357goRdnXWRjehTxPUHV5x7%2BVhcWnf49cC71v2%2BOli1kVpA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a6e87f94f984e8b-FRA
cf-bgj
minify
single.min.js
thetruedefender.com/wp-content/themes/jannah/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/js/single.min.js?ver=5.4.9
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e84a340caf47fb7f52d6d4eef3db512e84c911268acf1c5eb66b44887f343457

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
1362
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WqunF6cVWWXJHb7k6Q3wflvuE18GRgO2Yc1sC8C1JLX%2FoSWVMFtfT%2B2gOuZciVyFf7x4%2B6XixXdzQ9BRhu%2Fa7GlE5q%2B4FlKrx7aE2%2BSodBIgiW8PBoJxA8q1H1h%2BVT2Ct%2FIgh4ZC7Oe8ZjrfUrsc4VY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a6e87f94f994e8b-FRA
comment-reply.min.js
c0.wp.com/c/5.8.1/wp-includes/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.1/wp-includes/js/comment-reply.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
last-modified
Thu, 18 Mar 2021 17:48:23 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Mon, 31 Oct 2022 17:16:26 GMT
wp-embed.min.js
c0.wp.com/c/5.8.1/wp-includes/js/ 		1 KB
719 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.1/wp-includes/js/wp-embed.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Mon, 31 Oct 2022 17:16:26 GMT
br-news.js
thetruedefender.com/wp-content/themes/jannah/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/js/br-news.js?ver=5.4.9
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
360cb757953c12a86e5cab86a14bc19f343fae4b09fa758b1a0535dca3c5f26f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
1362
cf-polished
origSize=5594
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CHiGP0joPxr4RmFM5G8M7Xi2ZnesY1ngDbID6gPvQ2XxHkAdvaFuaRH87gFJ0%2FC8CnBjVl0SrUbFYezgLBeLuPbLwVG5s%2BvYicuJo8QSBYd%2B7J12k8CYKhZ2jJPDifAxSVYYXc4Y6cmdP%2FlkQIlKU8A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a6e87f94f9a4e8b-FRA
cf-bgj
minify
e-202143.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202143.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn
date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
gzip
server
nginx
etag
W/"5c6340e3-350a"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 16 Oct 2022 21:07:39 GMT
thetruedefender_thetruedefender_sticky.js
cdn1.lockerdomecdn.com/embeds/ 		1020 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.lockerdomecdn.com/embeds/thetruedefender_thetruedefender_sticky.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4e00:b:6268:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6990ea232bb26e9f419f1c364efc4d46ab62288a58f57aff6f289f4a98459240

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 04:40:52 GMT
via
1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
last-modified
Tue, 05 Oct 2021 16:39:44 GMT
server
AmazonS3
age
45335
etag
"5bc9056f1e2006913082934b4e7f8720"
x-cache
Hit from cloudfront
x-amz-version-id
5SJgwcOSQVDADRfSedXeHumqp.bTbaay
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-type
application/javascript
content-length
1020
x-amz-cf-id
WcQP7kcEcetZ3tZYq1fH_oMm-WYEypu-klLmSh8Nw8yoKwzx24Crug==
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:13:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
191
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 31 Oct 2021 18:13:15 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/gif
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/ab4db02e-f004-4923-8d56-ed722ad49704/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
sffe /
Resource Hash
4dba1e011745c1bec0b32691b466bf85c8972935bdb186a45fc96296136b23d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1029 / 787 of 1000 / last-modified: 1635545062"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27294
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 31 Oct 2021 17:16:26 GMT
prebid5.14.0.js
get.optad360.io/sf/ 		460 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/prebid5.14.0.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/ab4db02e-f004-4923-8d56-ed722ad49704/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7400:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 08:09:18 GMT
content-encoding
gzip
last-modified
Thu, 23 Sep 2021 07:59:54 GMT
server
AmazonS3
age
3316029
etag
W/"6dd0a13bde35d2daa452bba998871016"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
cache-control
public, max-age=360000000
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
N_5D-mi4jnSOi6OxJkstkeFmDfo1QZpZD83Ne2XWk0Zh-qkF1tSENQ==
ajs.js
cdn2.lockerdomecdn.com/_js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.lockerdomecdn.com/_js/ajs.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:b600:a:cbb7:a940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 02:03:42 GMT
content-encoding
gzip
last-modified
Fri, 29 Oct 2021 19:55:39 GMT
age
54778
etag
W/"14f4-17ccd9f44a9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-amz-cf-id
rNT3ceuwS2ofn7YBFgyrUZKsF_SXeB89dovi45Ffdq7722L9eZg46g==
inject.js
de.scribd.com/javascripts/embed_code/
Redirect Chain
  • https://www.scribd.com/javascripts/embed_code/inject.js
  • https://de.scribd.com/javascripts/embed_code/inject.js
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://de.scribd.com/javascripts/embed_code/inject.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

date
Sun, 31 Oct 2021 17:16:26 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-fra19142-FRA
vary
x-cache
HIT
location
https://de.scribd.com/javascripts/embed_code/inject.js
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
TheTrueDefender
xn--r1a.website/s/ Frame EC3D 		108 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xn--r1a.website/s/TheTrueDefender
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
e83944ba659d994bdee15b8cf66fd6eff4904c38e273e8f2c97ec9d3288b6944
Security Headers
Name Value
Strict-Transport-Security max-age=35768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Server
nginx
Date
Sun, 31 Oct 2021 17:16:26 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Pragma
no-cache
Cache-control
no-store
Strict-Transport-Security
max-age=35768000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Untitled-326.png
i1.wp.com/thetruedefender.com/wp-content/uploads/2021/10/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/thetruedefender.com/wp-content/uploads/2021/10/Untitled-326.png?resize=390%2C220&ssl=1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
38734127be941ba31d63acb2b27a45a4cf75e614b12e91b1402114353597449a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Sun, 31 Oct 2021 17:16:26 GMT
x-content-type-options
nosniff
last-modified
Sat, 30 Oct 2021 16:22:04 GMT
server
nginx
etag
"f6e0286d1227bef8"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://thetruedefender.com/wp-content/uploads/2021/10/Untitled-326.png>; rel="canonical"
content-length
69892
expires
Tue, 31 Oct 2023 04:22:04 GMT
Capture-351.png
i1.wp.com/thetruedefender.com/wp-content/uploads/2021/10/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/thetruedefender.com/wp-content/uploads/2021/10/Capture-351.png?resize=390%2C220&ssl=1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
f857300ed4558852467fa6d67eb9808e45ebb6d5442241944e6aa0844f38f98a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 31 Oct 2021 17:16:26 GMT
x-content-type-options
nosniff
last-modified
Sat, 30 Oct 2021 17:09:46 GMT
server
nginx
etag
"a7f5c46f35c5f6b5"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://thetruedefender.com/wp-content/uploads/2021/10/Capture-351.png>; rel="canonical"
content-length
65498
expires
Tue, 31 Oct 2023 05:09:46 GMT
content
de.scribd.com/embeds/535977673/ Frame E1E9
Redirect Chain
  • https://www.scribd.com/embeds/535977673/content
  • https://de.scribd.com/embeds/535977673/content
150 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.scribd.com/embeds/535977673/content
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8b918677b3b3691728ff1f45edafcd4c0ee5653fd2812f79f27a253913837ac2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

content-type
text/html; charset=utf-8
server
nginx
status
200 OK
x-xss-protection
1; mode=block
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-request-id
c0bfaa56118817e7064608dd4a730dd57ae1da4c85670ea10f85fbd81357536b
x-runtime
0.077421
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
accept-ranges
bytes
date
Sun, 31 Oct 2021 17:16:26 GMT
via
1.1 varnish
age
18559
x-served-by
cache-fra19142-FRA
x-cache
HIT
x-cache-hits
1
vary
Accept-Encoding, X-Language-Locale, X-Bot
content-length
44542

Redirect headers

server
Varnish
retry-after
0
location
https://de.scribd.com/embeds/535977673/content
accept-ranges
bytes
date
Sun, 31 Oct 2021 17:16:26 GMT
via
1.1 varnish
x-served-by
cache-fra19142-FRA
x-cache
HIT
x-cache-hits
0
vary
content-length
0
count.js
thetruedefender-com.disqus.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender-com.disqus.com/count.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 17:16:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
233
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 28 Oct 2021 19:06:48 GMT
Server
nginx
ETag
"617af4c8-367"
Strict-Transport-Security
max-age=300; includeSubdomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
X-Amz-Cf-Pop
DFW3-C1
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id
_Lf_aQWSSp2qkXznM2kYav8BYGvaxzESWwOJ3Q2utZPq78EdavXqcg==
embed.js
thetruedefender-com.disqus.com/ 		74 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender-com.disqus.com/embed.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.22
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
98c89a5b22452f0eaebb193320aeecd474794274181c61504e3b75de313c7558
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 17:16:26 GMT
Content-Encoding
gzip
Server
openresty
Age
0
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, max-age=60
X-Service
router_gunicorn
Strict-Transport-Security
max-age=300; includeSubdomains
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
24524
Cross-Origin-Resource-Policy
cross-origin
collect
www.google-analytics.com/j/ 		1 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1504503265&t=pageview&_s=1&dl=https%3A%2F%2Fthetruedefender.com%2Fbreaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified%2F&ul=en-us&de=UTF-8&dt=BREAKING%20NEWS%3A%20Mesa%20Country%2C%20Colorado%202020%20Election%20Reviewed!%20They%20Found%20Thousands%20Of%20Ballots%20Contaminated!%202020%20Election%20Must%20Be%20Decertified!%20-%20The%20True%20Defender%20!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUIhAAAAAC~&jid=1805571171&gjid=807909745&cid=1373192930.1635700586&tid=UA-186892928-1&_gid=2038097024.1635700586&_r=1&gtm=2ouar0&did=dNDMyYj&z=666723150
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 17:16:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
g.gif
pixel.wp.com/ 		50 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A9.5.3&blog=189343063&post=34320&tz=0&srv=thetruedefender.com&host=thetruedefender.com&ref=&fcp=1138&rand=0.2162402462667452
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 31 Oct 2021 17:16:26 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
sjs.js
cdn1.lockerdomecdn.com/embeds/ 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.lockerdomecdn.com/embeds/sjs.js
Requested by
Host: cdn1.lockerdomecdn.com
URL: https://cdn1.lockerdomecdn.com/embeds/thetruedefender_thetruedefender_sticky.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4e00:b:6268:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e2ff4dda6510591e0123ec9153d0dd7f35a566566df7095694625e6c654e527

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
.wYtctBP_XBnIa5iny.dScquLAjeZQyF
via
1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
last-modified
Mon, 24 May 2021 16:45:53 GMT
server
AmazonS3
age
55997
etag
"4b1238444af4e820876b6750a0d87dbf"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sun, 31 Oct 2021 01:44:03 GMT
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
17533
x-amz-cf-id
9cRbyN2XsbvQjfI8m1ZLzy5ra_nZ5tS1Y14zTSn5_wzZdt3dL5oZMw==
entities
users.api.jeeng.com/ 		145 B
612 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://users.api.jeeng.com/entities?description_md5=&domain_id=0Lvxx4MBY1&image_url_encoded_md5=&image_url_md5=&published_at_md5=&read_only=false&sdk_version=4.8&title_md5=&url=https%3A%2F%2Fthetruedefender.com%2Fbreaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified%2F
Requested by
Host: users.api.jeeng.com
URL: https://users.api.jeeng.com/users/domains/0Lvxx4MBY1/sdk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:39ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d47e461661eb4536ac06275581c61f2abb9fb63dfbbbc4dc7aededdd013676c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
x-amz-cf-pop
FRA2-C2
x-powered-by
Express
x-cache
Miss from cloudfront
content-encoding
gzip
server
cloudflare
etag
W/"91-XVOg7Sf0+uIBIOxCk7uTDhj0zH0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
f41b7eb4ed6f17f19dc0d9ef6d1c5653
cache-control
max-age=3600
cf-ray
6a6e87faac7a5b8c-FRA
x-amz-cf-id
0n7ZBO5mEtpbMo3kMqSNAUy50sC3jq5h1LBD6uki60ocr8G4QKWnxg==
01552dc04c1d234a01413add9d8d09cd
secure.gravatar.com/avatar/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/01552dc04c1d234a01413add9d8d09cd?s=140&d=mm&r=g
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0111ef8fb7bab66f02ebb76acf1c20ebff86c7eddef1834b50529d3396410c26

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 31 Oct 2021 17:16:26 GMT
last-modified
Wed, 17 Feb 2021 14:09:30 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="01552dc04c1d234a01413add9d8d09cd.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/01552dc04c1d234a01413add9d8d09cd?s=140&d=mm&r=g>; rel="canonical"
content-length
39893
expires
Sun, 31 Oct 2021 17:21:26 GMT
Capture-350.png
i2.wp.com/thetruedefender.com/wp-content/uploads/2021/10/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/thetruedefender.com/wp-content/uploads/2021/10/Capture-350.png?w=377&ssl=1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
b19b9e1c13db650045da6731522c1b57b4ea0aef5544c5d4e1bb4704ba120385
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 31 Oct 2021 17:16:26 GMT
x-content-type-options
nosniff
last-modified
Sat, 30 Oct 2021 21:03:41 GMT
server
nginx
etag
"850ee48a91778ace"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://thetruedefender.com/wp-content/uploads/2021/10/Capture-350.png>; rel="canonical"
content-length
36920
expires
Tue, 31 Oct 2023 09:03:41 GMT
Untitled-343.png
i2.wp.com/thetruedefender.com/wp-content/uploads/2021/10/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/thetruedefender.com/wp-content/uploads/2021/10/Untitled-343.png?resize=220%2C150&ssl=1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
9e3bec5a0e6159e2dc22dc4fae2d61909f0e95a7f12b9a1e36b1a72418136de8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Sun, 31 Oct 2021 17:16:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 31 Oct 2021 14:18:46 GMT
server
nginx
etag
"86a1717d780c8ce9"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://thetruedefender.com/wp-content/uploads/2021/10/Untitled-343.png>; rel="canonical"
content-length
42198
expires
Wed, 01 Nov 2023 02:18:46 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211031
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dde8d8d5c56eb93e433b3b333cb6cbab4e98448622c6738f28264f66657164df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
8128
x-jsd-version
1.0.1147
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19142-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"69b-+7Buvc1FuMFlzBk7+4iub7C2hks"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6a6e87fafa5c4ece-FRA
localstore.js
script.4dex.io/ 		483 B
962 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
29825
content-type
application/javascript
x-amz-request-id
txfb885b5eaead480dbfa2f-00617b9d6a
x-amz-id-2
txfb885b5eaead480dbfa2f-00617b9d6a
last-modified
Tue, 26 Oct 2021 12:44:38 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZgbkDkUrHcPbdSS6pbL5khmCuXnLSPoPIMaQH6jXkrgtqMFWp0rJgMc6mhGsseHAGU7HIhxaEgqp48nhls8sqODY%2BrXectjZSc05MNgkt2vvmD2hChGzGCcjjx1Cs41WUEEAQLztd9ZQGksW"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1635252278092292
cache-control
public, max-age=1800
cf-ray
6a6e87fb08667039-FRA
expires
Sun, 31 Oct 2021 17:46:26 GMT
cdb
bidder.criteo.com/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.14.0&cb=43166649839
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Sun, 31 Oct 2021 17:16:26 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
bid-request
rtb.adpone.com/ 		766 B
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adpone.com/bid-request?pid=121725125956429&gdpr_applies=false&consentString=undefined
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ec34e53b0a6ab6f03198469fe0b957729d764a3e8136e84c376bf98fad28203

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKaBhgZEsyar2Av8LD7qtidEYahIIRz%2F%2F8XSrqZ22G66rM8gs%2Fhlu27dQvNhYRmbclzTbwzfqFVb0oOvpHrIXHZYB7R0w0KsvZI2VcINyPGABft%2FLvvNf%2F%2BQrRcLgpCGWsses8XLMhCC3clH"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
cf-ray
6a6e87fb1842690d-FRA
prebid-request
onetag-sys.com/ 		15 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://thetruedefender.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
fc8692c03ecd72d74873bd79e589f6e29f1fdf7c5a25109ac8daa50250cb8ba9

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
6%3b23%3b99
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
adjson
ads.betweendigital.com/ 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
a008ad674f22dc48af9ca67bf7c4d2496a5d87a2cf71757317e9b98905c3609d

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
v2
i.connectad.io/api/ 		0
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
6a6e87fb2f6a4e25-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
apacdex
useast.quantumdex.io/auction/ 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
cf-ray
6a6e87fb28f56913-FRA
c
prebid.a-mo.net/a/ 		0
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Sun, 31 Oct 2021 17:16:26 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin, Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ 		139 B
822 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e561818dbcfdc36bd303e31a62735f68011399640bcd7210bc03ac27293b4780
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:26 GMT
X-Proxy-Origin
91.199.118.73; 91.199.118.73; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c52e2a5d-a214-4f07-a66b-642cbd1b49dc
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thetruedefender.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		138 B
821 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
c7a5f6507f395b607ab3e05cc7dfc92951e54438e5a708fc10e2f40cd3d0fddb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:26 GMT
X-Proxy-Origin
91.199.118.73; 91.199.118.73; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
dfb17997-65ff-4733-bd28-d0f67ac355a0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thetruedefender.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
ssp.wp.pl/bidder/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
server
nginx
access-control-allow-methods
POST, GET
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
accept-ch-lifetime
604800
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
access-control-allow-headers
authorization, origin, x-requested-with, cookie, content-type, accept-ch
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Sun, 31 Oct 2021 17:16:26 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid-request
onetag-sys.com/ 		15 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://thetruedefender.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
adjson
ads.betweendigital.com/ 		2 B
915 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ 		139 B
822 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
79c1f9f5001ed4be018b8adf92faa9e5d5e7021ce8371211aae6f87b5f77bb48
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:26 GMT
X-Proxy-Origin
91.199.118.73; 91.199.118.73; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
1b67da91-d5a0-4e0e-bf35-f10131312755
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thetruedefender.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
ssp.wp.pl/bidder/ 		0
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
server
nginx
access-control-allow-methods
POST, GET
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
accept-ch-lifetime
604800
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
access-control-allow-headers
authorization, origin, x-requested-with, cookie, content-type, accept-ch
c
prebid.a-mo.net/a/ 		0
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Sun, 31 Oct 2021 17:16:25 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin, Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ 		139 B
822 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
725bbf672ea72d26044d1cfc6913fade311e7a1b46d15839b34d551398251856
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:26 GMT
X-Proxy-Origin
91.199.118.73; 91.199.118.73; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
441e4dc8-e349-49ec-9ccd-5b52bf11e5c4
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thetruedefender.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
apacdex
useast.quantumdex.io/auction/ 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
cf-ray
6a6e87fb28f76913-FRA
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Sun, 31 Oct 2021 17:16:26 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
15f0f05adf60294a3eb044c7fcd6321b8b56b6613364e2d006ef8fdc03e22869

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
6%3b5%3b78
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
cdb
bidder.criteo.com/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.14.0&cb=62894634591
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Sun, 31 Oct 2021 17:16:26 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
v2
i.connectad.io/api/ 		0
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
6a6e87fb2f6d4e25-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pubads_impl_2021102501.js
securepubads.g.doubleclick.net/gpt/ 		356 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
sffe /
Resource Hash
dcd346804a786db16b40af2672924a5b8787623f71d648a017da7e236e1b19b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122594
x-xss-protection
0
last-modified
Mon, 25 Oct 2021 08:35:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 31 Oct 2021 17:16:26 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		125 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=thetruedefender.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
f6d836acd1e04a5a600e876f874a681d1590b961b051390c62b61fe6d8570f0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94
x-xss-protection
0
expires
Sun, 31 Oct 2021 17:16:26 GMT
13997836195017830
lockerdome.com/lad/ Frame 107D 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/13997836195017830?pubid=ld-5318-880&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

P3P
CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Sun, 31 Oct 2021 17:16:27 GMT
14009642120598886
lockerdome.com/lad/ Frame 2863 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/14009642120598886?pubid=ld-7836-312&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

P3P
CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Sun, 31 Oct 2021 17:16:27 GMT
source_sans_pro_regular.latin.e8ecbdac.woff2
s-f.scribdassets.com/webpack/assets/fonts/source_sans_pro/regular/ Frame E1E9 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/assets/fonts/source_sans_pro/regular/source_sans_pro_regular.latin.e8ecbdac.woff2
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b310f6ca0d12500d3d264aa9cc241256f55d65dbdb782485b5bd542d8ff97a8f

Request headers

Referer
https://de.scribd.com/
Origin
https://de.scribd.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
via
1.1 varnish
age
5160437
x-cache
HIT
x-cache-hits
15145
content-length
15956
x-served-by
cache-fra19166-FRA
last-modified
Wed, 01 Sep 2021 21:33:59 GMT
server
nginx
x-timer
S1635700587.841694,VS0,VE0
etag
"612ff1c7-3e54"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
expires
Sat, 30 Aug 2031 23:49:03 GMT
source_sans_pro_600.latin.76017e81.woff2
s-f.scribdassets.com/webpack/assets/fonts/source_sans_pro/semibold/ Frame E1E9 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/assets/fonts/source_sans_pro/semibold/source_sans_pro_600.latin.76017e81.woff2
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1b9d5a62513a369a10224f1dc73a463dc165eb58bd798dbb4cb4810ca2b5c79f

Request headers

Referer
https://de.scribd.com/
Origin
https://de.scribd.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
via
1.1 varnish
age
3944009
x-cache
HIT
x-cache-hits
15093
content-length
15860
x-served-by
cache-fra19166-FRA
last-modified
Wed, 15 Sep 2021 20:33:33 GMT
server
nginx
x-timer
S1635700587.841731,VS0,VE0
etag
"6142589d-3df4"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
expires
Sun, 14 Sep 2031 01:42:56 GMT
icons.d2ecf18b.woff2
s-f.scribdassets.com/webpack/assets/fonts/icons/ Frame E1E9 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/assets/fonts/icons/icons.d2ecf18b.woff2
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d1bb89b263061363ceb33944389da5dee8d2c2f13e98f02b898d6dc06b25b4ad

Request headers

Referer
https://de.scribd.com/
Origin
https://de.scribd.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
via
1.1 varnish
age
12501249
x-cache
HIT
x-cache-hits
6785
content-length
26448
x-served-by
cache-fra19166-FRA
last-modified
Tue, 08 Jun 2021 21:16:17 GMT
server
nginx
x-timer
S1635700587.841776,VS0,VE0
etag
"60bfde21-6750"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
expires
Sat, 07 Jun 2031 00:42:18 GMT
2.f7f4c0b10025a26ef6b3.css
s-f.scribdassets.com/webpack/monolith/ Frame E1E9 		72 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/2.f7f4c0b10025a26ef6b3.css
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7cab66a8b18e995ab4f2a12c8805b4874123a1f838fe32f0749c403883e999f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
age
3355060
x-cache
HIT
x-cache-hits
27596
content-length
10295
x-served-by
cache-fra19160-FRA
access-control-allow-origin
*
last-modified
Wed, 22 Sep 2021 20:04:46 GMT
server
nginx
x-timer
S1635700587.841117,VS0,VE0
etag
W/"614b8c5e-1216b"
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish
cache-control
max-age=315360000
accept-ranges
bytes
expires
Sat, 20 Sep 2031 21:18:46 GMT
3.fa6358ea6b372a5e508c.css
s-f.scribdassets.com/webpack/monolith/ Frame E1E9 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/3.fa6358ea6b372a5e508c.css
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5909df2b4cb3a39678fe479dd86dcbbd1db58d721625d5ae67442a832333bfd1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
age
952719
x-cache
HIT
x-cache-hits
12067
content-length
3107
x-served-by
cache-fra19160-FRA
access-control-allow-origin
*
last-modified
Wed, 20 Oct 2021 15:52:11 GMT
server
nginx
x-timer
S1635700587.841184,VS0,VE0
etag
W/"61703b2b-3aa7"
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish
cache-control
max-age=315360000
accept-ranges
bytes
expires
Sat, 18 Oct 2031 16:37:47 GMT
5.f28daf50257e42343d65.css
s-f.scribdassets.com/webpack/monolith/ Frame E1E9 		325 B
272 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/5.f28daf50257e42343d65.css
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3531ba4312b55e897b3a54387787ea321c76f2a0627a505f1a14798ec6acd966

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
age
952719
x-cache
HIT
x-cache-hits
12050
content-length
165
x-served-by
cache-fra19160-FRA
access-control-allow-origin
*
last-modified
Wed, 20 Oct 2021 15:52:11 GMT
server
nginx
x-timer
S1635700587.841232,VS0,VE0
etag
W/"61703b2b-145"
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish
cache-control
max-age=315360000
accept-ranges
bytes
expires
Sat, 18 Oct 2031 16:37:47 GMT
7.74c69de849696fdb3b2e.css
s-f.scribdassets.com/webpack/monolith/ Frame E1E9 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/7.74c69de849696fdb3b2e.css
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
679f76b44a08ca36fcd217d02b6b4b9246c7b664fdfaa1a6d0dfb4eab4dd409f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
age
955286
x-cache
HIT
x-cache-hits
11024
content-length
1761
x-served-by
cache-fra19160-FRA
access-control-allow-origin
*
last-modified
Thu, 14 Oct 2021 11:14:39 GMT
server
nginx
x-timer
S1635700587.841318,VS0,VE0
etag
W/"6168111f-1e7a"
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish
cache-control
max-age=315360000
accept-ranges
bytes
expires
Sat, 18 Oct 2031 15:55:01 GMT
9.a8a7920ef603fc14072f.css
s-f.scribdassets.com/webpack/monolith/ Frame E1E9 		2 KB
855 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/9.a8a7920ef603fc14072f.css
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6537bddcfb2e50c47ec4d41857f7bd23f557e53b8787e607bc839eb8e5d76620

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
age
952719
x-cache
HIT
x-cache-hits
12032
content-length
592
x-served-by
cache-fra19160-FRA
access-control-allow-origin
*
last-modified
Wed, 20 Oct 2021 15:52:11 GMT
server
nginx
x-timer
S1635700587.841355,VS0,VE0
etag
W/"61703b2b-926"
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish
cache-control
max-age=315360000
accept-ranges
bytes
expires
Sat, 18 Oct 2031 16:37:48 GMT
11.f325a7b474ba11f01026.css
s-f.scribdassets.com/webpack/monolith/ Frame E1E9 		1 KB
484 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/11.f325a7b474ba11f01026.css
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4d5d18946a1db5fd28a256f3a251ce56149ee883f6be8b87b0ad81b9c8ed2181

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
age
1470821
x-cache
HIT
x-cache-hits
17020
content-length
348
x-served-by
cache-fra19160-FRA
access-control-allow-origin
*
last-modified
Thu, 14 Oct 2021 16:34:54 GMT
server
nginx
x-timer
S1635700587.841425,VS0,VE0
etag
W/"61685c2e-507"
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish
cache-control
max-age=315360000
accept-ranges
bytes
expires
Sun, 12 Oct 2031 16:42:45 GMT
13.d50ebbd0244670746bd7.css
s-f.scribdassets.com/webpack/monolith/ Frame E1E9 		3 KB
506 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/13.d50ebbd0244670746bd7.css
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8cd5cd3d1ea346788918230fbf2f5bf676338538cb9ba53eaf034c64f1c7d3bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
age
952719
x-cache
HIT
x-cache-hits
11949
content-length
257
x-served-by
cache-fra19160-FRA
access-control-allow-origin
*
last-modified
Wed, 20 Oct 2021 15:52:11 GMT
server
nginx
x-timer
S1635700587.845845,VS0,VE0
etag
W/"61703b2b-b10"
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish
cache-control
max-age=315360000
accept-ranges
bytes
expires
Sat, 18 Oct 2031 16:37:48 GMT
18.773ef80a75f38757b178.css
s-f.scribdassets.com/webpack/monolith/ Frame E1E9 		4 KB
902 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/18.773ef80a75f38757b178.css
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
112c2415c92b2848b6a960a0c13fe10ae2380423b49a258b14a11be9ff9d40a1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
age
433282
x-cache
HIT
x-cache-hits
4018
content-length
767
x-served-by
cache-fra19160-FRA
access-control-allow-origin
*
last-modified
Tue, 26 Oct 2021 15:05:13 GMT
server
nginx
x-timer
S1635700587.845685,VS0,VE0
etag
W/"61781929-e65"
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish
cache-control
max-age=315360000
accept-ranges
bytes
expires
Fri, 24 Oct 2031 16:55:05 GMT
19.cb7c92d059c7802b4652.css
s-f.scribdassets.com/webpack/monolith/ Frame E1E9 		50 B
179 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/19.cb7c92d059c7802b4652.css
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ab8834afc3e65fb847fc9bbce9668c938579cf0fd2fd7d3134127e2e7d554601

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
age
685907
x-cache
HIT
x-cache-hits
4014
content-length
46
x-served-by
cache-fra19160-FRA
access-control-allow-origin
*
last-modified
Thu, 07 Oct 2021 13:34:09 GMT
server
nginx
x-timer
S1635700587.845796,VS0,VE0
etag
W/"615ef751-32"
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish
cache-control
max-age=315360000
accept-ranges
bytes
expires
Tue, 21 Oct 2031 18:44:40 GMT
21.c67dfb86a832e141b9ff.css
s-f.scribdassets.com/webpack/monolith/ Frame E1E9 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/21.c67dfb86a832e141b9ff.css
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
29998f7198a07a57187a4b8b860ee22cda8b775c3e81b79ea964ed200fe307a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
age
433282
x-cache
HIT
x-cache-hits
3962
content-length
2490
x-served-by
cache-fra19160-FRA
access-control-allow-origin
*
last-modified
Tue, 26 Oct 2021 15:05:13 GMT
server
nginx
x-timer
S1635700587.841788,VS0,VE0
etag
W/"61781929-1ddd"
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish
cache-control
max-age=315360000
accept-ranges
bytes
expires
Fri, 24 Oct 2031 16:55:05 GMT
22.79cdd3bad3c0e0107b82.css
s-f.scribdassets.com/webpack/monolith/ Frame E1E9 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/22.79cdd3bad3c0e0107b82.css
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5f259fd86ae2dbac357300c2597ae887054c779ec74f17775009131d133bf916

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
age
433282
x-cache
HIT
x-cache-hits
3979
content-length
5237
x-served-by
cache-fra19160-FRA
access-control-allow-origin
*
last-modified
Tue, 26 Oct 2021 15:05:13 GMT
server
nginx
x-timer
S1635700587.841493,VS0,VE0
etag
W/"61781929-69bc"
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish
cache-control
max-age=315360000
accept-ranges
bytes
expires
Fri, 24 Oct 2031 16:55:05 GMT
embeds_new.4c7b1149a2a215b07588.css
s-f.scribdassets.com/webpack/monolith/ Frame E1E9 		228 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/embeds_new.4c7b1149a2a215b07588.css
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
eed96f3e590c532b46981bb0a80b5d2e873c751ce6c2dc73dec17b4d580275ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
age
921048
x-cache
HIT
x-cache-hits
400
content-length
26034
x-served-by
cache-fra19160-FRA
access-control-allow-origin
*
last-modified
Wed, 20 Oct 2021 20:12:41 GMT
server
nginx
x-timer
S1635700587.845756,VS0,VE0
etag
W/"61707839-38ed2"
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish
cache-control
max-age=315360000
accept-ranges
bytes
expires
Sun, 19 Oct 2031 01:25:38 GMT
exposed_to_client.js
de.scribd.com/options/ Frame E1E9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://de.scribd.com/options/exposed_to_client.js?1635681900=
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e202fed30124e0962ab5ac656898319d788869f8d72e3219b7228e19d74aa3cd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.scribd.com/embeds/535977673/content
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
65
x-cache
HIT
status
200 OK
content-length
844
x-xss-protection
1; mode=block
x-request-id
65d63486f8e6f9cacee982f56457013945f50450d7b0d0d6e7edf0091b988f32
x-served-by
cache-fra19142-FRA
x-runtime
0.008633
server
nginx
x-frame-options
SAMEORIGIN
date
Sun, 31 Oct 2021 17:16:26 GMT
vary
Accept-Encoding, X-Language-Locale
content-type
text/javascript; charset=utf-8
via
1.1 varnish
cache-control
public
etag
W/"e202fed30124e0962ab5ac656898319d"
accept-ranges
bytes
x-cache-hits
1
jquery-3.3.1.min.js
s-f.scribdassets.com/javascripts/ Frame E1E9 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/javascripts/jquery-3.3.1.min.js?6497c5065
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
age
158494
x-cache
HIT
x-cache-hits
1228
content-length
29597
x-served-by
cache-fra19160-FRA
access-control-allow-origin
*
last-modified
Tue, 28 Sep 2021 20:07:02 GMT
server
nginx
x-timer
S1635700587.846160,VS0,VE0
etag
W/"615375e6-1538f"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish
cache-control
max-age=315360000
accept-ranges
bytes
expires
Mon, 27 Oct 2031 21:14:52 GMT
css
fonts.googleapis.com/ Frame EC3D 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 31 Oct 2021 17:08:18 GMT
server
ESF
date
Sun, 31 Oct 2021 17:16:26 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Sun, 31 Oct 2021 17:16:26 GMT
widget-frame.css
tlgr.org/css/ Frame EC3D 		67 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tlgr.org/css/widget-frame.css?46
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
4d99f2c1e6fde96e2c2308b915e4da16aee198a8d8f86b9350676830544b66fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 17:16:27 GMT
Content-Encoding
gzip
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type
text/css
Cache-Control
max-age=345600
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 04 Nov 2021 17:16:26 GMT
telegram-web.css
tlgr.org/css/ Frame EC3D 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tlgr.org/css/telegram-web.css?19
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
2892a779cee25c3a681f6c8d4c779f0e8632741aec6485a87da48000d84b96c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 17:16:27 GMT
Content-Encoding
gzip
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type
text/css
Cache-Control
max-age=345600
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 04 Nov 2021 17:16:26 GMT
StYIZPqxY8NoOM8K7jQ6ZDZEEu7LD_rMKWGT1uETyMKrxUxG2V-g3JqUJCXS4Z6fh0ZBVUBSS_14NUZd8m4c5AfF9S18XM2UYN074GT4GZhaX0YVJP8zFgv0Ky_cY4zdAfzmF0GPtC5T_MJRflEixT0OfwOcpJwiWPYIaXWQACtc23IEHYwcAAZmuHlaQ_SSxjWeV...
cdn4.telesco.pe/file/ Frame EC3D 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/StYIZPqxY8NoOM8K7jQ6ZDZEEu7LD_rMKWGT1uETyMKrxUxG2V-g3JqUJCXS4Z6fh0ZBVUBSS_14NUZd8m4c5AfF9S18XM2UYN074GT4GZhaX0YVJP8zFgv0Ky_cY4zdAfzmF0GPtC5T_MJRflEixT0OfwOcpJwiWPYIaXWQACtc23IEHYwcAAZmuHlaQ_SSxjWeVrWGioBbwDnrPw9q1vgq5Fyv2WmZv0LCtbzr0DdBZYZdi7Pei-iUmN3zTB2bfqINAuIMX5yAdnLyur7MazM94r_bhQOgof7YiXaX3teqdk6eoYNigC8-mashJ-k90bjF1XwA4yQ_gyslpIYY7w.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
d712796d188539ac294a0dd7a2d0b2770cbaca32d836863fd2565e6b39ae5f52
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
14470
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 31 Oct 2021 17:16:27 GMT
Server
nginx/1.18.0
Date
Sun, 31 Oct 2021 17:16:27 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-14470, bytes
Expires
Tue, 30 Nov 2021 17:16:27 GMT
react16.63d55263784387ae046b.dll.js
s-f.scribdassets.com/webpack/vendors/react16/ Frame E1E9 		217 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/vendors/react16/react16.63d55263784387ae046b.dll.js
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b9cd3d28d3be36021550a51ce1d85ce63cf1385383b48481981da767d6a6ba8d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
age
2732709
x-cache
HIT
x-cache-hits
46846
content-length
61933
x-served-by
cache-fra19160-FRA
access-control-allow-origin
*
last-modified
Wed, 29 Sep 2021 20:42:03 GMT
server
nginx
x-timer
S1635700587.846088,VS0,VE0
etag
W/"6154cf9b-362e9"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish
cache-control
max-age=315360000
accept-ranges
bytes
expires
Sun, 28 Sep 2031 02:11:18 GMT
0.9be06ac18968526c1115.js
s-f.scribdassets.com/webpack/monolith/ Frame E1E9 		499 B
586 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/0.9be06ac18968526c1115.js
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d845900b944d52aaef9f31d5b79d408b9245c8696511726da5d3686c2cac8df3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
age
158494
x-cache
HIT
x-cache-hits
1258
content-length
327
x-served-by
cache-fra19160-FRA
access-control-allow-origin
*
last-modified
Fri, 29 Oct 2021 19:41:23 GMT
server
nginx
x-timer
S1635700587.846397,VS0,VE0
etag
W/"617c4e63-1f3"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish
cache-control
max-age=315360000
accept-ranges
bytes
expires
Mon, 27 Oct 2031 21:14:52 GMT
1.6c9695e64773a337db9d.js
s-f.scribdassets.com/webpack/monolith/ Frame E1E9 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/1.6c9695e64773a337db9d.js
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
077402b5b4b792f52e20eeef8feb0da5d6620b55867f232098431d67e6323d6b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
age
433294
x-cache
HIT
x-cache-hits
4903
content-length
18922
x-served-by
cache-fra19160-FRA
access-control-allow-origin
*
last-modified
Tue, 26 Oct 2021 15:05:13 GMT
server
nginx
x-timer
S1635700587.846303,VS0,VE0
etag
W/"61781929-e546"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish
cache-control
max-age=315360000
accept-ranges
bytes
expires
Fri, 24 Oct 2031 16:54:52 GMT
2.34c0303ab47193ff1d3c.js
s-f.scribdassets.com/webpack/monolith/ Frame E1E9 		317 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/2.34c0303ab47193ff1d3c.js
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f3bcdfd986f5f85973e253da2fb39abcb04f5b5f98a76328e0f47c82de7d7fc8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
age
158494
x-cache
HIT
x-cache-hits
1270
content-length
87653
x-served-by
cache-fra19160-FRA
access-control-allow-origin
*
last-modified
Fri, 29 Oct 2021 19:41:23 GMT
server
nginx
x-timer
S1635700587.846007,VS0,VE0
etag
W/"617c4e63-4f410"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish
cache-control
max-age=315360000
accept-ranges
bytes
expires
Mon, 27 Oct 2031 21:14:52 GMT
3.0241009b77f32e1b32b6.js
s-f.scribdassets.com/webpack/monolith/ Frame E1E9 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/3.0241009b77f32e1b32b6.js
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7b91a70926e4e5af3aebfe41b5a607abe3b127e6bcc61f83b843f2100959d5fe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
age
433294
x-cache
HIT
x-cache-hits
4905
content-length
4046
x-served-by
cache-fra19160-FRA
access-control-allow-origin
*
last-modified
Tue, 26 Oct 2021 15:05:13 GMT
server
nginx
x-timer
S1635700587.845886,VS0,VE0
etag
W/"61781929-2fac"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish
cache-control
max-age=315360000
accept-ranges
bytes
expires
Fri, 24 Oct 2031 16:54:52 GMT
5.27082e6b915400b38e82.js
s-f.scribdassets.com/webpack/monolith/ Frame E1E9 		5 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/5.27082e6b915400b38e82.js
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c0b855fed3e7cafbb0871bca42a9e4f802530cf772f84a76e09715274731aeff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
age
158494
x-cache
HIT
x-cache-hits
1257
content-length
3810
x-served-by
cache-fra19160-FRA
access-control-allow-origin
*
last-modified
Fri, 29 Oct 2021 19:41:23 GMT
server
nginx
x-timer
S1635700587.846231,VS0,VE0
etag
W/"617c4e63-1437"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish
cache-control
max-age=315360000
accept-ranges
bytes
expires
Mon, 27 Oct 2031 21:14:52 GMT
4.44eb9035d853782e7d80.js
s-f.scribdassets.com/webpack/monolith/ Frame E1E9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/4.44eb9035d853782e7d80.js
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d4ecfd33a764bcf8026c73b1e55243f5a4166aec0104672f433b1d4d8a6fdd2c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
age
158494
x-cache
HIT
x-cache-hits
1148
content-length
1359
x-served-by
cache-fra19160-FRA
access-control-allow-origin
*
last-modified
Fri, 29 Oct 2021 19:41:23 GMT
server
nginx
x-timer
S1635700587.846349,VS0,VE0
etag
W/"617c4e63-d82"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish
cache-control
max-age=315360000
accept-ranges
bytes
expires
Mon, 27 Oct 2031 21:14:52 GMT
7.a6547b9721dac923e52c.js
s-f.scribdassets.com/webpack/monolith/ Frame E1E9 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/7.a6547b9721dac923e52c.js
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
42c46bb93dd1418df72a15a8c931c3f186c9509013375d549c1907607922fba8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
age
158494
x-cache
HIT
x-cache-hits
1141
content-length
21754
x-served-by
cache-fra19160-FRA
access-control-allow-origin
*
last-modified
Fri, 29 Oct 2021 19:41:23 GMT
server
nginx
x-timer
S1635700587.845954,VS0,VE0
etag
W/"617c4e63-13fdd"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish
cache-control
max-age=315360000
accept-ranges
bytes
expires
Mon, 27 Oct 2031 21:14:52 GMT
9.645091b0659e5dced56d.js
s-f.scribdassets.com/webpack/monolith/ Frame E1E9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/9.645091b0659e5dced56d.js
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
38d40d88f49d568e2d16c0de60d40e8b382950b3471752f9d0fb1c4c430ee326

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
age
158494
x-cache
HIT
x-cache-hits
1265
content-length
1216
x-served-by
cache-fra19160-FRA
access-control-allow-origin
*
last-modified
Fri, 29 Oct 2021 19:41:23 GMT
server
nginx
x-timer
S1635700587.846456,VS0,VE0
etag
W/"617c4e63-c1f"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish
cache-control
max-age=315360000
accept-ranges
bytes
expires
Mon, 27 Oct 2031 21:14:52 GMT
11.941a47bccb9249193898.js
s-f.scribdassets.com/webpack/monolith/ Frame E1E9 		2 KB
952 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/11.941a47bccb9249193898.js
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9a30ff072ee5be826e1be90c423ff992e732f9b9d729afc39c3e12fe0b3f6783

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
age
158494
x-cache
HIT
x-cache-hits
1125
content-length
869
x-served-by
cache-fra19160-FRA
access-control-allow-origin
*
last-modified
Fri, 29 Oct 2021 19:41:23 GMT
server
nginx
x-timer
S1635700587.846500,VS0,VE0
etag
W/"617c4e63-84b"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish
cache-control
max-age=315360000
accept-ranges
bytes
expires
Mon, 27 Oct 2031 21:14:52 GMT
12.1c5c614458755c7f9d08.js
s-f.scribdassets.com/webpack/monolith/ Frame E1E9 		893 B
627 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/12.1c5c614458755c7f9d08.js
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
479d2d253d0a752d6e3f42cf1e5e4754a591e1ba34e2d222490dc699c8117315

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
age
952704
x-cache
HIT
x-cache-hits
10271
content-length
491
x-served-by
cache-fra19160-FRA
access-control-allow-origin
*
last-modified
Wed, 20 Oct 2021 15:52:11 GMT
server
nginx
x-timer
S1635700587.847292,VS0,VE0
etag
W/"61703b2b-37d"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish
cache-control
max-age=315360000
accept-ranges
bytes
expires
Sat, 18 Oct 2031 16:38:02 GMT
13.9cc9571c239ed3309dc1.js
s-f.scribdassets.com/webpack/monolith/ Frame E1E9 		1 KB
675 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/13.9cc9571c239ed3309dc1.js
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3c0d3f10fb833e44884b8f06a8d50ace01f1bfbeae008e7fe7b7fddf6e9bbe4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
age
158494
x-cache
HIT
x-cache-hits
1248
content-length
592
x-served-by
cache-fra19160-FRA
access-control-allow-origin
*
last-modified
Fri, 29 Oct 2021 19:41:23 GMT
server
nginx
x-timer
S1635700587.847416,VS0,VE0
etag
W/"617c4e63-45d"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish
cache-control
max-age=315360000
accept-ranges
bytes
expires
Mon, 27 Oct 2031 21:14:52 GMT
14.971e2e0718c815499f8f.js
s-f.scribdassets.com/webpack/monolith/ Frame E1E9 		23 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/14.971e2e0718c815499f8f.js
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
80e633f45105746a0d83f8adeed7d3d65f6fb9bbff8f87df5413eb260d169297

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
age
158494
x-cache
HIT
x-cache-hits
1008
content-length
17431
x-served-by
cache-fra19160-FRA
access-control-allow-origin
*
last-modified
Fri, 29 Oct 2021 19:41:23 GMT
server
nginx
x-timer
S1635700587.847459,VS0,VE0
etag
W/"617c4e63-5d87"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish
cache-control
max-age=315360000
accept-ranges
bytes
expires
Mon, 27 Oct 2031 21:14:52 GMT
15.b9524ca66be02e69def9.js
s-f.scribdassets.com/webpack/monolith/ Frame E1E9 		1 KB
767 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/15.b9524ca66be02e69def9.js
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3c0b0127a2f389842240f949e12df8c30bc6c672a688e769689e52d26546a7d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
age
158494
x-cache
HIT
x-cache-hits
1008
content-length
508
x-served-by
cache-fra19160-FRA
access-control-allow-origin
*
last-modified
Fri, 29 Oct 2021 19:41:23 GMT
server
nginx
x-timer
S1635700587.847615,VS0,VE0
etag
W/"617c4e63-4b3"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish
cache-control
max-age=315360000
accept-ranges
bytes
expires
Mon, 27 Oct 2031 21:14:52 GMT
17.43b3d413d39022949e38.js
s-f.scribdassets.com/webpack/monolith/ Frame E1E9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/17.43b3d413d39022949e38.js
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a4908fae9cef98248dce6da83884d04c7a2976a803b362c06d34c41494a92b81

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
age
158494
x-cache
HIT
x-cache-hits
995
content-length
1054
x-served-by
cache-fra19160-FRA
access-control-allow-origin
*
last-modified
Fri, 29 Oct 2021 19:41:23 GMT
server
nginx
x-timer
S1635700587.847547,VS0,VE0
etag
W/"617c4e63-96a"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish
cache-control
max-age=315360000
accept-ranges
bytes
expires
Mon, 27 Oct 2031 21:14:52 GMT
16.12626c25054e397373e0.js
s-f.scribdassets.com/webpack/monolith/ Frame E1E9 		371 B
345 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/16.12626c25054e397373e0.js
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
43a1d8634c554733a119de3c9f39e0dc78c378e4660e4c587c17c85650439ca9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
age
158494
x-cache
HIT
x-cache-hits
1010
content-length
262
x-served-by
cache-fra19160-FRA
access-control-allow-origin
*
last-modified
Fri, 29 Oct 2021 19:41:23 GMT
server
nginx
x-timer
S1635700587.847717,VS0,VE0
etag
W/"617c4e63-173"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish
cache-control
max-age=315360000
accept-ranges
bytes
expires
Mon, 27 Oct 2031 21:14:52 GMT
18.777495e09b212a235a5b.js
s-f.scribdassets.com/webpack/monolith/ Frame E1E9 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/18.777495e09b212a235a5b.js
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ee78168e1a14c845c88224351da1c3e9156ad9b4d696284946cc7a1f7cfd2635

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
age
158494
x-cache
HIT
x-cache-hits
997
content-length
1697
x-served-by
cache-fra19160-FRA
access-control-allow-origin
*
last-modified
Fri, 29 Oct 2021 19:41:23 GMT
server
nginx
x-timer
S1635700587.847743,VS0,VE0
etag
W/"617c4e63-1267"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish
cache-control
max-age=315360000
accept-ranges
bytes
expires
Mon, 27 Oct 2031 21:14:52 GMT
19.3451bc2ff2a0090ca5dd.js
s-f.scribdassets.com/webpack/monolith/ Frame E1E9 		1 KB
768 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/19.3451bc2ff2a0090ca5dd.js
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ee08d817990b89848550e8b854c9bb72f4f53dea24605614515d409f256b899e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
age
158494
x-cache
HIT
x-cache-hits
991
content-length
685
x-served-by
cache-fra19160-FRA
access-control-allow-origin
*
last-modified
Fri, 29 Oct 2021 19:41:23 GMT
server
nginx
x-timer
S1635700587.847807,VS0,VE0
etag
W/"617c4e63-585"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish
cache-control
max-age=315360000
accept-ranges
bytes
expires
Mon, 27 Oct 2031 21:14:52 GMT
20.0d950c284188e1129f98.js
s-f.scribdassets.com/webpack/monolith/ Frame E1E9 		243 B
258 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/20.0d950c284188e1129f98.js
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2b78b31a729a68c37ae8a5d895f9ab84fc75af20064738dca3f72f75a0737b29

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
age
158494
x-cache
HIT
x-cache-hits
988
content-length
176
x-served-by
cache-fra19160-FRA
access-control-allow-origin
*
last-modified
Fri, 29 Oct 2021 19:41:23 GMT
server
nginx
x-timer
S1635700587.847884,VS0,VE0
etag
W/"617c4e63-f3"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish
cache-control
max-age=315360000
accept-ranges
bytes
expires
Mon, 27 Oct 2031 21:14:52 GMT
21.c608e862537268a47214.js
s-f.scribdassets.com/webpack/monolith/ Frame E1E9 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/21.c608e862537268a47214.js
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
896c744a565081042d2ba4e8675474625c8080e878834974c64cedd917f07630

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
age
158494
x-cache
HIT
x-cache-hits
996
content-length
4795
x-served-by
cache-fra19160-FRA
access-control-allow-origin
*
last-modified
Fri, 29 Oct 2021 19:41:23 GMT
server
nginx
x-timer
S1635700587.847969,VS0,VE0
etag
W/"617c4e63-40d8"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish
cache-control
max-age=315360000
accept-ranges
bytes
expires
Mon, 27 Oct 2031 21:14:52 GMT
22.0372f026e13afc3d312a.js
s-f.scribdassets.com/webpack/monolith/ Frame E1E9 		79 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/22.0372f026e13afc3d312a.js
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fc48ff7ad0cfd1ae65cf7bb2f535b713e18ea29726b79b2974a8a205321d3a41

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
age
158494
x-cache
HIT
x-cache-hits
996
content-length
16365
x-served-by
cache-fra19160-FRA
access-control-allow-origin
*
last-modified
Fri, 29 Oct 2021 19:41:23 GMT
server
nginx
x-timer
S1635700587.848035,VS0,VE0
etag
W/"617c4e63-13b01"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish
cache-control
max-age=315360000
accept-ranges
bytes
expires
Mon, 27 Oct 2031 21:14:52 GMT
embeds_new.2aa63f92f04eab068365.js
s-f.scribdassets.com/webpack/monolith/ Frame E1E9 		194 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s-f.scribdassets.com/webpack/monolith/embeds_new.2aa63f92f04eab068365.js
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ed766581eaee6de6f81cc5918788b5d63094d90e355900403c5b4be8afdb4e74

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
age
158494
x-cache
HIT
x-cache-hits
381
content-length
46812
x-served-by
cache-fra19160-FRA
access-control-allow-origin
*
last-modified
Fri, 29 Oct 2021 19:41:23 GMT
server
nginx
x-timer
S1635700587.848066,VS0,VE0
etag
W/"617c4e63-30709"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 varnish
cache-control
max-age=315360000
accept-ranges
bytes
expires
Mon, 27 Oct 2031 21:14:52 GMT
14447308783736934
lockerdome.com/lad/ Frame 46D0 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/14447308783736934?pubid=ld-14447308783736934&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=1560
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

P3P
CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Sun, 31 Oct 2021 17:16:27 GMT
jquery.min.js
tlgr.org/js/ Frame EC3D 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tlgr.org/js/jquery.min.js
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 17:16:27 GMT
Content-Encoding
gzip
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=345600
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 04 Nov 2021 17:16:27 GMT
jquery-ui.min.js
tlgr.org/js/ Frame EC3D 		96 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tlgr.org/js/jquery-ui.min.js
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
eb46d82ef6f86859f18e379660e0f45b85c6f69fa97111905f0c125a08506376
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 17:16:27 GMT
Content-Encoding
gzip
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=345600
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 04 Nov 2021 17:16:27 GMT
tgsticker.js
tlgr.org/js/ Frame EC3D 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tlgr.org/js/tgsticker.js?24
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
7af53d7077c16f6ad9efd63a975749c4835ce6e495c337fa4176f15ed385f80b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 17:16:27 GMT
Content-Encoding
gzip
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=345600
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 04 Nov 2021 17:16:27 GMT
widget-frame.js
tlgr.org/js/ Frame EC3D 		82 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tlgr.org/js/widget-frame.js?51
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
09255fc220032ea7ecb474d0b0b6daffccade6134caae15332892691465788f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 17:16:27 GMT
Content-Encoding
gzip
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=345600
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 04 Nov 2021 17:16:27 GMT
telegram-web.js
tlgr.org/js/ Frame EC3D 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tlgr.org/js/telegram-web.js?10
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
0f661b180cb5ec06a2458d8be5c013a37abe06a0d446945709010132ca813d15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 17:16:27 GMT
Content-Encoding
gzip
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=345600
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 04 Nov 2021 17:16:27 GMT
adagio.js
script.4dex.io/ 		71 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c31acb5a1bfd3279d02d72ee15f789cf17d5a3b7aedbccfd69c7fd0c9231249f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
201013
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx3f59b4c38b1e4961ab5b4-00617bbe35
x-amz-id-2
tx3f59b4c38b1e4961ab5b4-00617bbe35
last-modified
Tue, 26 Oct 2021 12:44:37 GMT
server
cloudflare
etag
W/"8ec24d7d5eb122de640bbbbbdef4b039"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FvVK6ML%2FAPvtmsiGH2Yih49puWe43bW2F6fVD5qrR5%2FqKXL2hBhFjGpcjSCY6hjEvYnpjF0MOC2gkvUbCuczAIntMMwgCf9Fe9%2BF%2Bcb0PEPbZIqAVoFWo%2FCxadd1RYMK0rIkJmEH%2FVBzQkL%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1635252277188299
cf-ray
6a6e87fbcb474a97-FRA
access-control-allow-headers
Authorization
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Sun, 31 Oct 2021 17:16:26 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ 		139 B
822 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
1e5a7b00e433692575acc609801b152c00a19cdda2b3465288c4b0a2666d5916
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:26 GMT
X-Proxy-Origin
91.199.118.73; 91.199.118.73; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f2f42ae3-2407-4775-82cd-a0a016a365c9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thetruedefender.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v2
i.connectad.io/api/ 		0
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
6a6e87fb68184e25-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
apacdex
useast.quantumdex.io/auction/ 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
cf-ray
6a6e87fb79a56913-FRA
/
ssp.wp.pl/bidder/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
server
nginx
access-control-allow-methods
POST, GET
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
accept-ch-lifetime
604800
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
access-control-allow-headers
authorization, origin, x-requested-with, cookie, content-type, accept-ch
cdb
bidder.criteo.com/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.14.0&cb=24818139055
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Sun, 31 Oct 2021 17:16:25 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
adjson
ads.betweendigital.com/ 		2 B
915 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
b8df22dc9f2226ba734d2dd89f5cf037988e844a193023c288e606016d15eeb7

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 17:16:25 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
6%3b2%3b53
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
prebid-request
onetag-sys.com/ 		15 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://thetruedefender.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
c
prebid.a-mo.net/a/ 		0
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Sun, 31 Oct 2021 17:16:25 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
0
vary
origin, Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ 		139 B
822 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
6fa4798ccff41e087787bf30167254d75eac0019aab0cf06ed2023ce45ff3f72
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:26 GMT
X-Proxy-Origin
91.199.118.73; 91.199.118.73; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
bb0f5d5b-90de-4d76-a8e3-f371e8ba4276
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thetruedefender.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
lounge.0646e37a1d5797cdbecb18f0498b116a.css
c.disquscdn.com/next/embed/styles/ 		0
26 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.0646e37a1d5797cdbecb18f0498b116a.css
Requested by
Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:2600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 18:30:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
341146
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
25963
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 27 Oct 2021 17:58:29 GMT
server
nginx
etag
"61799345-656b"
content-type
text/css; charset=utf-8
via
1.1 a49c26e403f2dac09629dceb6dac5741.cloudfront.net (CloudFront)
expires
Thu, 27 Oct 2022 18:30:40 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA60-P1
timing-allow-origin
*
x-amz-cf-id
TRpg0AxfbQuB3M7uBMpccrQ_xEZ6lBWzh3iKjg-82XlmYzD_ag3AcA==
x-cache-hits
0
common.bundle.2f2f40d40785c9541a90e9086c8770a3.js
c.disquscdn.com/next/embed/ 		0
93 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js
Requested by
Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:2600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 14:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
527456
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
94779
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Fri, 22 Oct 2021 00:26:02 GMT
server
nginx
etag
"6172051a-1723b"
content-type
application/javascript; charset=utf-8
via
1.1 a49c26e403f2dac09629dceb6dac5741.cloudfront.net (CloudFront)
expires
Tue, 25 Oct 2022 14:45:30 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA60-P1
timing-allow-origin
*
x-amz-cf-id
uwrc0OTuLk1QDW6Qo1lrCgNUzWifo9WhJtNL_obCnAzgpT9RRTAJrw==
x-cache-hits
0
lounge.bundle.9cfe6ad219e0358b590e898d09d5f231.js
c.disquscdn.com/next/embed/ 		0
119 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.9cfe6ad219e0358b590e898d09d5f231.js
Requested by
Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:2600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 18:30:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
341146
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
120652
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 27 Oct 2021 17:58:28 GMT
server
nginx
etag
"61799344-1d74c"
content-type
application/javascript; charset=utf-8
via
1.1 a49c26e403f2dac09629dceb6dac5741.cloudfront.net (CloudFront)
expires
Thu, 27 Oct 2022 18:30:40 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA60-P1
timing-allow-origin
*
x-amz-cf-id
4kjiucFtnD_7-yc75z2vY3LZ9iLaRFNJNVrL3cx5qQkYoQg9adnm7g==
x-cache-hits
0
config.js
disqus.com/next/ 		0
14 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 17:16:26 GMT
X-Content-Type-Options
nosniff
Content-Type
application/javascript; charset=UTF-8
Server
nginx
Age
4
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
13582
X-XSS-Protection
1; mode=block
pushengage.js
clientcdn.pushengage.com/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientcdn.pushengage.com/pushengage.js
Requested by
Host: clientcdn.pushengage.com
URL: https://clientcdn.pushengage.com/core/6aee8e32-15aa-46b8-b94d-8d12cf53c25c.js?ver=5.8.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c3d8f1101a790ab1233144c17ffcd9e31d648cd90a92cd96fafe64522b1916e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:13:03 GMT
content-encoding
gzip
server
nginx
age
203
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=300
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
srkoYlouKKVqjtYoaY5kv92LLgM0YjYNKcnTuQO4gwhfjrq8wmBpdA==
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
apacdex
useast.quantumdex.io/auction/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
cf-ray
6a6e87fbdad56913-FRA
/
ssp.wp.pl/bidder/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Oct 2021 17:16:26 GMT
server
nginx
access-control-allow-methods
POST, GET
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
accept-ch-lifetime
604800
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
access-control-allow-headers
authorization, origin, x-requested-with, cookie, content-type, accept-ch
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Sun, 31 Oct 2021 17:16:26 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
adjson
ads.betweendigital.com/ 		2 B
915 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
7a58c121b6a25c9108b8f9a6528ca08b80480c5f411c51a1b184987c77dc72a6

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
6%3b2%3b115
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
c
prebid.a-mo.net/a/ 		0
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Sun, 31 Oct 2021 17:16:26 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin, Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ 		138 B
821 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
3ac2099f44eb019707c946e2f80999b03498e38e9b25c73531ed708d3b12a227
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:26 GMT
X-Proxy-Origin
91.199.118.73; 91.199.118.73; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
7cee4ad8-1c83-48de-a964-19460b723c34
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thetruedefender.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		138 B
821 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
7498c2496b7965559570f5931927218ce4229ecbc8b5042f7b1dbb8219c431a7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:26 GMT
X-Proxy-Origin
91.199.118.73; 91.199.118.73; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
02e7e5f8-68f4-483b-89e4-e90df368fa38
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thetruedefender.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://thetruedefender.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
cdb
bidder.criteo.com/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.14.0&cb=17909227785
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Sun, 31 Oct 2021 17:16:26 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
v2
i.connectad.io/api/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Oct 2021 17:16:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
6a6e87fdbcdc4e25-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
disqus.com/embed/comments/ Frame A3A9 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34320%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34320&t_u=https%3A%2F%2Fthetruedefender.com%2Fbreaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified%2F&t_e=BREAKING%20NEWS%3A%20Mesa%20Country%2C%20Colorado%202020%20Election%20Reviewed!%20They%20Found%20Thousands%20Of%20Ballots%20Contaminated!%202020%20Election%20Must%20Be%20Decertified!&t_d=BREAKING%20NEWS%3A%20Mesa%20Country%2C%20Colorado%202020%20Election%20Reviewed!%20They%20Found%20Thousands%20Of%20Ballots%20Contaminated!%202020%20Election%20Must%20Be%20Decertified!&t_t=BREAKING%20NEWS%3A%20Mesa%20Country%2C%20Colorado%202020%20Election%20Reviewed!%20They%20Found%20Thousands%20Of%20Ballots%20Contaminated!%202020%20Election%20Must%20Be%20Decertified!&s_o=default
Requested by
Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
48c927b8902d4876649f77212df673acdbd79d8b81f0d8ce0c922d661eafa64e
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Connection
keep-alive
Content-Length
2993
Server
nginx
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control
stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin
*
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Type
text/html; charset=utf-8
Last-Modified
Sat, 30 Oct 2021 16:21:43 GMT
ETag
W/"lounge:view:8853441186.6db07d1a13adad1a199604240f5d7bdc.2"
Referrer-Policy
no-referrer-when-downgrade
Content-Encoding
gzip
Date
Sun, 31 Oct 2021 17:16:27 GMT
Age
11
Vary
Accept-Encoding
Cross-Origin-Resource-Policy
cross-origin
Strict-Transport-Security
max-age=300; includeSubdomains
csrf_token
de.scribd.com/ Frame E1E9 		105 B
661 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://de.scribd.com/csrf_token
Requested by
Host: s-f.scribdassets.com
URL: https://s-f.scribdassets.com/webpack/monolith/2.34c0303ab47193ff1d3c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6b108ca56423e79d6695014ec2c072a4604cb8b5d2bf81fbcd50adab2e28de1a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://de.scribd.com/embeds/535977673/content
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-debug
XHR
x-content-type-options
nosniff
access-control-allow-origin
https://de.scribd.com
x-cache
MISS
status
200 OK
content-encoding
br
x-xss-protection
1; mode=block
x-request-id
5ca7aa56a9b4508bb1a2c76202d3c8c24ede022a5cc9335a88de87e9454c9ff4
x-served-by
cache-fra19142-FRA
x-runtime
0.002759
server
nginx
x-frame-options
SAMEORIGIN
date
Sun, 31 Oct 2021 17:16:27 GMT
vary
Accept-Encoding, X-Language-Locale
content-type
application/json; charset=utf-8
via
1.1 varnish
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
etag
W/"6b108ca56423e79d6695014ec2c072a4"
accept-ranges
bytes
x-cache-hits
0
bundle.min.js
browser.sentry-cdn.com/5.20.0/ Frame E1E9 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/5.20.0/bundle.min.js
Requested by
Host: s-f.scribdassets.com
URL: https://s-f.scribdassets.com/webpack/monolith/embeds_new.2aa63f92f04eab068365.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
6d7bf2b801bc5f1a75cd37efc373b3d8d7de99ecd963112e306b4bf4e9005ef2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://de.scribd.com/
Origin
https://de.scribd.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:27 GMT
content-encoding
gzip
last-modified
Tue, 21 Jul 2020 10:29:52 GMT
server
Fastly
age
12483453
etag
"d42becc31e57b4de7aa3a30fc293d8c1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
17746
expires
Thu, 09 Jun 2022 05:38:53 GMT
sdk.js
connect.facebook.net/en_US/ Frame E1E9 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: s-f.scribdassets.com
URL: https://s-f.scribdassets.com/webpack/monolith/3.0241009b77f32e1b32b6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e5296b102ae5e69960002cccb13aaa87ab687b2f7ef0571967d618a6974fc692
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
6rH5v7S5wNmJkH15qcikQg==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1685
x-fb-rlafr
0
x-fb-debug
dq9RH6jri6OFw/jTHOH4+gWi8HtdENeoU/h/UgmUClFUaAI9mC0Y6SbH1o97dQJILlL2a0vOQ6GrapNMFx+5xg==
x-fb-trip-id
686109401
x-fb-content-md5
4ed9c22c108249074f2d25cbf95d7c03
x-frame-options
DENY
date
Sun, 31 Oct 2021 17:16:27 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"89845451807aa77956e3d4b3576bdd3f"
timing-allow-origin
*
expires
Sun, 31 Oct 2021 17:18:13 GMT
sdk.js
connect.facebook.net/en_US/ Frame E1E9 		271 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=b4dbd6d606fe263617ff63ce1aaca5c3
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cf943527b414f179951550393514f51cc9549bd3aaf9f1814848ad96f9230372
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://de.scribd.com/
Origin
https://de.scribd.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
b+QIsNcPxIy/2iESs+I6jQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
78155
x-fb-rlafr
0
x-fb-debug
6dCUKtaqOmreN2R9rw5TlmTarZoxh0x+6ylYm3kp4fD5e+UFDdDLaEaGoOVG5+9O+4WL7uJTG+SVSXidFfzjow==
x-fb-trip-id
686109401
x-fb-content-md5
3f6da30c0e734546ed46fd6ac35a17d4
x-frame-options
DENY
date
Sun, 31 Oct 2021 17:16:27 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"1882e301b40ca3e96dfeb59d1bc2e217"
timing-allow-origin
*
priority
u=3,i
expires
Mon, 31 Oct 2022 16:04:37 GMT
lounge.load.476c68be0ef9b136177aa11ed8dc9365.js
c.disquscdn.com/next/embed/ Frame A3A9 		958 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.load.476c68be0ef9b136177aa11ed8dc9365.js
Requested by
Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34320%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34320&t_u=https%3A%2F%2Fthetruedefender.com%2Fbreaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified%2F&t_e=BREAKING%20NEWS%3A%20Mesa%20Country%2C%20Colorado%202020%20Election%20Reviewed!%20They%20Found%20Thousands%20Of%20Ballots%20Contaminated!%202020%20Election%20Must%20Be%20Decertified!&t_d=BREAKING%20NEWS%3A%20Mesa%20Country%2C%20Colorado%202020%20Election%20Reviewed!%20They%20Found%20Thousands%20Of%20Ballots%20Contaminated!%202020%20Election%20Must%20Be%20Decertified!&t_t=BREAKING%20NEWS%3A%20Mesa%20Country%2C%20Colorado%202020%20Election%20Reviewed!%20They%20Found%20Thousands%20Of%20Ballots%20Contaminated!%202020%20Election%20Must%20Be%20Decertified!&s_o=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:2600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6db623175e53f8a8fbe0dd0b9ef38213bfffab51835c940b2ff705514b3bee9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34320%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34320&t_u=https%3A%2F%2Fthetruedefender.com%2Fbreaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified%2F&t_e=BREAKING%20NEWS%3A%20Mesa%20Country%2C%20Colorado%202020%20Election%20Reviewed!%20They%20Found%20Thousands%20Of%20Ballots%20Contaminated!%202020%20Election%20Must%20Be%20Decertified!&t_d=BREAKING%20NEWS%3A%20Mesa%20Country%2C%20Colorado%202020%20Election%20Reviewed!%20They%20Found%20Thousands%20Of%20Ballots%20Contaminated!%202020%20Election%20Must%20Be%20Decertified!&t_t=BREAKING%20NEWS%3A%20Mesa%20Country%2C%20Colorado%202020%20Election%20Reviewed!%20They%20Found%20Thousands%20Of%20Ballots%20Contaminated!%202020%20Election%20Must%20Be%20Decertified!&s_o=default
Origin
https://disqus.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 18:30:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
341147
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
497
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 27 Oct 2021 17:58:28 GMT
server
nginx
etag
"61799344-1f1"
content-type
application/javascript; charset=utf-8
via
1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
expires
Thu, 27 Oct 2022 18:30:40 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA60-P1
timing-allow-origin
*
x-amz-cf-id
aG7f2UhHXihVyNIfHVVISwzVIwNLvHUqdMJK5BRwZxdejx6-Grcn6g==
x-cache-hits
0
events
wa.scribd.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://wa.scribd.com/api/v1/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://de.scribd.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://de.scribd.com
accept-ranges
bytes
date
Sun, 31 Oct 2021 17:16:27 GMT
via
1.1 varnish
x-served-by
cache-fra19157-FRA
x-cache
MISS
x-cache-hits
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security
max-age=31536000
content-length
0
4-21376e9fc9.jsonp
html.scribdassets.com/1rknlqngu895apsd/pages/ Frame E1E9 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://html.scribdassets.com/1rknlqngu895apsd/pages/4-21376e9fc9.jsonp
Requested by
Host: de.scribd.com
URL: https://de.scribd.com/embeds/535977673/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6583cc62c29e5bab8a683b7ca1c7d52c9db246bb9b29bbd9f9c3e2dfcf9eddfd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
p_sx9st6wqI0Zi0t9qFCExQ.ZPplvp74
content-encoding
gzip
etag
"9c0d99e2be2d3fc354a60615717f4b96"
age
64875
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
content-disposition
inline;filename=4-21376e9fc9.jsonp
content-length
1551
x-amz-id-2
p0UeZ1f3vfoyluAosGsV9lBigFiDEoKRjuQrpURvKpKkIG4OqHfxWeqtVeqO25zqYJYKqDb+ghE=
x-served-by
cache-dfw18640-DFW, cache-fra19160-FRA
last-modified
Fri, 29 Oct 2021 23:14:46 GMT
server
nginx
x-timer
S1635700587.087558,VS0,VE2
date
Sun, 31 Oct 2021 17:16:27 GMT
x-amz-request-id
CX98NNR0AWYQVFTP
access-control-allow-origin
*
accept-ranges
bytes
content-type
application/x-javascript
x-cache-hits
1, 1
scribd_logo_horiz_small.svg
s-f.scribdassets.com/images/ Frame E1E9 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-f.scribdassets.com/images/scribd_logo_horiz_small.svg
Requested by
Host: s-f.scribdassets.com
URL: https://s-f.scribdassets.com/webpack/monolith/embeds_new.4c7b1149a2a215b07588.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ce26ce80e2600bac966a056baf7f56e2846350d5d3674d8a2a01adfc4700c329

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s-f.scribdassets.com/webpack/monolith/embeds_new.4c7b1149a2a215b07588.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:27 GMT
via
1.1 varnish
age
2734544
x-cache
HIT
x-cache-hits
23436
content-length
3010
x-served-by
cache-fra19160-FRA
last-modified
Thu, 23 Sep 2021 21:15:45 GMT
server
nginx
x-timer
S1635700587.089025,VS0,VE0
etag
"614cee81-bc2"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
expires
Sun, 28 Sep 2031 01:40:42 GMT
events
wa.scribd.com/api/v1/ Frame E1E9 		40 B
75 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wa.scribd.com/api/v1/events
Requested by
Host: s-f.scribdassets.com
URL: https://s-f.scribdassets.com/webpack/monolith/2.34c0303ab47193ff1d3c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
97d5aa458ae622677dbd0e091aca9796aba8b99ce226aa081b8f518390e23c3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://de.scribd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 31 Oct 2021 17:16:27 GMT
via
1.1 varnish
x-served-by
cache-fra19142-FRA
vary
Origin
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://de.scribd.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
40
x-cache-hits
0
location
de.scribd.com/login/ Frame E1E9 		98 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://de.scribd.com/login/location
Requested by
Host: s-f.scribdassets.com
URL: https://s-f.scribdassets.com/javascripts/jquery-3.3.1.min.js?6497c5065
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bae3305d5151d595126e6dc587caf9a0b5d9b118789e5466674d44ead9799a9c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
X-Tried-CSRF
1
Referer
https://de.scribd.com/embeds/535977673/content
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
X-CSRF-Failed
3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
x-debug
XHR
x-content-type-options
nosniff
x-cache
MISS
status
200 OK
content-encoding
br
vary
Accept-Encoding, X-Language-Locale
x-xss-protection
1; mode=block
x-request-id
61c433c1c8863bc0b9f1197af96f3f1d44fa76b4ddc0fcf276f1a431b5f91679
x-served-by
cache-fra19142-FRA
x-runtime
0.004592
server
nginx
x-frame-options
SAMEORIGIN
date
Sun, 31 Oct 2021 17:16:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json; charset=utf-8
via
1.1 varnish
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
x-cache-hits
0
events
wa.scribd.com/api/v1/ Frame E1E9 		40 B
94 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wa.scribd.com/api/v1/events
Requested by
Host: s-f.scribdassets.com
URL: https://s-f.scribdassets.com/webpack/monolith/2.34c0303ab47193ff1d3c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
97d5aa458ae622677dbd0e091aca9796aba8b99ce226aa081b8f518390e23c3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://de.scribd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 31 Oct 2021 17:16:27 GMT
via
1.1 varnish
x-served-by
cache-fra19142-FRA
vary
Origin
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://de.scribd.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
40
x-cache-hits
0
events
wa.scribd.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://wa.scribd.com/api/v1/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://de.scribd.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://de.scribd.com
accept-ranges
bytes
date
Sun, 31 Oct 2021 17:16:27 GMT
via
1.1 varnish
x-served-by
cache-fra19157-FRA
x-cache
MISS
x-cache-hits
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security
max-age=31536000
content-length
0
rewriteframes.min.js
browser.sentry-cdn.com/5.20.0/ Frame E1E9 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/5.20.0/rewriteframes.min.js
Requested by
Host: s-f.scribdassets.com
URL: https://s-f.scribdassets.com/webpack/monolith/embeds_new.2aa63f92f04eab068365.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
79e34e8ea066913d88be93b8462be752ccd77e639161c8262d64cdafd886b093
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://de.scribd.com/
Origin
https://de.scribd.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:27 GMT
content-encoding
gzip
last-modified
Tue, 21 Jul 2020 10:29:51 GMT
server
Fastly
age
12482155
etag
"94c725b59f7248fe327a5874961b6dc4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
2498
expires
Thu, 09 Jun 2022 06:00:31 GMT
load
ads.betweendigital.com/ Frame E610 		68 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/load?randsalt=48160&context=AAAAACMJoThhdgACaQAtAs1Vza8kNxGf531arVZPC6wigRCHERJPiZSe6bb7Y4bo6e1uNrBos2GVLNoDoJXdbXe7u2332O5PCZQrl1wj8R8gbtz5DyKhcIAkyiUkB0QuKxEQhyjCM29mV5AEJE6UeqbsclW5_CtXGdyJ0ggmLCQeyiLkhQyF3jrwEw-F67WTZKsAIxD84bd_f_PkT39--2-_fHSZi2Y2A2-BwtrGfHe5tAW1uqUZZVRmVC9SJZZEU1xxmXuS9sYT1GAvVa20enS8VhpnyoM-9D1a09RyJT1NO057mnnO3egxp7wdqtZgmRlPMY_gulbWOHtpseASW6f8rz5Ea6xHqJfRlGrLGafZEqz-U5zgm-tgEazXiyBYLRIEPjq6pyZe13gZLfz5sw-5zFRv5q88mAf-wn9h7gRx-MJ8iMPn5jebpqYPKbnL7TJCyQLF82fv3nlw7-Xn5zWv6Pz7NK3Uc_MXC60EXa6dw0UYo9UiCuevYYY131uBqyFCYXJgJ3EQB2gNroV-FPowAO8cg08ugRn4KgDufwZOv-AgTnzdIfjIFFjTrdLVH9y8FcA9mzkC298z-wM9CnxwNfZRgMDx7ZfAt7-nsaxYq-0ci_k9zCU4vvMSuAIXvg-OMwqu7e0ACMDVH7r99YFdCXy0cp7DVx_cckrz5fwuzpyTnpL5fU0FbwW4Xvbc1Cqt-EUg4FsP7r-8fnTzdhRA5Ierz81PwiiJVyG4_OL9e-CZzGVaLrYXCVx-9Ue33EHATw45xZlZEGp76pDgObe43qUVZ6VR8tyeNZoSnrktT6TSAtdu9NYfAXjvw79c2kUyc5gegaMdOrv57ju5yBk4Xkc7-W51r__7k8Pe7aLj3N2z3Y6y1fVytU6WUkIKJSpImeCY6FaUIa6mqm6YZWFsoiwahjCGfdOxHsORsE7hVNih4TjPobEipEPfb1JRoq7o2tT5U6QNnQaDVrDWTrwjU6dgNeUQG6MiYrO2TohmTLMihfkI9ZCTEbWscimDcVmbliSTykNUGs1KInKYkRraaeorI0iT5yotJZ2YsLChVGBaV6YgDnBh-iGCKm3rCenSsr7mehipjRHemKJNoJ6GSDe0ixwoomOy6hCrMtEmRRUVEMabje2qjqqsZIVkqo-QIHSsOhEXKGdFbgaVRT1uY1y1eYJNMaQwo-FGTlWu-cRa2MNaoEpuygp3mbtNBspasl52-Ui7tNJNblmuRlToUca2qgXjZCN0CyckcpE6G5HWYwZNM8ISUjv1LSIyw6aMaNxPY-kgpZ1pynCjs0pw1BAbs2mTjg3tx2rTkIoxk_UtHZuNFZOQ3EViNCIMyTzXfTVOUR0WnSwjbFA0kKpVidkIrjIxwbAZQpt2aihJ2-B4UgmPWt2XukaodcgNU1lNVEVoTEnXFJB36VjJDPZhx_It_iSOepZLHOc2q43bkpR06hFr2RiOnZ4i1kfasHYkNtkkaRfyuBnwMLQVUqiHZiS8rPO4mzJa7e8P3LQpOg_OglNXWvjHPz0LYhQlvh-tYtf5gziO13ESIZRA_7Rzy2GSQBSvIDxNW33mSvDU1dQZXKAgSCIfnVrl6u7pPFklYZy4Qp59Cd3-9cc_-_pjcn7g33j_r-9-rXn4X-cH-xvf-cfj7ufgxpf5_9_o8flsX-cH7vrCE3Ki188PK0f7ngA-_dUHN9zgDdeUjsCTPuEUthr_B0_LZ9sT_Fsg2_A-O9p20s9BAC5a4BfQlR6bYGv5yaUDWkfXkO8PMPIv_-bK0eu_mPa2v_vK9rug6we_J-4ZSjzXTLeP2U6yfcoO8G5b7v4deYL97MaF1lNM_wk=
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
common.bundle.2f2f40d40785c9541a90e9086c8770a3.js
c.disquscdn.com/next/embed/ Frame A3A9 		282 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.476c68be0ef9b136177aa11ed8dc9365.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:2600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4d958aa0fe56b2c9ef407522721c72a3f0ac4f0ae063a2e2d05c134b7a79fa85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34320%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34320&t_u=https%3A%2F%2Fthetruedefender.com%2Fbreaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified%2F&t_e=BREAKING%20NEWS%3A%20Mesa%20Country%2C%20Colorado%202020%20Election%20Reviewed!%20They%20Found%20Thousands%20Of%20Ballots%20Contaminated!%202020%20Election%20Must%20Be%20Decertified!&t_d=BREAKING%20NEWS%3A%20Mesa%20Country%2C%20Colorado%202020%20Election%20Reviewed!%20They%20Found%20Thousands%20Of%20Ballots%20Contaminated!%202020%20Election%20Must%20Be%20Decertified!&t_t=BREAKING%20NEWS%3A%20Mesa%20Country%2C%20Colorado%202020%20Election%20Reviewed!%20They%20Found%20Thousands%20Of%20Ballots%20Contaminated!%202020%20Election%20Must%20Be%20Decertified!&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 14:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
527457
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
94779
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Fri, 22 Oct 2021 00:26:02 GMT
server
nginx
etag
"6172051a-1723b"
content-type
application/javascript; charset=utf-8
via
1.1 a49c26e403f2dac09629dceb6dac5741.cloudfront.net (CloudFront)
expires
Tue, 25 Oct 2022 14:45:30 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA60-P1
timing-allow-origin
*
x-amz-cf-id
qoQcsQ7zLFY93LHGrYwUpkr5upYx3qqjrOMy1S3nqUPqHtGtUUVTQA==
x-cache-hits
0
prebid-request
onetag-sys.com/ 		15 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://thetruedefender.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
/
ssp.wp.pl/bidder/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Oct 2021 17:16:27 GMT
server
nginx
access-control-allow-methods
POST, GET
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
accept-ch-lifetime
604800
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
access-control-allow-headers
authorization, origin, x-requested-with, cookie, content-type, accept-ch
c
prebid.a-mo.net/a/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Sun, 31 Oct 2021 17:16:26 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin, Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ 		139 B
822 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e0f1558405a2cbc294e27c29ef74942d7af07d762e9dbfd3bf53dae4774617b7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:27 GMT
X-Proxy-Origin
91.199.118.73; 91.199.118.73; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
942c3b62-71df-4d6d-8e2d-2317c089706b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thetruedefender.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
apacdex
useast.quantumdex.io/auction/ 		0
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Oct 2021 17:16:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
cf-ray
6a6e87fdbfb66913-FRA
bid-request
rtb.adpone.com/ 		770 B
746 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adpone.com/bid-request?pid=1217251311622&gdpr_applies=false&consentString=undefined
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6456a16f349bc1ea5a1fb056211f3cd00e15e1a0b243190ff45df4b4144de01

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Oct 2021 17:16:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yi0NYSB6KA4jsVu3nw5vf4W%2BIUztGHOt80cSz3WKC731LEwUoCMznxLw5Qa%2FfcMIub5iC8OUqtEY%2BJBjvRhJX84As%2FAvjftXFzpwViKCwY5cGl%2Bhzy2gMwagM0usKvOo%2FepOEqYXhImSCqOP"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
cf-ray
6a6e87fdb82a690d-FRA
prebid
ib.adnxs.com/ut/v3/ 		140 B
823 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
af2e8356515db2140823997c9fe0f10ed5e06d4b47beac80ec9727488e2a3b63
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:27 GMT
X-Proxy-Origin
91.199.118.73; 91.199.118.73; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f15366d0-f7d6-4d1d-bba3-775bfd04b1c3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thetruedefender.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v2
i.connectad.io/api/ 		0
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 Oct 2021 17:16:27 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
6a6e87fdcced4e25-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
adjson
ads.betweendigital.com/ 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
c49d7715f024a12aa4586d931b6bdf086d68555281295024422693dae428b86e

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
v1
prg.smartadserver.com/prebid/ 		16 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
46385562d9721aabc08ec929d9db7be598eab6db24819b974d375b77e7d5e6f6

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 17:16:26 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
6%3b1%3b101
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
cdb
bidder.criteo.com/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.14.0&cb=69275054312
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Sun, 31 Oct 2021 17:16:26 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Sun, 31 Oct 2021 17:16:27 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
YH5Jw_Yargtdep4adH15QRzMBUed87AIG3sRepjQ148ZBYJmhdv6BxHLsGig-01rordVgHPvypxQlmGuWqfhboqaX1FDUMiBK7lmDOK3UV9QqrHOr8j_HKJ7pRE8cURSjC8AUllaYteCUQ-ke79ZyVkFf6PeHVlv6jeLVYJho5NVcE6WgyKiY3YtXM4mq8lPpD3rR...
cdn4.telesco.pe/file/ Frame EC3D 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/YH5Jw_Yargtdep4adH15QRzMBUed87AIG3sRepjQ148ZBYJmhdv6BxHLsGig-01rordVgHPvypxQlmGuWqfhboqaX1FDUMiBK7lmDOK3UV9QqrHOr8j_HKJ7pRE8cURSjC8AUllaYteCUQ-ke79ZyVkFf6PeHVlv6jeLVYJho5NVcE6WgyKiY3YtXM4mq8lPpD3rRoQWFgbspLLIE90bt4gNMduLLbwHlatTX3feQRfFCWTl8gjHZe43d4XMVKpXZt1VCl9qqU3FGzSBHICPYWWitJ4nayktx5oRfLahDsw9ZRbdyuXnIM0_CEljSumbapj8JD1iwS6UJlKvbBF87w.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6a22fea0d1ce530da5d5278227de19dba8563a6416f093e1b177f08d805639c2
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
44915
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 31 Oct 2021 17:16:27 GMT
Server
nginx/1.18.0
Date
Sun, 31 Oct 2021 17:16:27 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-44915, bytes
Expires
Tue, 30 Nov 2021 17:16:27 GMT
truncated
/ Frame EC3D 		683 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b5c639313a20041c6986df07dae08542d6e26be05464cadce13a51141b8a8886

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
bx57EEmzb1E3ECYQOrjTjOi86UXksfL5W0ZO19oIqbHtv5sjDyrOc17Dve4qvDgSd6eJbYFJKlKkp1ROoRxfoibqx6gbneXgtSfDdJM4jnPWLBuB9HbTTLODTCYD6SEj7VNxrG6QLW9O2CVK2s4vA3HzlpXFg0chLmK-uLWQFh8sOYmhIHVGxYRSxaix6tpAIFErh...
cdn4.telesco.pe/file/ Frame EC3D 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/bx57EEmzb1E3ECYQOrjTjOi86UXksfL5W0ZO19oIqbHtv5sjDyrOc17Dve4qvDgSd6eJbYFJKlKkp1ROoRxfoibqx6gbneXgtSfDdJM4jnPWLBuB9HbTTLODTCYD6SEj7VNxrG6QLW9O2CVK2s4vA3HzlpXFg0chLmK-uLWQFh8sOYmhIHVGxYRSxaix6tpAIFErhqiAVy1XUVjiOGnrwKN--HoNlHSiclSb0tJQ-HYv6gViRDPe2n9DLJl-plXwUAbkVSMJ7Tk_GeOsbsCYIf05-A1QB-0ke_8auIkE2EyktqJGXtmxy0aeVnKdaXHdvq2i9RZXEj2G9uXFS__MAA.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
1c76aa98178168a1d4b90773f659cfd410764fe8f218a37c74a6fbc4e64f15ec
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
25882
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 31 Oct 2021 17:16:27 GMT
Server
nginx/1.18.0
Date
Sun, 31 Oct 2021 17:16:27 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-25882, bytes
Expires
Tue, 30 Nov 2021 17:16:27 GMT
GXtOjK6GrdXreeKV5zkaVZdv9hAfvtNkI0CHy-R5P3pqKGW46fZY0yi5gLSRZwxmVXu9CJ0qvQlCPZAfpVZ7kfqVDZz6km1I6zipk_cpscf5zXMCXmX-QzF_H8VVtyFmdfH3sywKXZ0bf6F8S_DAjw_pSqWrX2L4k8mjymmp6rOf4km57w0wR7BxosD_tLTybe5I5...
cdn4.telesco.pe/file/ Frame EC3D 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/GXtOjK6GrdXreeKV5zkaVZdv9hAfvtNkI0CHy-R5P3pqKGW46fZY0yi5gLSRZwxmVXu9CJ0qvQlCPZAfpVZ7kfqVDZz6km1I6zipk_cpscf5zXMCXmX-QzF_H8VVtyFmdfH3sywKXZ0bf6F8S_DAjw_pSqWrX2L4k8mjymmp6rOf4km57w0wR7BxosD_tLTybe5I5rvIaS6GcIhDal-bbA_jTLQ1W22Ja99o3_il-7dlgyXobaRB9zOkeoh7vcSl-LumJFbgMeMHxv2sRSORa7r9tPBY-0C31KhoyT3vNNm5X2oyfRWYeuWKuy5gSO0l_wbd70uw6r8vjQUHXBzpiQ.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
81e6a229e6d54d5353a5b2f4e61603327e2c6492d75bbb7f1d31e6add1a4ae5d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
40248
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 31 Oct 2021 17:16:27 GMT
Server
nginx/1.18.0
Date
Sun, 31 Oct 2021 17:16:27 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-40248, bytes
Expires
Tue, 30 Nov 2021 17:16:27 GMT
TMX8Yy7cCOIQNj5KYg1TlANHKoKDF2rlmFVo2X4WECy8Rib2-i1ZWdJHNuqvACLx-KUbpQOPLaO123QO5rItNJJ3zHUdT-WEdzmwH9Jkf1bbKVYKx6U7mvTDitKJu31KmAfEgQUB3eAI9aU9gSqqdCLjvmaf3YbOsJeSXQO8hz3JTP9WCT1KnhZUhjI6hB-jgX3rG...
cdn4.telesco.pe/file/ Frame EC3D 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/TMX8Yy7cCOIQNj5KYg1TlANHKoKDF2rlmFVo2X4WECy8Rib2-i1ZWdJHNuqvACLx-KUbpQOPLaO123QO5rItNJJ3zHUdT-WEdzmwH9Jkf1bbKVYKx6U7mvTDitKJu31KmAfEgQUB3eAI9aU9gSqqdCLjvmaf3YbOsJeSXQO8hz3JTP9WCT1KnhZUhjI6hB-jgX3rGNth_w--U7CPlMoWd8NCfuDzAnvanPqx2ztnqwQosjB1KmdRJh318Vqh-218wwfV2yi02Z6T4fRAGyMFlIp4ekVlvDpc8zRu5pWCjBK824B1zOiC0ecUxrmSCGXXgU4__ovsPcSPKC50wFOImw.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
3957a54799bf6ef657934607e52d99c1f0355063a1e3ceceeb56729135192e75
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
49461
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 31 Oct 2021 17:16:27 GMT
Server
nginx/1.18.0
Date
Sun, 31 Oct 2021 17:16:27 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-49461, bytes
Expires
Tue, 30 Nov 2021 17:16:27 GMT
ljpSmOl3PBJYbP-D1UnHqYiBnEAPXyv_5YhKOFmrmHfmr5UkfqO35f7HI62-RojbxAmMobgLcgnnTnbhRuyU1NzwlVHxnwAil3p-nMMIzq1dE87DN9R6CovVJjWxa1aoT8dOHC6-3MPzIoQAav1HiBe4D-ghpOnacA_AShmQU9wKNljngyluv-O4EgqMlbMWsgAIT...
cdn4.telesco.pe/file/ Frame EC3D 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/ljpSmOl3PBJYbP-D1UnHqYiBnEAPXyv_5YhKOFmrmHfmr5UkfqO35f7HI62-RojbxAmMobgLcgnnTnbhRuyU1NzwlVHxnwAil3p-nMMIzq1dE87DN9R6CovVJjWxa1aoT8dOHC6-3MPzIoQAav1HiBe4D-ghpOnacA_AShmQU9wKNljngyluv-O4EgqMlbMWsgAITeovukbwYpILpZO8wvPUqNx6jnOemjNbtWCPtcoQfJRjQOoI60lSSRxTZEyaCi2kzgCEQKxxfTrzyaz3CDyoF_BKJc2lwiif6lQrjNDslsYSeZCSIhsmR54iE2Vjb0-lfx-x5TeZtIsh8O5eqg.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
201531608a77917e84bf96bc44aec6def53c7ef5afa4aee18a9cafdf266e73b9
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
38215
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 31 Oct 2021 17:16:27 GMT
Server
nginx/1.18.0
Date
Sun, 31 Oct 2021 17:16:27 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-38215, bytes
Expires
Tue, 30 Nov 2021 17:16:27 GMT
LUvxIJxS8DNM2h0e4y4fJUJ2aez1OgkihId4o7C8okZNZETEdNpGh3kmYQ7qBu0-oqAHcRs7iWFQVNJNAaGuhCzQ_s4fyPRuGevR_xdeyOQ6HtvcrG_frdBhGe829lRUd3yXFBdk17rEbV6V9lJI_YBz5SJXcxhc8Qj8dFXelJtYZLqL5rtAQck-7lX5BqQlA3Ugn...
cdn4.telesco.pe/file/ Frame EC3D 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/LUvxIJxS8DNM2h0e4y4fJUJ2aez1OgkihId4o7C8okZNZETEdNpGh3kmYQ7qBu0-oqAHcRs7iWFQVNJNAaGuhCzQ_s4fyPRuGevR_xdeyOQ6HtvcrG_frdBhGe829lRUd3yXFBdk17rEbV6V9lJI_YBz5SJXcxhc8Qj8dFXelJtYZLqL5rtAQck-7lX5BqQlA3UgnXVwx_xN6HLUDHQBjls2ClLRlIIKKoVMHNQbCd1HQwitloyd636Z9hnrEn34zGxYnelKi7PyhBz0D73kk8DAA1dnFCAR2vEGvm_SWt7Iy0JQrfTCfQOUVM8hxBS2R8O8ixDypsO4SdLbWus8VA.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
a930f01f1e0a5624038faac6bf24dea94ccb9eeab93434aa1b63a0ec3d170909
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
104030
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 31 Oct 2021 17:16:27 GMT
Server
nginx/1.18.0
Date
Sun, 31 Oct 2021 17:16:27 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-104030, bytes
Expires
Tue, 30 Nov 2021 17:16:27 GMT
QQvU8PMaJYZxrPIsC3Sy92Nj5RMo1JhnJn34OyrU0MSLBc5ilf2p0rTLA6Uw5fc-7o3SgKWzocMWA-wsOVN5QQq36iq9C9GcyvIkY7BJv8TdZKJr87mIJw_Xu9aV_dvVHq5xRFn6VDamOPqSY9YaHN4Pv-WS3hxhUZheF3fQpMLhr6wlAHC5d2j_Z_C0_AovoKDy-...
cdn4.telesco.pe/file/ Frame EC3D 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/QQvU8PMaJYZxrPIsC3Sy92Nj5RMo1JhnJn34OyrU0MSLBc5ilf2p0rTLA6Uw5fc-7o3SgKWzocMWA-wsOVN5QQq36iq9C9GcyvIkY7BJv8TdZKJr87mIJw_Xu9aV_dvVHq5xRFn6VDamOPqSY9YaHN4Pv-WS3hxhUZheF3fQpMLhr6wlAHC5d2j_Z_C0_AovoKDy-MrI4cOFil8rO7rOFG7UASAsyUMeIEX86anBxx3GyEEPdec9gIE59nUiDH-ZNLaU6dH_CyXpNViFNeEEwKoQxEYXA0neXuCJ8NrSHbXlIBMUCef3eXrgHXMzH_uyXSIIy-pENSQzD5p9vY_GHw.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
bf28014f1ab4de1fa3aed507de5b74699a6f56edf69dcdff20e40fb834086836
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
15971
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 31 Oct 2021 17:16:27 GMT
Server
nginx/1.18.0
Date
Sun, 31 Oct 2021 17:16:27 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-15971, bytes
Expires
Tue, 30 Nov 2021 17:16:27 GMT
hTaKpJTCnGGYVxsloBi1fZFxsXWdKhshzDjry_M2l2Aa9v3nXLwmHK1OsLPI7uOMB8R6ijS6gcOM5MA4pAxU2RHaww5wfdgXDH-RTGlAgeUe7yzCICJrDBdaFOnjzJHUfNYstQo_lMrQfIZaxndEyvv1UA7Rajjg8un5yqaSTxW7wskqZomaJhaKZ5-qnk_H23tG8...
cdn4.telesco.pe/file/ Frame EC3D 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/hTaKpJTCnGGYVxsloBi1fZFxsXWdKhshzDjry_M2l2Aa9v3nXLwmHK1OsLPI7uOMB8R6ijS6gcOM5MA4pAxU2RHaww5wfdgXDH-RTGlAgeUe7yzCICJrDBdaFOnjzJHUfNYstQo_lMrQfIZaxndEyvv1UA7Rajjg8un5yqaSTxW7wskqZomaJhaKZ5-qnk_H23tG81WNgkDiP6E-fxEjHbLo0Uf7PhGA1vbdqzrSwoJ-PQegg0orNvdHlU2P4igZ94s-8_crNLopR7GAqPhqyuvGBR2kZeWw0QafPW3ShjSQtVxZ8E5b66b5Z46gq6lqqseW3K_gtqX9NF-QeVrSqw.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
c4b37f1d3d115af57eb2f1c45ddd3b2034d256946545f2a5490878606c47adbe
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
44746
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 31 Oct 2021 17:16:27 GMT
Server
nginx/1.18.0
Date
Sun, 31 Oct 2021 17:16:27 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-44746, bytes
Expires
Tue, 30 Nov 2021 17:16:27 GMT
p5lAX7eck38CHYtKKc5uLq48_a7YuI5Laot02tNLDnX2I6jks0BDoKLTv_TPWS7pamoSUhhWi9jyeTDAcLVcnSbZYpI8aHxx9xAeaV75yfdWaqz6G62C4sbBgzgjRY4UuYEaRclwbAAmYIc1WYo6z4V6DxQ60rpLZefy8UKY7Mjt5bp8lJf2RKh-_qWpwQoKnxrRr...
cdn4.telesco.pe/file/ Frame EC3D 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/p5lAX7eck38CHYtKKc5uLq48_a7YuI5Laot02tNLDnX2I6jks0BDoKLTv_TPWS7pamoSUhhWi9jyeTDAcLVcnSbZYpI8aHxx9xAeaV75yfdWaqz6G62C4sbBgzgjRY4UuYEaRclwbAAmYIc1WYo6z4V6DxQ60rpLZefy8UKY7Mjt5bp8lJf2RKh-_qWpwQoKnxrRrdtXA-8fWaet3DcM8wz0evmdrCwqOUiEsJpBCsUAAdS1OCTgR6XDozG1pJh3T6MmP6bIqh_eWCXNaKqHPhWvXFGez2MeswdtI8W_I1KFhRUW1hQ883sv8yfsqn567uAoe897Kov1NEy72nlkWg.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
64ad4ae3bb1addf515c321513b1ff54860984fbd21268fe480f09e339db35718
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
54213
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 31 Oct 2021 17:16:27 GMT
Server
nginx/1.18.0
Date
Sun, 31 Oct 2021 17:16:27 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-54213, bytes
Expires
Tue, 30 Nov 2021 17:16:27 GMT
Tv4NtLXUVbM-nhgOuIRgtyaJ9MtZEUGNqeK-EetotBonPujoN471VEq4WCuRdi4TEKTWMv_rwdOAtGarWHUcWTAZ99l15kd6Dg5pTbqm7OrMIBazcSCyfatqFbVzxwbYD2rdQ1d-mMcq9I8DaQ2p3xX7JuJPzbTYxwwJpPgfNeGrVuReX07E_ON-Vt8W7aYorW58c...
cdn4.telesco.pe/file/ Frame EC3D 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/Tv4NtLXUVbM-nhgOuIRgtyaJ9MtZEUGNqeK-EetotBonPujoN471VEq4WCuRdi4TEKTWMv_rwdOAtGarWHUcWTAZ99l15kd6Dg5pTbqm7OrMIBazcSCyfatqFbVzxwbYD2rdQ1d-mMcq9I8DaQ2p3xX7JuJPzbTYxwwJpPgfNeGrVuReX07E_ON-Vt8W7aYorW58cwKA3dfluYSSrukjvt7utNT1V2xlfLu7v74s2TJfK-FoFXJR2lpbHyKU74I3XJQmBlwQx3V5liHBxIRZBCY1S5d4-yD7LdWRbdQX9f8i2JPSOCSQabWWtwgAXdY4t0l0gbHo7Uqp-XSby46I3Q
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
856a60a1ff6e8bfd22a22e794ff065cef2cd11832014b480b3493f92bbe767cf
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
14053
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 31 Oct 2021 17:16:27 GMT
Server
nginx/1.18.0
Date
Sun, 31 Oct 2021 17:16:27 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-14053, bytes
Expires
Tue, 30 Nov 2021 17:16:27 GMT
truncated
/ Frame EC3D 		496 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f48401d810df54d8c06bd7a85a69b65e5403bab8dcb8d7e919f3d31247e5460

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
K3DZMZAzWLXG0IVyjw_fMv-YiErYY_tdWJymJ1TIxnk3NzH1YKQ_dCysobNeOPoM2P77sG3mH-uSk_KgIvXlOwl0zP1BHeRvl1zcPv4Yjm0F6yRC1K_nxID_Pky_SdQmlHY3Wkxb0cu5Yc8AViswbyS6xjyqW6WvKbsDAtG9FweRSRFesC2APYtuOKQ2Q0z0WZ6qd...
cdn4.telesco.pe/file/ Frame EC3D 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/K3DZMZAzWLXG0IVyjw_fMv-YiErYY_tdWJymJ1TIxnk3NzH1YKQ_dCysobNeOPoM2P77sG3mH-uSk_KgIvXlOwl0zP1BHeRvl1zcPv4Yjm0F6yRC1K_nxID_Pky_SdQmlHY3Wkxb0cu5Yc8AViswbyS6xjyqW6WvKbsDAtG9FweRSRFesC2APYtuOKQ2Q0z0WZ6qdebqqbt-ikm5oErpotqjyKeAWRj1xqKzh2OV-Maw-GRnB3SZwQZW_xHJgri6S5L7aaQKBbGnb68yslskPrHSy7YSUowJdlNKK-TLR2LVrlq96MjVDUlFbq2zKVmI3vwOHQfEKKZQfG7DS1AkYQ
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f85efa80211cd1ab15dcd18887187eaeabc76669b456501c41da854e3621bbf3
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
10197
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 31 Oct 2021 17:16:27 GMT
Server
nginx/1.18.0
Date
Sun, 31 Oct 2021 17:16:27 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-10197, bytes
Expires
Tue, 30 Nov 2021 17:16:27 GMT
jmsHfQGZDbupvBbPjk0H6dApcH6Q3TejrAzhv9IpV5TYpC06r9C-kNgzGQBu5xIN-pntTW0sGwXNmT9EK_kePfFn2Vv3lvWziuC_S0SwDvpPyuKGWiX9YKcmZspRh59LHI5dG92olPg3-wz46qg3lZCqAE7g3Mqf7JaNMhM1bKIwVCy613vlfE89Yq_q8xTMNibCR...
cdn4.telesco.pe/file/ Frame EC3D 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/jmsHfQGZDbupvBbPjk0H6dApcH6Q3TejrAzhv9IpV5TYpC06r9C-kNgzGQBu5xIN-pntTW0sGwXNmT9EK_kePfFn2Vv3lvWziuC_S0SwDvpPyuKGWiX9YKcmZspRh59LHI5dG92olPg3-wz46qg3lZCqAE7g3Mqf7JaNMhM1bKIwVCy613vlfE89Yq_q8xTMNibCRM5ULz8wdGZaFB_GIMsJM7M5LExDCg6aSxmT2giD7NACtKbqEaVk9JW3Ij5G7Qx5FaKC7FDf58vsQr0SyHmZUlKRLWM-xwyNTPCv2RWFyZXncetFlXISD0BoqzmhumPE4XEI_fW8RD1l8D7GSQ
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
90a3d019cc1e15013ed9beddba8b60cdc235d3ff7a14003843e6dfe033cd44ae
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
9156
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 31 Oct 2021 17:16:27 GMT
Server
nginx/1.18.0
Date
Sun, 31 Oct 2021 17:16:27 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-9156, bytes
Expires
Tue, 30 Nov 2021 17:16:27 GMT
VdXRtPtG3S4d8M_vQu8CXL8eNOTqL5kmyu1pdAK--qEV-2mi7GCU7w3SHUkcjMXBYYmTO_deh7DQCgF0_jtVM5Iuw6LQpxZes4RNo7gySHdupBLZ5dJbUg6uu2xn924jXhoqaDlRsmMUoYbTmhxu-1f3R53sLQOUL7EOmOvvsZWha931sJ6Fc09xXHqxHmhHK3Dpf...
cdn4.telesco.pe/file/ Frame EC3D 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/VdXRtPtG3S4d8M_vQu8CXL8eNOTqL5kmyu1pdAK--qEV-2mi7GCU7w3SHUkcjMXBYYmTO_deh7DQCgF0_jtVM5Iuw6LQpxZes4RNo7gySHdupBLZ5dJbUg6uu2xn924jXhoqaDlRsmMUoYbTmhxu-1f3R53sLQOUL7EOmOvvsZWha931sJ6Fc09xXHqxHmhHK3DpfXjupgZUVzyaEDZE14St7afvW-A_b91qEmoV5twOBJ_RXb5ly-NKJLFgMuh0kvExua3AE_O5WMnDIZD0lNXU6VeARb4w8N_lytmabs6mn52jm9cyHLWXdqnq11KwVTlFVkP21YLtgVL7Fs3NFQ
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6c93fa5f72512e106a5d3ebb02267e78c35f46e2def56ba782b68035832bce69
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
7840
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 31 Oct 2021 17:16:27 GMT
Server
nginx/1.18.0
Date
Sun, 31 Oct 2021 17:16:27 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-7840, bytes
Expires
Tue, 30 Nov 2021 17:16:27 GMT
F09F98A1.png
tlgr.org/img/emoji/40/ Frame EC3D 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlgr.org/img/emoji/40/F09F98A1.png
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
82e4606ac62675946dbd0cfe4aa7a30e5a56d3c3688514189bcd7d4871222310
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 17:16:27 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type
image/png
Cache-Control
max-age=345600
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Expires
Thu, 04 Nov 2021 17:16:27 GMT
d434KhDuLYBpowHpmTOP22kfAlcrQ6RSf8Uy1I3zC3sDbnXFP0PjFCf4rVJaWmdsMI2QKFRGny0bb2dJi0vqn8A_QPv7wDj7FUHWHl5HLY3--IwQVbiJs_CXs9RyPIeEZ7rLpcX6YmMzWEc081-apWgrr3tGnKJUkX1xg_btR6rA_mx94NNWDgpiC9sVGeEQUL0Tt...
cdn4.telesco.pe/file/ Frame EC3D 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/d434KhDuLYBpowHpmTOP22kfAlcrQ6RSf8Uy1I3zC3sDbnXFP0PjFCf4rVJaWmdsMI2QKFRGny0bb2dJi0vqn8A_QPv7wDj7FUHWHl5HLY3--IwQVbiJs_CXs9RyPIeEZ7rLpcX6YmMzWEc081-apWgrr3tGnKJUkX1xg_btR6rA_mx94NNWDgpiC9sVGeEQUL0TtodJRFqexntXOUGQnYqCUs_8Y3G1eaMG5N2TDSIlx95lFSV5MZ2GlBrTHidFqixX1jvkbaz06vcais0anofp9y5iq7TVHTfWwSr_S2zLePEVO46xDJkr-gn8Aqb387PAcwzM45v8Ra0theFtJQ.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
38e88c18b2417af068082949fed9fe1b2933be00bb111b626868e51cffa567a4
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
66244
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 31 Oct 2021 17:16:27 GMT
Server
nginx/1.18.0
Date
Sun, 31 Oct 2021 17:16:27 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-66244, bytes
Expires
Tue, 30 Nov 2021 17:16:27 GMT
uMTkawcqXBUA5tmCHMbtf42VynXJLQOm7JHOIxZyBC0KGPjqY8zgZADJAPFxefjkeyMG10F1O3xevRS0ARvkjoVyhFB1LzyIwlgYp2-qSODGsk-RynddHRhJh3Pip9suVUWwAmdez-a7iKDawE0doqx_temBvud2qUI6soF7_pD1lOcTHMgUpcfpQjvsH3CFBRdYd...
cdn4.telesco.pe/file/ Frame EC3D 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/uMTkawcqXBUA5tmCHMbtf42VynXJLQOm7JHOIxZyBC0KGPjqY8zgZADJAPFxefjkeyMG10F1O3xevRS0ARvkjoVyhFB1LzyIwlgYp2-qSODGsk-RynddHRhJh3Pip9suVUWwAmdez-a7iKDawE0doqx_temBvud2qUI6soF7_pD1lOcTHMgUpcfpQjvsH3CFBRdYdwI11iCZmC98_SWHtFjFRjV_SnFTiaFB_XwHxnTVB-3E4hgaFW-rBrEQVEEvu2q7j7Q2JKcuJnoUWoWMaxdqoi69KVQgdEHTYzOL2B2pIQro9zXDq9gen1nNnNCne38iBwDJaxfpHxcK8ZbmlA.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
3ebeacc7e432084b5124e56d124b562b06368b78c039ebfdb36635b4399d6746
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
27996
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 31 Oct 2021 17:16:27 GMT
Server
nginx/1.18.0
Date
Sun, 31 Oct 2021 17:16:27 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-27996, bytes
Expires
Tue, 30 Nov 2021 17:16:27 GMT
fM04nyB7j2CGxdSXKrSb6NQXkoauWHvdXPoZgGPn65lxSzHAqgwbi62jobANSYc31nI6mugYyJmNIuDBys8qJMhE89Oi7AfrWtJ34iSZNqoNxwBEwuP1feiKuLzMBZqOPd5KW20O3tmNxqbu-pwEibqCTwzyQ8YkqUk1FFQnmp4xER7mUxW3wLy5z8UnIfxcACnWd...
cdn4.telesco.pe/file/ Frame EC3D 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/fM04nyB7j2CGxdSXKrSb6NQXkoauWHvdXPoZgGPn65lxSzHAqgwbi62jobANSYc31nI6mugYyJmNIuDBys8qJMhE89Oi7AfrWtJ34iSZNqoNxwBEwuP1feiKuLzMBZqOPd5KW20O3tmNxqbu-pwEibqCTwzyQ8YkqUk1FFQnmp4xER7mUxW3wLy5z8UnIfxcACnWdHXG9fcFMpEjNh5CsqCUBkScP2OzwR2SYPIyiy_u-GSQ83qoWK95RYdXT6IfHInwUB-EuFclrVhrwx0AsCCY4pqYRk9faeuEQGR3X2ZEBguHMjEUMTs1Xyf0yhZ5fo9Qylb2EXcZEq10_XcefQ.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
b03a87f179ef9c572383188c376c2aba16eef1c429f91cffb5e670f77b55a995
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
30278
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 31 Oct 2021 17:16:27 GMT
Server
nginx/1.18.0
Date
Sun, 31 Oct 2021 17:16:27 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-30278, bytes
Expires
Tue, 30 Nov 2021 17:16:27 GMT
tExVQ_Gzcqvxz3j0PsRPNZGc4Yt9d6jd-tQznycOpG6ofvDJeDGI5CmbIUC6bYjeT4ebwbedfkEBuGtthU1UGCLZfHJSTWKMnXtSPusfm-VGffEFoDhJVf62m_l3yx8UYTHB-q0J2A9MpuqcGG0eafuWJuXV5OB43GlRuSETDNltSiTYSxYuuX68Kd8A2JcTmz6Vw...
cdn4.telesco.pe/file/ Frame EC3D 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/tExVQ_Gzcqvxz3j0PsRPNZGc4Yt9d6jd-tQznycOpG6ofvDJeDGI5CmbIUC6bYjeT4ebwbedfkEBuGtthU1UGCLZfHJSTWKMnXtSPusfm-VGffEFoDhJVf62m_l3yx8UYTHB-q0J2A9MpuqcGG0eafuWJuXV5OB43GlRuSETDNltSiTYSxYuuX68Kd8A2JcTmz6VwP-f2GRmIpCsjTs7t7uKOZaEsXJzlSPuLKIXF22Cz4zsyFZ4RUqQ2OVfvidasOhuyjPY4w-ypQrZaOz7DJwBYPhPSYCc7ENqEvdPebGhBCOnPn-tqRWeDqWwf2rvCDiijCzDR3z9LQ79URrSlA.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
82ff4455c684dc06d7c2a3531129f7900085f0260c188d67215dc7b9b9d61b5d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
28278
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 31 Oct 2021 17:16:27 GMT
Server
nginx/1.18.0
Date
Sun, 31 Oct 2021 17:16:27 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-28278, bytes
Expires
Tue, 30 Nov 2021 17:16:27 GMT
q0bZparN7E62WYrT4KkPzMEPDo2qZiilzIffyJULIH44zExYwY3h_XqQ_tKf2QZY0Oai21pNYnPCulD0OGhGEikVBtHgM47AsrnjYG2KTwH5GKSLcAVfV1JErwKWK23pX4TdvuQPTXrwISeLUnRhmTmKWA0SfH-wlmmfohdypGyG4oA5IX9hTqqvW-gRb-GCVbvs3...
cdn4.telesco.pe/file/ Frame EC3D 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/q0bZparN7E62WYrT4KkPzMEPDo2qZiilzIffyJULIH44zExYwY3h_XqQ_tKf2QZY0Oai21pNYnPCulD0OGhGEikVBtHgM47AsrnjYG2KTwH5GKSLcAVfV1JErwKWK23pX4TdvuQPTXrwISeLUnRhmTmKWA0SfH-wlmmfohdypGyG4oA5IX9hTqqvW-gRb-GCVbvs3eyGpC0w4cKo7aSI0xpmJiwJjxcvdktAbpY3C-3Iu8R1MmW2NsxXhQ39UTjQMr90AT31bd9pOCiMto1at3-l-oLc5gSpQZ-RtGkRX7F1pOaxThSroW7JyLmIJO6b2rKL6Wy61aYrrc9nWMFHAg.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e9020c4c53ca9b85fff4e05ef42fbc1d0004cf8c2eb78fc98b0c8b7dc1d1bf79
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
65273
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 31 Oct 2021 17:16:27 GMT
Server
nginx/1.18.0
Date
Sun, 31 Oct 2021 17:16:27 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-65273, bytes
Expires
Tue, 30 Nov 2021 17:16:27 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame EC3D 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn--r1a.website
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 16:31:41 GMT
x-content-type-options
nosniff
age
348286
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 27 Oct 2022 16:31:41 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame EC3D 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn--r1a.website
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 02:46:35 GMT
x-content-type-options
nosniff
age
224992
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 29 Oct 2022 02:46:35 GMT
616f3101f2264t1634676993r4399.jpg
i.cdnkimg.com/auto/300/image/tesr/3048/48/ Frame 3CCF 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.cdnkimg.com/auto/300/image/tesr/3048/48/616f3101f2264t1634676993r4399.jpg
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.36 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
553b5cd1a2a3f3768c835a1228c4c5680df0ba1d9fcf0981c5de2e37b56a78dd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:27 GMT
server
nginx/1.18.0
x-cache-status
MISS
content-type
image/jpeg
access-control-allow-origin
*
expires
Sun, 14 Nov 2021 17:16:27 GMT
cache-control
max-age=1209600
content-length
43450
x-proxy-cache
HIT
imp
lbs-us-east1.ads.betweendigital.com/ Frame 3CCF 		68 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lbs-us-east1.ads.betweendigital.com/imp?id=5c527f4b-3d53-4f34-9107-3499d53d81a3&bidid=1038&impid=1&adid=TPL9_AD5123048&bannerId=4054021&randsalt=102667&impression=AAAAAGLy8zxhdgACaQAtAs1VzatkRxXvV_MYhuEx6hBIEBeN4CMBb_e9Vfej2_B4M5OJjkwmGeLILFSGqnur7mdV3a6P-wVKtm7cCv4H4s69_0FAdKFJyCYkCzGbAZPgIgSr-3VPyKfgysPtPlWnzjl16nfqnAJ3ojSCCQuJh7IIeSFDobcO_MRD4XrtJNkqwAgEf_vTR789efsff_nwd48ul7ydzcDroDCm1T9YLk1BjbI0o4yKjKpFKvmSKIrrUuSeoL32ONXYS6UVRo2ON1LhTHrQh75HG5qaUgpP0a6kPc085270mFPeDqXVWGTak8wjuGmk0c5eGMxLgY1T_qwPbrXxCPUymlJlSlbSbAlWXxcn-PY6WATr9SIIVosEgfeO7smpbBq8jBb-_NmHpchkr-cvP5gH_sJ_fu4Ecfj8fIjD5-Y327ahDym5W5plhJIFiufP3r3z4N5L3583ZU3nP6JpLZ-bv1Aoyely7RwuwhitFlE4_wlmWJV7K3A1RChMDuwkDuIArcG10I9CHwbgjWPwwSUwA98EwP3PwOmXHMSJrzsEH-kCK7pVuvrjm7cCuGczR2D7e2p_oEeBD67GPgoQOL79IvjuDxUWNbPKzDGf38OlAMd3XgRX4ML3wXFGwbW9HQABuPqK218d2JXARyvnOXz1wS2nNF_O7-LMOekpmd9XlJeWg-tVX-pGpnV5EQj4zoP7L60f3bwdBRD54eoL85MwSuJVCC6_cP8eeCpzmRaL7UUCl1_96S13EPDzQ05xpheEmp46JMq8NLjZpRVnlZbi3Jy1ipIyc1ueCKk4btzo9b8D8Na7_7y0i2TmMD0CRzt0dvPdd3KRM3C8jnby3epe_68nh73toitLd892OwqrmuVqnSyFgBQKVJAqwTFRllchrqe6aZlhYayjLBqGMIZ927Eew5GwTuKUm6EtcZ5DbXhIh77fpLxCXdHZ1PmTxIZOg0HDmTVT2ZGpk7Cecoi1lhExmW0SohhTrEhhPkI15GREltUuZTCuGm1JMsk8RJVWrCI8hxlpoJmmvtactHku00rQiXEDW0o5pk2tC-IA57ofIihT20xIVYb1TamGkZoY4Y0ubALVNESqpV3kQOEdE3WHWJ1xmxR1VEAYbzamqzsqs4oVgsk-QpzQse54XKCcFbkeZBb12Ma4tnmCdTGkMKPhRkx1rsqJWdjDhqNabKoad5m7TRqKRrBedPlIu7RWbW5YLkdUqFHEpm44K8mGKwsnxHOeOhueNmMGdTvCClIz9RYRkWFdRTTup7FykNJOt1W4UVnNS9QSE7Npk44t7cd605KaMZ31lo7txvCJi9JFohUiDIk8V309TlETFp2oIqxRNJDaykRveCkzPsGwHUKTdnKoiG1xPMmkjKzqK9UgZB1yw1TVE5URGlPStQUsu3SsRQb7sGP5Fn8SRz3LBY5zkzXabUkqOvWIWTaGY6emiPWR0syOxCSbJO3CMm4HPAy2RhL1UI-krJo87qaM1vv7Azc2RefBWXDqSgv_7BdnQYyixPejVew6fxDH8TpOIoQS6J92bjlMEojiFYSnqVVnrgRPXU2dwQUKgiTy0amRru4-nSerJIwTV8izr6Dbf3j_l08_JucH_szb_3rzW-3D_zo_2N_43r8fd78CN77K__9Gj89n-zo_cNcXnpATvXZ-WDna9wTw8e_fueEGv3FN6Qg86RNOYavxf_C0fLI9wecC2Yb3ydG2k34BAnDRAr-ErvRYB1vLDy4d0Dq6hnx_gJF_-Y9Xjl779bS3_fM3tt8FXT_4PXHPUOK5Zrp9zHaS7VN2gHfbcvfvyBPsZzcutD7F9D8=
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
sspmatch-js
ads.betweendigital.com/ Frame 3CCF 		882 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-js?randsalt=102667&p=43347&consent=
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
9e82ea633f25bdd3a5f4d9a076d0f03f5d6fb67419a14178a0222f8b6b642424

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
882
content-type
text/javascript
observerHB.js
cache.betweendigital.com/ Frame 3CCF 		56 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cache.betweendigital.com/observerHB.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.71.19 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx /
Resource Hash
f1c5564219bf188b434ac5e705dd1a2500ddd6aa9703da677ab51a7feb25fd5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:27 GMT
cache-control
public, max-age=900, immutable
last-modified
Thu, 07 Oct 2021 15:03:21 GMT
server
nginx
content-encoding
gzip
etag
W/"615f0c39-df26"
content-type
application/javascript
score.min.js
js.ad-score.com/ Frame 3CCF 		309 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/score.min.js?pid=1000787
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:ce00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
545b608766998096c6ae7b0954d6b7a13a1df1d95d9542bd07a2a01896c9f2fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sat, 30 Oct 2021 18:07:56 GMT
Content-Encoding
gzip
Age
83311
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Sat, 30 Oct 2021 18:07:56 GMT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Via
1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
X-Amz-Cf-Pop
FRA60-P2
Access-Control-Allow-Headers
Cache-Control
X-Amz-Cf-Id
g4yVK5R3CoZnbwLi16JPOC2MHpZvi1Fp20Tz1QXhQnwte6LndA6mPg==
Expires
Sun, 31 Oct 2021 18:07:56 GMT
02d0322124.mp4
cdn4.telesco.pe/file/ Frame EC3D 		47 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn4.telesco.pe/file/02d0322124.mp4?token=O5sqM_qUyoyz_K1vIBDj6WZjPm5l01y_Uom85zWQH2Lh55uFqHRyAnpyhNDaXT7lcjdwI_db5zcgdQOKJDGjfVaKa3TBrxA27H7656xsfnq4d5r7BXdfMg5L-dr9avjt1hhBg1gEkx0XuXuM7Nm7IcwozgItdvxXHyT3-J8XuLFacNhZthVen0wxXF5BCLE3h9WOsVBkhVN9Jl-sm_psf49JJfduE8vnY7DjOErV-eKvHIb1gRVMMnJLxxb1F1pIR1FQXkY_z3M-FLAzeEXcgZkYK7Xh2oyzm5I0LDsRCNp-YSe8-xfAOuvd8U-9Ra1krMdkeF24yOKBHScxSwUL5Q
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xn--r1a.website/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=0-

Response headers

Date
Sun, 31 Oct 2021 17:16:27 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Range
bytes 0-2822902/2822903
Connection
keep-alive
Content-Length
2822903
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 31 Oct 2021 17:16:27 GMT
Server
nginx/1.18.0
X-Frame-Options
DENY
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Content-Security-Policy
default-src 'none'; sandbox
Accept-Ranges
0-2822903
Expires
Tue, 30 Nov 2021 17:16:27 GMT
e9d308b2f1.mp4
cdn4.telesco.pe/file/ Frame EC3D 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn4.telesco.pe/file/e9d308b2f1.mp4?token=u4iwwcwHrs1QmPdwiKvEBEkuyjnLq1vt0JQ9u-2Ca15k365-eZDfdC2Ljg-iHBNihUlcsxCIYD-LY3EfZrYwwjwvi3URMD6Oqx7goN8wWVKkslIWKvEYboPmoMcfGT6TPIZVPXM582WMGXoT2sqM8_iTDgyDVlOnI42VmJ1hkC1Wq2rImFdh16AFm5ov71tePi0KGJfIoiyt-jJM6X4BtAZBPXJDf1C5Cd3XL5T6F076HtowcpIhWrbPpyE25xTUor7yowdYzaNmHufgFT0GIkoTdJ9Kl17H973TCxQHyKnk-0emqx1f3GIkllXMGC92NbS94_fmzr_4Sl-VbZSl7A
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xn--r1a.website/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=0-

Response headers

Date
Sun, 31 Oct 2021 17:16:27 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Range
bytes 0-8643893/8643894
Connection
keep-alive
Content-Length
8643894
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 31 Oct 2021 17:16:27 GMT
Server
nginx/1.18.0
X-Frame-Options
DENY
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Content-Security-Policy
default-src 'none'; sandbox
Accept-Ranges
0-8643894
Expires
Tue, 30 Nov 2021 17:16:27 GMT
60af655478.mp4
cdn4.telesco.pe/file/ Frame EC3D 		111 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn4.telesco.pe/file/60af655478.mp4?token=Y2w-O2XqO8So6ZcJngW-M4gE9XDkwrAf0j8PsntQTxXBxgVdvBSbm8PaiD9W0KdkKottbDx_q_AhhOC_LnOY8YdE_FPkWkNiMepx4_IAdzpT0NtofSOZcAfaAIWBkKrUXNqE9ZojK0-RgT-Az6XMk5EFk0FS0eefaqQ13AchKOK5XuJFOrPzH_9rObyt76_sQEvKxHpwgkDFxJg37nvLO0s5piQ2KkTeM012kBz0780Tpx-wUar_afDkgYX_c0EkTZv88jvX9Ivwq9cIYDPVqfk7dZFYg58moyLn08qGqa1bsHS0Z2XroevyEIzZoA2_AGhND1M0J0zOY6eWNEPajg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xn--r1a.website/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=0-

Response headers

Date
Sun, 31 Oct 2021 17:16:27 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Range
bytes 0-5935492/5935493
Connection
keep-alive
Content-Length
5935493
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 31 Oct 2021 17:16:27 GMT
Server
nginx/1.18.0
X-Frame-Options
DENY
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Content-Security-Policy
default-src 'none'; sandbox
Accept-Ranges
0-5935493
Expires
Tue, 30 Nov 2021 17:16:27 GMT
status
www.facebook.com/x/oauth/ Frame E1E9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Fthetruedefender.com&client_id=136494494209&input_token&origin=1&redirect_uri=https%3A%2F%2Fde.scribd.com%2Fembeds%2F535977673%2Fcontent&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=b4dbd6d606fe263617ff63ce1aaca5c3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://de.scribd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net facebook.com fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self' facebook.com fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com fbcdn.net fbsbx.com cdninstagram.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com facebook.com fbcdn.net fbsbx.com cdninstagram.com *.cdninstagram.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: facebook.com fbcdn.net fbsbx.com cdninstagram.com;frame-src *.facebook.com *.fbsbx.com data: *.fbcdn.net facebook.com fbcdn.net fbsbx.com cdninstagram.com *.cdninstagram.com;worker-src blob: *.facebook.com data: facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
AdmCv6i+s3PTyrxKV5V/Y8rr1AN+Z3uoLcGIcXLQMlnO0r7tb5rkXuCHkorlN/ag+9Zg67i2cXzYOeyKU4A0HQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
date
Sun, 31 Oct 2021 17:16:27 GMT
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://de.scribd.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
lounge.0646e37a1d5797cdbecb18f0498b116a.css
c.disquscdn.com/next/embed/styles/ Frame A3A9 		163 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.0646e37a1d5797cdbecb18f0498b116a.css
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:2600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2592b4e46e8af0af3a6d226a426ab1eeff99edd04bc7d064317f0c01717df7fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34320%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34320&t_u=https%3A%2F%2Fthetruedefender.com%2Fbreaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified%2F&t_e=BREAKING%20NEWS%3A%20Mesa%20Country%2C%20Colorado%202020%20Election%20Reviewed!%20They%20Found%20Thousands%20Of%20Ballots%20Contaminated!%202020%20Election%20Must%20Be%20Decertified!&t_d=BREAKING%20NEWS%3A%20Mesa%20Country%2C%20Colorado%202020%20Election%20Reviewed!%20They%20Found%20Thousands%20Of%20Ballots%20Contaminated!%202020%20Election%20Must%20Be%20Decertified!&t_t=BREAKING%20NEWS%3A%20Mesa%20Country%2C%20Colorado%202020%20Election%20Reviewed!%20They%20Found%20Thousands%20Of%20Ballots%20Contaminated!%202020%20Election%20Must%20Be%20Decertified!&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 18:30:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
341147
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
25963
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 27 Oct 2021 17:58:29 GMT
server
nginx
etag
"61799345-656b"
content-type
text/css; charset=utf-8
via
1.1 a49c26e403f2dac09629dceb6dac5741.cloudfront.net (CloudFront)
expires
Thu, 27 Oct 2022 18:30:40 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA60-P1
timing-allow-origin
*
x-amz-cf-id
tE8ETZqE0o0Ci9m4GKkds2EzTZ29zea7clzoLj0aLXob2aKGDuSCIw==
x-cache-hits
0
dc.js
stats.g.doubleclick.net/ Frame 107D 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13997836195017830?pubid=ld-5318-880&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 Oct 2021 23:24:02 GMT
server
Golfe2
age
4173
date
Sun, 31 Oct 2021 16:06:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Sun, 31 Oct 2021 18:06:54 GMT
lounge.bundle.9cfe6ad219e0358b590e898d09d5f231.js
c.disquscdn.com/next/embed/ Frame A3A9 		468 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.9cfe6ad219e0358b590e898d09d5f231.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:2600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e856293f0bfd6bee2a808701afc266d9b70995c66fed88a78583a304c1a67a2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34320%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34320&t_u=https%3A%2F%2Fthetruedefender.com%2Fbreaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified%2F&t_e=BREAKING%20NEWS%3A%20Mesa%20Country%2C%20Colorado%202020%20Election%20Reviewed!%20They%20Found%20Thousands%20Of%20Ballots%20Contaminated!%202020%20Election%20Must%20Be%20Decertified!&t_d=BREAKING%20NEWS%3A%20Mesa%20Country%2C%20Colorado%202020%20Election%20Reviewed!%20They%20Found%20Thousands%20Of%20Ballots%20Contaminated!%202020%20Election%20Must%20Be%20Decertified!&t_t=BREAKING%20NEWS%3A%20Mesa%20Country%2C%20Colorado%202020%20Election%20Reviewed!%20They%20Found%20Thousands%20Of%20Ballots%20Contaminated!%202020%20Election%20Must%20Be%20Decertified!&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 18:30:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
341147
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
120652
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 27 Oct 2021 17:58:28 GMT
server
nginx
etag
"61799344-1d74c"
content-type
application/javascript; charset=utf-8
via
1.1 a49c26e403f2dac09629dceb6dac5741.cloudfront.net (CloudFront)
expires
Thu, 27 Oct 2022 18:30:40 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA60-P1
timing-allow-origin
*
x-amz-cf-id
X-Hh2RQtSLoUm5OJqvleJ4YJr8p0TPIQUG8rcEKipgBNg-FPl3Edvg==
x-cache-hits
0
config.js
disqus.com/next/ Frame A3A9 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bf7cf40cac4303c84fe1f2023fd8905b9b6e91fc6d37d1b50d12acd3e418ad5d
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34320%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34320&t_u=https%3A%2F%2Fthetruedefender.com%2Fbreaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified%2F&t_e=BREAKING%20NEWS%3A%20Mesa%20Country%2C%20Colorado%202020%20Election%20Reviewed!%20They%20Found%20Thousands%20Of%20Ballots%20Contaminated!%202020%20Election%20Must%20Be%20Decertified!&t_d=BREAKING%20NEWS%3A%20Mesa%20Country%2C%20Colorado%202020%20Election%20Reviewed!%20They%20Found%20Thousands%20Of%20Ballots%20Contaminated!%202020%20Election%20Must%20Be%20Decertified!&t_t=BREAKING%20NEWS%3A%20Mesa%20Country%2C%20Colorado%202020%20Election%20Reviewed!%20They%20Found%20Thousands%20Of%20Ballots%20Contaminated!%202020%20Election%20Must%20Be%20Decertified!&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 17:16:27 GMT
X-Content-Type-Options
nosniff
Content-Type
application/javascript; charset=UTF-8
Server
nginx
Age
5
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
13582
X-XSS-Protection
1; mode=block
dc.js
stats.g.doubleclick.net/ Frame 2863 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/14009642120598886?pubid=ld-7836-312&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 Oct 2021 23:24:02 GMT
server
Golfe2
age
4173
date
Sun, 31 Oct 2021 16:06:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Sun, 31 Oct 2021 18:06:54 GMT
dc.js
stats.g.doubleclick.net/ Frame 46D0 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/14447308783736934?pubid=ld-14447308783736934&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=1560
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 Oct 2021 23:24:02 GMT
server
Golfe2
age
4173
date
Sun, 31 Oct 2021 16:06:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Sun, 31 Oct 2021 18:06:54 GMT
e9d308b2f1.mp4
cdn4.telesco.pe/file/ Frame EC3D 		249 KB
250 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn4.telesco.pe/file/e9d308b2f1.mp4?token=u4iwwcwHrs1QmPdwiKvEBEkuyjnLq1vt0JQ9u-2Ca15k365-eZDfdC2Ljg-iHBNihUlcsxCIYD-LY3EfZrYwwjwvi3URMD6Oqx7goN8wWVKkslIWKvEYboPmoMcfGT6TPIZVPXM582WMGXoT2sqM8_iTDgyDVlOnI42VmJ1hkC1Wq2rImFdh16AFm5ov71tePi0KGJfIoiyt-jJM6X4BtAZBPXJDf1C5Cd3XL5T6F076HtowcpIhWrbPpyE25xTUor7yowdYzaNmHufgFT0GIkoTdJ9Kl17H973TCxQHyKnk-0emqx1f3GIkllXMGC92NbS94_fmzr_4Sl-VbZSl7A
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
3d1480c2cec9d0db461f8d47c04578870d8dfb499156f44df17d5ece6a9bb771
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xn--r1a.website/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=8388608-

Response headers

Date
Sun, 31 Oct 2021 17:16:27 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Range
bytes 8388608-8643893/8643894
Connection
keep-alive
Content-Length
255286
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 31 Oct 2021 17:16:27 GMT
Server
nginx/1.18.0
X-Frame-Options
DENY
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Content-Security-Policy
default-src 'none'; sandbox
Accept-Ranges
0-8643894
Expires
Tue, 30 Nov 2021 17:16:27 GMT
bidder_18.html
cache.betweendigital.com/code/ Frame 605F 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cache.betweendigital.com/code/bidder_18.html?USER_ID=4d6f224f-4400-5330-9268-7736f316b85d&CACHEBUSTER=285296
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-js?randsalt=102667&p=43347&consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.71.19 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx /
Resource Hash
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

server
nginx
date
Sun, 31 Oct 2021 17:16:27 GMT
content-type
text/html
last-modified
Tue, 08 Jun 2021 15:45:03 GMT
etag
W/"60bf907f-ee9"
content-encoding
gzip
match
ads.betweendigital.com/ Frame 3CCF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://x.bidswitch.net/ul_cb/sync?ssp=between
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=b2f4a99e-30f3-4bee-9f25-941ddf052f7f
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=b2f4a99e-30f3-4bee-9f25-941ddf052f7f
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=0c50b2c8-bfb8-4394-b4a6-ef0c8cce0388&user_group=1&ssp=between&bsw_param=b2f4a99e-30f3-4bee-9f25-941ddf052f7f
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b2f4a99e-30f3-4bee-9f25-941ddf052f7f
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b2f4a99e-30f3-4bee-9f25-941ddf052f7f
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=b2f4a99e-30f3-4bee-9f25-941ddf052f7f
Date
Sun, 31 Oct 2021 17:16:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
match
ads.betweendigital.com/ Frame 3CCF
Redirect Chain
  • https://px.adhigh.net/p/cm/btw
  • https://px.adhigh.net/p/cm/btw?bounced=1
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=u6CIhlQkKavG.AikABlF811o8Iw
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=u6CIhlQkKavG.AikABlF811o8Iw
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 31 Oct 2021 17:16:28 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f10-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=u6CIhlQkKavG.AikABlF811o8Iw
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
match
ads.betweendigital.com/ Frame 3CCF
Redirect Chain
  • https://sync.bumlam.com/?src=bw1&uid=4d6f224f-4400-5330-9268-7736f316b85d
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjrnvuLBlIFvp7KygpiJDRkNmYyMjRmLTQ0MDAtNTMzMC05MjY4LTc3MzZmMzE2Yjg1ZA**
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjrnvuLBlIFvp7KygpiJDRkNmYyMjRmLTQ0MDAtNTMzMC05MjY4LTc3MzZmMzE2Yjg1ZKIBEEhRSB46bhHspukAJZDIJDc*
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQABjrnvuLBmIkNGQ2ZjIyNGYtNDQwMC01MzMwLTkyNjgtNzczNmYzMTZiODVkogEQSFFIHjpuEeym6QAlkMgkNw**
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQARjrnvuLBmIkNGQ2ZjIyNGYtNDQwMC01MzMwLTkyNjgtNzczNmYzMTZiODVkogEQSFFIHjpuEeym6QAlkMgkNw**
  • https://ads.betweendigital.com/match?bidder_id=18&external_user_id=4851481e-3a6e-11ec-a6e9-002590c82437
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=4851481e-3a6e-11ec-a6e9-002590c82437
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Date
Sun, 31 Oct 2021 17:16:28 GMT
Server
nginx
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=4851481e-3a6e-11ec-a6e9-002590c82437
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
match
ads.betweendigital.com/ Frame 3CCF
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true
  • https://ads.betweendigital.com/match?bidder_id=114&external_user_id=f33dc8278e5dc37df697c81e
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=f33dc8278e5dc37df697c81e
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Date
Sun, 31 Oct 2021 17:16:27 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=f33dc8278e5dc37df697c81e
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
60af655478.mp4
cdn4.telesco.pe/file/ Frame EC3D 		68 KB
69 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn4.telesco.pe/file/60af655478.mp4?token=Y2w-O2XqO8So6ZcJngW-M4gE9XDkwrAf0j8PsntQTxXBxgVdvBSbm8PaiD9W0KdkKottbDx_q_AhhOC_LnOY8YdE_FPkWkNiMepx4_IAdzpT0NtofSOZcAfaAIWBkKrUXNqE9ZojK0-RgT-Az6XMk5EFk0FS0eefaqQ13AchKOK5XuJFOrPzH_9rObyt76_sQEvKxHpwgkDFxJg37nvLO0s5piQ2KkTeM012kBz0780Tpx-wUar_afDkgYX_c0EkTZv88jvX9Ivwq9cIYDPVqfk7dZFYg58moyLn08qGqa1bsHS0Z2XroevyEIzZoA2_AGhND1M0J0zOY6eWNEPajg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2349ed37ef59d58fb45f4e4997bf39b1ddfebc076de09c92625548bd525c9ed3
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xn--r1a.website/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=5865472-

Response headers

Date
Sun, 31 Oct 2021 17:16:27 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Range
bytes 5865472-5935492/5935493
Connection
keep-alive
Content-Length
70021
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 31 Oct 2021 17:16:27 GMT
Server
nginx/1.18.0
X-Frame-Options
DENY
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Content-Security-Policy
default-src 'none'; sandbox
Accept-Ranges
0-5935493
Expires
Tue, 30 Nov 2021 17:16:27 GMT
02d0322124.mp4
cdn4.telesco.pe/file/ Frame EC3D 		69 KB
69 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn4.telesco.pe/file/02d0322124.mp4?token=O5sqM_qUyoyz_K1vIBDj6WZjPm5l01y_Uom85zWQH2Lh55uFqHRyAnpyhNDaXT7lcjdwI_db5zcgdQOKJDGjfVaKa3TBrxA27H7656xsfnq4d5r7BXdfMg5L-dr9avjt1hhBg1gEkx0XuXuM7Nm7IcwozgItdvxXHyT3-J8XuLFacNhZthVen0wxXF5BCLE3h9WOsVBkhVN9Jl-sm_psf49JJfduE8vnY7DjOErV-eKvHIb1gRVMMnJLxxb1F1pIR1FQXkY_z3M-FLAzeEXcgZkYK7Xh2oyzm5I0LDsRCNp-YSe8-xfAOuvd8U-9Ra1krMdkeF24yOKBHScxSwUL5Q
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
58e72f07fdab7cafa4c5a22801bf0151fc7f8f6023e7ce8846cce5a4f66407cd
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xn--r1a.website/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=2752512-

Response headers

Date
Sun, 31 Oct 2021 17:16:27 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Range
bytes 2752512-2822902/2822903
Connection
keep-alive
Content-Length
70391
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 31 Oct 2021 17:16:27 GMT
Server
nginx/1.18.0
X-Frame-Options
DENY
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Content-Security-Policy
default-src 'none'; sandbox
Accept-Ranges
0-2822903
Expires
Tue, 30 Nov 2021 17:16:27 GMT
usync.html
eus.rubiconproject.com/ Frame A4AF
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 31 Oct 2021 17:16:27 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Date
Sun, 31 Oct 2021 17:16:27 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
sas-banner-1.2.js
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame E4DF 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
62ebdd655eb7d82324ded1127e184b1f4a65132a2b4f5ba0e113d3b65cc47b61

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 17:16:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Oct 2021 08:07:40 GMT
Server
AkamaiNetStorage
ETag
"0d7189fa1121540662ae60c7b7896c2f:1634717897.994352"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10406
details
disqus.com/api/3.0/forums/ Frame A3A9 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus.com/api/3.0/forums/details?forum=thetruedefender-com&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2414cfaa22a8bfa4294324bc0e1e9e9fb193a6f310149502eebf0151c81d1c5c
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34320%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34320&t_u=https%3A%2F%2Fthetruedefender.com%2Fbreaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified%2F&t_e=BREAKING%20NEWS%3A%20Mesa%20Country%2C%20Colorado%202020%20Election%20Reviewed!%20They%20Found%20Thousands%20Of%20Ballots%20Contaminated!%202020%20Election%20Must%20Be%20Decertified!&t_d=BREAKING%20NEWS%3A%20Mesa%20Country%2C%20Colorado%202020%20Election%20Reviewed!%20They%20Found%20Thousands%20Of%20Ballots%20Contaminated!%202020%20Election%20Must%20Be%20Decertified!&t_t=BREAKING%20NEWS%3A%20Mesa%20Country%2C%20Colorado%202020%20Election%20Reviewed!%20They%20Found%20Thousands%20Of%20Ballots%20Contaminated!%202020%20Election%20Must%20Be%20Decertified!&s_o=default
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 17:16:27 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
0
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/json
Vary
Origin, Cookie
Content-Length
3392
X-XSS-Protection
1; mode=block
02d0322124.mp4
cdn4.telesco.pe/file/ Frame EC3D 		128 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn4.telesco.pe/file/02d0322124.mp4?token=O5sqM_qUyoyz_K1vIBDj6WZjPm5l01y_Uom85zWQH2Lh55uFqHRyAnpyhNDaXT7lcjdwI_db5zcgdQOKJDGjfVaKa3TBrxA27H7656xsfnq4d5r7BXdfMg5L-dr9avjt1hhBg1gEkx0XuXuM7Nm7IcwozgItdvxXHyT3-J8XuLFacNhZthVen0wxXF5BCLE3h9WOsVBkhVN9Jl-sm_psf49JJfduE8vnY7DjOErV-eKvHIb1gRVMMnJLxxb1F1pIR1FQXkY_z3M-FLAzeEXcgZkYK7Xh2oyzm5I0LDsRCNp-YSe8-xfAOuvd8U-9Ra1krMdkeF24yOKBHScxSwUL5Q
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xn--r1a.website/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=32768-

Response headers

Date
Sun, 31 Oct 2021 17:16:27 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Range
bytes 32768-2822902/2822903
Connection
keep-alive
Content-Length
2790135
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 31 Oct 2021 17:16:27 GMT
Server
nginx/1.18.0
X-Frame-Options
DENY
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Content-Security-Policy
default-src 'none'; sandbox
Accept-Ranges
0-2822903
Expires
Tue, 30 Nov 2021 17:16:27 GMT
/
xn--r1a.website/v/ Frame EC3D 		4 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://xn--r1a.website/v/
Requested by
Host: tlgr.org
URL: https://tlgr.org/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
Security Headers
Name Value
Strict-Transport-Security max-age=35768000

Request headers

Accept
*/*
Referer
https://xn--r1a.website/s/TheTrueDefender
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:27 GMT
Content-Encoding
gzip
Server
nginx
Strict-Transport-Security
max-age=35768000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-control
no-store
Transfer-Encoding
chunked
Connection
keep-alive
fltiukqt.js
pixel.yabidos.com/ Frame 3CCF
Redirect Chain
  • https://pixel.yabidos.com/fltiu.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=thetruedefender.com&x=&nci=&adtg=HB&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
  • https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=thetruedefender.com&x=&nci=&adtg=HB&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=thetruedefender.com&x=&nci=&adtg=HB&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
104.16.201.58 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c70e3c0db90a8461e326b4ef6759e9250f3acb722bfb2db60302d284ca13a7f6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:28 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 20 Oct 2021 21:57:07 GMT
server
cloudflare
age
3366
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6a6e88032d675c2c-FRA
content-length
1601
expires
Sun, 31 Oct 2021 19:16:28 GMT

Redirect headers

date
Sun, 31 Oct 2021 17:16:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
location
https://pixel.yabidos.com/fltiukqt.js?qid=53532313f523632313f5436393&cid=964&p=BX&s=thetruedefender.com&x=&nci=&adtg=HB&nai=&si=&pn=&h=&w=&bp=&pp=&ci=&ip=&ai=&di=&mm=&os=&ua=&lat=&lon=
cache-control
max-age=3600
cf-ray
6a6e8800bdf25c2c-FRA
expires
Sun, 31 Oct 2021 18:16:27 GMT
71690777
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/ Frame 3CCF
Redirect Chain
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/71690777
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/71690777
43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/71690777
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software
ms-counter-3.2.14/1.20.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 17:16:28 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-3.2.14/1.20.1
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma
no-cache
date
Sun, 31 Oct 2021 17:16:27 GMT
server
ms-counter-3.2.14/1.20.1
strict-transport-security
max-age=2678400
content-type
image/gif
location
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-test/71690777
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
61361106
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 3CCF
Redirect Chain
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/61361106
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/61361106
43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/61361106
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software
ms-counter-3.2.14/1.20.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 17:16:28 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-3.2.14/1.20.1
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma
no-cache
date
Sun, 31 Oct 2021 17:16:27 GMT
server
ms-counter-3.2.14/1.20.1
strict-transport-security
max-age=2678400
content-type
image/gif
location
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/61361106
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
js
ads.betweendigital.com/ Frame 3CCF 		68 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/js?en=anNfcnVu&context=AAAAAF8tgsFhdgACdwAtAs1TzWsTQRTPvoYSQqhSCoJ4WDxIC85mJrO7yVokbdpqpY2WGulFKLPZSTPNfoTdjWkLQq9evAr-B-LNu_9BQbyoeBBED6KXHqonKc7mo1Wrvepjdt_M2997-97vzYNFo24Uig3dRtQxKNIbVEcWwUVEdcuSFqdEGAXy6vm3R7l3n15-fbyeuSd4N5WCPWjGcTu6ks_HTR6HHe7wBvcdHmr1wMvbIWct4W8gn3cj5PGIoXrQ8eNwW2o3CJkToAIuYMRdXo9F4KOQJ4G5g2S4bdSQ4GQbdCLmOxEKGshmrhvEkfT3Y-YJn8US_GsMrxPFyObI4XUexqIhuJOH0ml5wnmLaMSyNEJKWpHCR6Ua7AjXZXlDw-rkmvCdoBupN2sqwRqeVqXB1KfVLVOfUmfbbZevcXtJxHmDFjVqqpNLi7Xq8mXVFS2uXuf1VjClzjXDwON5SwbUdJOWNENXb7MGC8XAC7I6pXpxqHImMQm1YEzHho4LBN6k4WAEUnAWQL5TcOkPhUjzuGRwPWqykCeg7I3ZCikMVEoKJM_EoKB1giFrYkoopOcX4OK1kPmtRieMVeapVSZ8SC8uQKagYQxph8PYwA-AQPaW_H84VBmCaUlG1ldrFQlS8-oSc2SQLrfVlZB7ouPB-GZXRG5Qb4l-InChtrJsrc_OG6RAsV46cc7pRtEs6TA6t1KFCUd22teSi5QUAXeH_WROpNk87nLJgtgQMXN7LWXOZhT45fhqO-S2cOTvcn4QesyVu73XAG8_fB7pZZGSfCqg9JjpnXsr1-8XpC2jZ-997dP3N5l_-uX-uX27fArkH8h--eekf89fnnfLQ7MyqBO-P3k_IzcPK5BS4Kh2CUgQ_8GoHCqpE4kk6R0qo6t3KicogH5b_yLKwciQKWWMYrxVMPDos4yy-2Bn4PfiTLL6Mj6MmZMjVUTyciSD2bMkY6kc8zqciWPSZ_qoIz5_AA==&tld=dGhldHJ1ZWRlZmVuZGVyLmNvbQ==
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
cors
data.ad-score.com/data/ Frame 3CCF 		50 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=EETPJRqfhlZizPuNtOKbmFsYifHrnuLa-FE7fPshldVrrKD4R03nPEEjF-E0zCOctmbFDlMA==&pm_ct=6fa0a3c56853244dba77fb7c&pm_pl=1635700587616&pm_td=6&pid=1000787&en=1.1&callback=__pm_glbl_DPDPMBY5aqTgnQIc7pieFQIq._gc1&v=e6b1558
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000787
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
c13f4343057b1604680dbed0d79ec51562e07af6bc7ab2c4945acaed38806baf

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:28 GMT
Age
0
Access-Control-Allow-Methods
POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://thetruedefender.com
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
50
x.html
js.ad-score.com/ Frame 9E15 		16 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/x.html?pid=1000787
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000787
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:ce00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
995336a0cc4fea8844aa379cc2df08a6c4b0604f0e3e72d9296f4edcae4259b0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Content-Encoding
gzip
Last-Modified
Sat, 30 Oct 2021 12:45:22 GMT
Date
Sat, 30 Oct 2021 18:07:56 GMT
X-Cache
Hit from cloudfront
Via
1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
X-Amz-Cf-Id
MvUPsIa04t2SjroVe64VzWp6aW67suB8xeW4lmoDj3T1zdE5bR6oTQ==
Age
83311
truncated
/ Frame 0DC8 		266 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3CCF 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
event.js
referrer.disqus.com/juggler/ Frame A3A9 		40 B
278 B 		Script
General
Check archive.org
Download Go to
Full URL
https://referrer.disqus.com/juggler/event.js?experiment=default&variant=control&page_referrer=https%3A%2F%2Fthetruedefender.com%2F&product=embed&thread=8853441186&thread_id=8853441186&forum=thetruedefender-com&forum_id=7253923&zone=thread&verb=load&object_type=section&object_id=email_subscriptions&section=email_subscriptions&extra_data=%7B%22user_verified%22%3Afalse%2C%22email_subscription_prompt%22%3A%7B%22title%22%3A%22Like+this+article%3F%22%2C%22description_copy%22%3A%22Subscribe+to+thetruedefender.com+to+receive+daily+updates+of+the+latest+articles+delivered+straight+to+your+inbox.%22%2C%22confirmation_copy%22%3A%22Thanks+for+subscribing+to+email+updates+from+thetruedefender.com!+If+you%27d+like+to+unsubscribe%2C+there+will+be+a+link+in+emails+you+receive+from+thetruedefender.com.%22%7D%7D&event=activity&imp=58en9ua1cupa86&area=n%2Fa
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f5627ea74eac809576ae16667ed7522b8dff46df48c38d9452dbe2eb208d2eef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34320%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34320&t_u=https%3A%2F%2Fthetruedefender.com%2Fbreaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified%2F&t_e=BREAKING%20NEWS%3A%20Mesa%20Country%2C%20Colorado%202020%20Election%20Reviewed!%20They%20Found%20Thousands%20Of%20Ballots%20Contaminated!%202020%20Election%20Must%20Be%20Decertified!&t_d=BREAKING%20NEWS%3A%20Mesa%20Country%2C%20Colorado%202020%20Election%20Reviewed!%20They%20Found%20Thousands%20Of%20Ballots%20Contaminated!%202020%20Election%20Must%20Be%20Decertified!&t_t=BREAKING%20NEWS%3A%20Mesa%20Country%2C%20Colorado%202020%20Election%20Reviewed!%20They%20Found%20Thousands%20Of%20Ballots%20Contaminated!%202020%20Election%20Must%20Be%20Decertified!&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 17:16:28 GMT
X-Content-Type-Options
nosniff
Server
nginx
Connection
keep-alive
X-XSS-Protection
1; mode=block
transfer-encoding
chunked
Content-Type
application/javascript
noavatar92.png
a.disquscdn.com/1635434082/images/ Frame A3A9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.disquscdn.com/1635434082/images/noavatar92.png
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.198.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34320%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34320&t_u=https%3A%2F%2Fthetruedefender.com%2Fbreaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified%2F&t_e=BREAKING%20NEWS%3A%20Mesa%20Country%2C%20Colorado%202020%20Election%20Reviewed!%20They%20Found%20Thousands%20Of%20Ballots%20Contaminated!%202020%20Election%20Must%20Be%20Decertified!&t_d=BREAKING%20NEWS%3A%20Mesa%20Country%2C%20Colorado%202020%20Election%20Reviewed!%20They%20Found%20Thousands%20Of%20Ballots%20Contaminated!%202020%20Election%20Must%20Be%20Decertified!&t_t=BREAKING%20NEWS%3A%20Mesa%20Country%2C%20Colorado%202020%20Election%20Reviewed!%20They%20Found%20Thousands%20Of%20Ballots%20Contaminated!%202020%20Election%20Must%20Be%20Decertified!&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:28 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Feb 2021 20:50:09 GMT
server
nginx
age
249978
etag
"60395f01-66c"
strict-transport-security
max-age=300; includeSubdomains
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=2592000
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA50-C1
content-length
1644
x-amz-cf-id
XnQ4fHsqslmdpfe0AthWY6em3uVASCbEoK3aSIMJE-zmNn4VHWjq4w==
expires
Sat, 27 Nov 2021 19:50:10 GMT
truncated
/ Frame A3A9 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/gif
de142f0a-e7f6-488f-b323-c2592dded475
https://thetruedefender.com/ Frame 3CCF 		720 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://thetruedefender.com/de142f0a-e7f6-488f-b323-c2592dded475
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length
720
Content-Type
application/javascript
cors
data.ad-score.com/data/ Frame 3CCF 		1 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=EETPJRqfhlZizPuNtOKbmFsYifHrnuLa-FE7fPshldVrrKD4R03nPEEjF-E0zCOctmbFDlMA==&pm_ct=6fa0a3c56853244dba77fb7c&pm_pl=1635700587616&pm_td=433&pid=1000787&en=1.1&callback=__pm_glbl_DPDPMBY5aqTgnQIc7pieFQIq._gc2&v=e6b1558
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000787
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://thetruedefender.com
Date
Sun, 31 Oct 2021 17:16:28 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
truncated
/ Frame 3CCF 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/gif
publishertag.prebid.113.js
static.criteo.net/js/ld/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.113.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:28 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 12:50:31 GMT
server
nginx
etag
W/"6138b197-1532d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 01 Nov 2021 17:16:28 GMT
svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame A3A9 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.0646e37a1d5797cdbecb18f0498b116a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:2600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.0646e37a1d5797cdbecb18f0498b116a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 14:37:41 GMT
via
1.1 a49c26e403f2dac09629dceb6dac5741.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
16079927
x-cache
Hit from cloudfront
content-length
13079
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Tue, 27 Apr 2021 21:01:56 GMT
server
nginx
etag
"60887bc4-3317"
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
expires
Thu, 28 Apr 2022 14:37:41 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
JZoR0wUzQxyH_Vxwsz-3rRpTfUaoP9bNygxo_ovhCn8RGiZBmEnJGA==
x-cache-hits
0
loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame A3A9 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.0646e37a1d5797cdbecb18f0498b116a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:2600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.0646e37a1d5797cdbecb18f0498b116a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 04:58:07 GMT
via
1.1 a49c26e403f2dac09629dceb6dac5741.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
23372301
x-cache
Hit from cloudfront
content-length
2971
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Wed, 27 Jan 2021 17:23:07 GMT
server
nginx
etag
"6011a17b-b9b"
content-type
image/gif
access-control-allow-origin
*
expires
Thu, 03 Feb 2022 04:58:07 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
XUcVpG2QUzjqo29XdFULj2MhVck9lvwARRLGHx2gJxL1oWloqNne5w==
x-cache-hits
0
sprite.ad630a07080a45451f139a7487853ff8.png
c.disquscdn.com/next/embed/assets/img/ Frame A3A9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.0646e37a1d5797cdbecb18f0498b116a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:2600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.0646e37a1d5797cdbecb18f0498b116a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:47:48 GMT
via
1.1 a49c26e403f2dac09629dceb6dac5741.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
3360520
x-cache
Hit from cloudfront
content-length
1763
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Wed, 22 Sep 2021 19:30:27 GMT
server
nginx
etag
"614b8453-6e3"
content-type
image/png
access-control-allow-origin
*
expires
Thu, 22 Sep 2022 19:47:48 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
3Z6rof4yKfH0-YnF4SCb9-vYXobYVwOllJjmkDuKZbUJibS1AUBgmw==
x-cache-hits
0
icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame A3A9 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.0646e37a1d5797cdbecb18f0498b116a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:2600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c.disquscdn.com/next/embed/styles/lounge.0646e37a1d5797cdbecb18f0498b116a.css
Origin
https://disqus.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 19:36:59 GMT
via
1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
9581969
x-cache
Hit from cloudfront
content-length
7900
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Thu, 08 Jul 2021 22:07:43 GMT
server
nginx
etag
"60e7772f-1edc"
content-type
application/octet-stream
access-control-allow-origin
*
expires
Tue, 12 Jul 2022 19:36:59 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
gAf0EMYxL8JNAbgcEFQWtgujNMYxEaOHB9Froz659gVzo9oP1t4Fpw==
x-cache-hits
0
st.min.html
apps.sascdn.com/rtb/transparency/handler/ Frame C1A7 		531 B
811 B 		Document
General
Check archive.org
Download Go to
Full URL
https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22460881734149018315%22%2c%22adomain%22%3a%22videoslots.com%22%2c%22page%22%3a%221366485%22%2c%22format%22%3a%2289189%22%2c%22crid%22%3a%2244760290%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%222502%22%2c%22cid%22%3a%221675546%22%2c%22adid%22%3a%2244760290%22%2c%22hash%22%3a%22915631889033589873%22%7d
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Accept-Ranges
bytes
Content-Type
text/html
ETag
"cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Last-Modified
Thu, 18 Feb 2021 14:12:04 GMT
Server
AkamaiNetStorage
Content-Length
531
Date
Sun, 31 Oct 2021 17:16:28 GMT
Connection
keep-alive
/
track.adform.net/adfscript/ Frame F4C4 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=44760290;rtbwp=05OadWY7OG16CTmI1CBxS4KAho2d0JhcnMXRfg;rtbdata=Kjn_Dmzoips0_mwX9F7jWf9rJSN-Pjk4sPiOcvtqZVDXj-fEYzgmm_3EdzY6iRaxKGIsPpfsgVtABzAewheSpaQxuFGxZylsvmTE0o7CowCFIQIbZK0Q-rZawB6gw7oVOY1r1Qs5JMADhZoZs_0HUQOCjXJ4pkxAJEv0DZKJVqrhf-E7Svz7ULNA_8xAwVYKHIjw9p8qfGowKvLjvM_hhvl0IVPlGatpg8id5EPEn4Toc0RYJZwOkfWeUiXw_IdwV4cNgfjq2cmrZnv5W_Evql6TJEUvcBlScM-vyPUvk-qvs-xl4YTkom-3qCV-0BPU3o9HQ5S6PkaTGJWq5R7Vfec1WZEscE_SejuXK1CiyBvZSFDRdLfbVG0n9ACSdag9J66wd7eqnNJXhND6bicRKxUCzFW9muloOycMMnD-fYXiEZLnu-L3zIUuRASEZw1nuBYaO0OyCybE4_sQZGQgqA2
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
929c52d2638faf880134aa864029253d4d804e8a236ece998375f05e9a2f8bfa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 17:16:28 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
1076
expires
-1
aip
itx4.smartadserver.com/h/ Frame F4C4 		43 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://itx4.smartadserver.com/h/aip?uii=460881734149025033&tmstp=3749345472&ckid=4317186085487062099&pubid=1&systgt=%24qc%3d1313506140%3b%24ql%3dUnknown%3b%24qpc%3d76726%3b%24qt%3d25_1767_24818t%3b%24dma%3d0%3b%24b%3d16950%3b%24o%3d11100%3b%24wpc%3d8%3b%24wpc%3d163%3b%24wpc%3d1335%3b%24wpc%3d1336%3b%24wpc%3d1338%3b%24wpc%3d1339%3b%24wpc%3d1340%3b%24wpc%3d1342%3b%24wpc%3d1343%3b%24wpc%3d1344%3b%24wpc%3d1345%3b%24wpc%3d1263&acd=1635700587172&envtype=0&opid=91dab222-5654-4776-8665-fcba1f205ee4&opdt=1635700587171&siteid=402008&tgt=%24dt%3d1t%3b%24hc&gdpr=0&visit=S&statid=3&imptype=0&pgDomain=https%3a%2f%2fthetruedefender.com%2fbreaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified%2f&cappid=4317186085487062099&capp=1&mcrdbt=1&insid=10104881&imgid=0&pgid=1366485&fmtid=89189&isLazy=0&rtb=1&rtbnid=2079&rtbbid=460881734149018315&rtbh=c1800d15a402b296e306a2553653de87744a692d&rtblt=637712973871773308&rtbet=0&rtbptnid=22&cftgid=aafb3c66a3c9
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 17:16:28 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
c.disquscdn.com/next/embed/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Requested by
Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:2600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 05 May 2021 15:25:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15472258
x-cache
Hit from cloudfront
content-length
26578
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-67d2"
content-type
application/javascript; charset=utf-8
via
1.1 a49c26e403f2dac09629dceb6dac5741.cloudfront.net (CloudFront)
expires
Thu, 05 May 2022 15:25:30 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA60-P1
timing-allow-origin
*
x-amz-cf-id
icQzB2VomtduuYJKeQp20P-QWC68wGsXIyR_cxEoDE18D2D_84rLcw==
x-cache-hits
0
usync.js
eus.rubiconproject.com/ Frame A4AF 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3a97df53baadc7f20a3ccd6bb9c6b5fab12ce7efaab6ca0987be6c62489b2dc2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 17:16:28 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Oct 2021 15:57:03 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=66411
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9399
Expires
Mon, 01 Nov 2021 11:43:19 GMT
cors
data.ad-score.com/data/ Frame 3CCF 		1 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=EETPJRqfhlZizPuNtOKbmFsYifHrnuLa-FE7fPshldVrrKD4R03nPEEjF-E0zCOctmbFDlMA==&pm_ct=6fa0a3c56853244dba77fb7c&pm_pl=1635700587616&pm_td=543&pid=1000787&en=1.1&callback=__pm_glbl_DPDPMBY5aqTgnQIc7pieFQIq._gc3&v=e6b1558
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000787
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://thetruedefender.com
Date
Sun, 31 Oct 2021 17:16:28 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
event.gif
referrer.disqus.com/juggler/ Frame A3A9 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&integration=wordpress%203.0.22&load_time=654&event=init_embed&thread=8853441186&forum=thetruedefender-com&forum_id=7253923&imp=58en9ua1cupa86&thread_slug=breaking_news_mesa_country_colorado_2020_election_reviewed_they_found_thousands_of_ballots_contamina&user_type=anon&referrer=https%3A%2F%2Fthetruedefender.com%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default&variant=fallthrough&service=dynamic&promoted_enabled=true&max_enabled=true
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34320%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34320&t_u=https%3A%2F%2Fthetruedefender.com%2Fbreaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified%2F&t_e=BREAKING%20NEWS%3A%20Mesa%20Country%2C%20Colorado%202020%20Election%20Reviewed!%20They%20Found%20Thousands%20Of%20Ballots%20Contaminated!%202020%20Election%20Must%20Be%20Decertified!&t_d=BREAKING%20NEWS%3A%20Mesa%20Country%2C%20Colorado%202020%20Election%20Reviewed!%20They%20Found%20Thousands%20Of%20Ballots%20Contaminated!%202020%20Election%20Must%20Be%20Decertified!&t_t=BREAKING%20NEWS%3A%20Mesa%20Country%2C%20Colorado%202020%20Election%20Reviewed!%20They%20Found%20Thousands%20Of%20Ballots%20Contaminated!%202020%20Election%20Must%20Be%20Decertified!&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 17:16:28 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
events
wa.scribd.com/api/v1/ Frame E1E9 		40 B
98 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wa.scribd.com/api/v1/events
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.20.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
97d5aa458ae622677dbd0e091aca9796aba8b99ce226aa081b8f518390e23c3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://de.scribd.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 31 Oct 2021 17:16:28 GMT
via
1.1 varnish
x-served-by
cache-fra19142-FRA
vary
Origin
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://de.scribd.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
40
x-cache-hits
0
events
wa.scribd.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://wa.scribd.com/api/v1/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.152 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://de.scribd.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://de.scribd.com
accept-ranges
bytes
date
Sun, 31 Oct 2021 17:16:28 GMT
via
1.1 varnish
x-served-by
cache-fra19157-FRA
x-cache
MISS
x-cache-hits
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security
max-age=31536000
content-length
0
realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 16E5 		337 B
807 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Requested by
Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:2600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 05 May 2021 03:13:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15516174
x-cache
Hit from cloudfront
content-length
244
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-f4"
content-type
text/css; charset=utf-8
via
1.1 a49c26e403f2dac09629dceb6dac5741.cloudfront.net (CloudFront)
expires
Thu, 05 May 2022 03:13:34 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA60-P1
timing-allow-origin
*
x-amz-cf-id
OWw3VaQUHIYBADdmVjcLHVIKIv1fukXvtlelnDR3iu7iA2mmZYNbJw==
x-cache-hits
0
realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 2786 		337 B
808 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Requested by
Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:2600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 05 May 2021 03:13:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15516174
x-cache
Hit from cloudfront
content-length
244
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-f4"
content-type
text/css; charset=utf-8
via
1.1 a49c26e403f2dac09629dceb6dac5741.cloudfront.net (CloudFront)
expires
Thu, 05 May 2022 03:13:34 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA60-P1
timing-allow-origin
*
x-amz-cf-id
oXpZl_pAZWyTcvINBetHISFUhZ8hQl3Rlxw3i9o3F5nBV7yGKylP0A==
x-cache-hits
0
match
ads.betweendigital.com/ Frame 605F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3Db2f4a99e-30f3-4bee-9f25-941ddf052f7...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=640c617e-cf6b-4100-af15-3fe960b07d48&expires=30&ssp=between&bsw_param=b2f4a99e-30f3-4bee-9f25-941ddf052f7f&gdpr=&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b2f4a99e-30f3-4bee-9f25-941ddf052f7f
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b2f4a99e-30f3-4bee-9f25-941ddf052f7f
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=b2f4a99e-30f3-4bee-9f25-941ddf052f7f
Date
Sun, 31 Oct 2021 17:16:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame A3A9 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.0646e37a1d5797cdbecb18f0498b116a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:2600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.0646e37a1d5797cdbecb18f0498b116a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 14:37:41 GMT
via
1.1 a49c26e403f2dac09629dceb6dac5741.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
16079927
x-cache
Hit from cloudfront
content-length
13079
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Tue, 27 Apr 2021 21:01:56 GMT
server
nginx
etag
"60887bc4-3317"
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
expires
Thu, 28 Apr 2022 14:37:41 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
gvmXC2W8lsgCHbCyB7-JN1UsnW_4iKJXZDsaxgpTPj02X8mN9dkXsg==
x-cache-hits
0
cors
data.ad-score.com/data/ Frame 3CCF 		1 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=EETPJRqfhlZizPuNtOKbmFsYifHrnuLa-FE7fPshldVrrKD4R03nPEEjF-E0zCOctmbFDlMA==&pm_ct=6fa0a3c56853244dba77fb7c&pm_pl=1635700587616&pm_td=598&pid=1000787&en=1.1&callback=__pm_glbl_DPDPMBY5aqTgnQIc7pieFQIq._gc4&v=e6b1558
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000787
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://thetruedefender.com
Date
Sun, 31 Oct 2021 17:16:28 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
impimg.gif
pre.glotgrx.com/ Frame 3CCF 		26 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pre.glotgrx.com/impimg.gif?cb=1635700588229&qid=53532313f523632313f5436393&cid=964&s=thetruedefender.com&p=BX&x=&adtg=HB&nsi=&si=&nci=&nai=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/95.0.4638.54%20Safari/537.36&ai=&flsrc=1
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:28 GMT
cf-cache-status
HIT
last-modified
Sat, 16 Oct 2021 23:00:33 GMT
server
cloudflare
age
7181
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6a6e8804aa4c6997-FRA
content-length
26
expires
Sun, 31 Oct 2021 19:16:28 GMT
khaos.jpg
token.rubiconproject.com/ Frame A4AF 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/jpg
publishertag.prebid.js
static.criteo.net/js/ld/ 		85 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2581d556ceadd8cdd3eb15509ff94501871552563a71381393fc7b59611cbc1e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:28 GMT
content-encoding
gzip
last-modified
Mon, 04 Oct 2021 12:34:24 GMT
server
nginx
etag
W/"615af4d0-1535c"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 01 Nov 2021 17:16:28 GMT
pixel.gif
cdn.viglink.com/images/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.viglink.com/images/pixel.gif?ch=1&rn=0.6805544461497015
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:28 GMT
cf-cache-status
HIT
last-modified
Tue, 10 Feb 2015 03:29:39 GMT
server
cloudflare
age
7
etag
"221d8352905f2c38b3cb2bd191d630b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=15, must-revalidate
content-length
43
accept-ranges
bytes
cf-ray
6a6e8805288e5c98-FRA
x-amz-request-id
C3CJJWGXK1NK66WV
x-amz-id-2
njaiyWPoxaEr03hOL5akXy5LzJ5/pXh3+uihNRDgEXq3INxJJXroxccXttSwiH448w0ZCh/AdQQ=
pixel.gif
cdn.viglink.com/images/ 		43 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.viglink.com/images/pixel.gif?ch=2&rn=0.6805544461497015
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:28 GMT
cf-cache-status
HIT
last-modified
Tue, 10 Feb 2015 03:29:39 GMT
server
cloudflare
age
7
etag
"221d8352905f2c38b3cb2bd191d630b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=15, must-revalidate
content-length
43
accept-ranges
bytes
cf-ray
6a6e880528935c98-FRA
x-amz-request-id
C3CJJWGXK1NK66WV
x-amz-id-2
njaiyWPoxaEr03hOL5akXy5LzJ5/pXh3+uihNRDgEXq3INxJJXroxccXttSwiH448w0ZCh/AdQQ=
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame F4C4 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=44760290;rtbwp=05OadWY7OG16CTmI1CBxS4KAho2d0JhcnMXRfg;rtbdata=Kjn_Dmzoips0_mwX9F7jWf9rJSN-Pjk4sPiOcvtqZVDXj-fEYzgmm_3EdzY6iRaxKGIsPpfsgVtABzAewheSpaQxuFGxZylsvmTE0o7CowCFIQIbZK0Q-rZawB6gw7oVOY1r1Qs5JMADhZoZs_0HUQOCjXJ4pkxAJEv0DZKJVqrhf-E7Svz7ULNA_8xAwVYKHIjw9p8qfGowKvLjvM_hhvl0IVPlGatpg8id5EPEn4Toc0RYJZwOkfWeUiXw_IdwV4cNgfjq2cmrZnv5W_Evql6TJEUvcBlScM-vyPUvk-qvs-xl4YTkom-3qCV-0BPU3o9HQ5S6PkaTGJWq5R7Vfec1WZEscE_SejuXK1CiyBvZSFDRdLfbVG0n9ACSdag9J66wd7eqnNJXhND6bicRKxUCzFW9muloOycMMnD-fYXiEZLnu-L3zIUuRASEZw1nuBYaO0OyCybE4_sQZGQgqA2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:28 GMT
content-encoding
gzip
last-modified
Mon, 25 Oct 2021 09:07:47 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Mon, 01 Nov 2021 20:09:18 GMT
e9d308b2f1.mp4
cdn4.telesco.pe/file/ Frame EC3D 		47 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn4.telesco.pe/file/e9d308b2f1.mp4?token=u4iwwcwHrs1QmPdwiKvEBEkuyjnLq1vt0JQ9u-2Ca15k365-eZDfdC2Ljg-iHBNihUlcsxCIYD-LY3EfZrYwwjwvi3URMD6Oqx7goN8wWVKkslIWKvEYboPmoMcfGT6TPIZVPXM582WMGXoT2sqM8_iTDgyDVlOnI42VmJ1hkC1Wq2rImFdh16AFm5ov71tePi0KGJfIoiyt-jJM6X4BtAZBPXJDf1C5Cd3XL5T6F076HtowcpIhWrbPpyE25xTUor7yowdYzaNmHufgFT0GIkoTdJ9Kl17H973TCxQHyKnk-0emqx1f3GIkllXMGC92NbS94_fmzr_4Sl-VbZSl7A
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 London, United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xn--r1a.website/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=65536-

Response headers

Date
Sun, 31 Oct 2021 17:16:28 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Range
bytes 65536-8643893/8643894
Connection
keep-alive
Content-Length
8578358
X-XSS-Protection
1; mode=block
Last-Modified
Sun, 31 Oct 2021 17:16:28 GMT
Server
nginx/1.18.0
X-Frame-Options
DENY
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Content-Security-Policy
default-src 'none'; sandbox
Accept-Ranges
0-8643894
Expires
Tue, 30 Nov 2021 17:16:28 GMT
cors
data.ad-score.com/data/ Frame 3CCF 		1 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=EETPJRqfhlZizPuNtOKbmFsYifHrnuLa-FE7fPshldVrrKD4R03nPEEjF-E0zCOctmbFDlMA==&pm_ct=6fa0a3c56853244dba77fb7c&pm_pl=1635700587616&pm_td=744&pid=1000787&en=1.1&callback=__pm_glbl_DPDPMBY5aqTgnQIc7pieFQIq._gc5&v=e6b1558
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000787
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://thetruedefender.com
Date
Sun, 31 Oct 2021 17:16:28 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
/
sync3.sniperlog.ru/ Frame 605F
Redirect Chain
  • https://sync.bumlam.com/?src=aid0
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=4851481e-3a6e-11ec-a6e9-002590c82437
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=4851481e-3a6e-11ec-a6e9-002590c82437&bounce=1
  • https://sync.bumlam.com/?src=aid1&uid=mmr8rjtJ%2FLlFSt6UTtpQ4Q&
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=mmr8rjtJ/LlFSt6UTtpQ4Q&extra2=aidata
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm=&extra1=mmr8rjtJ/LlFSt6UTtpQ4Q&extra2=aidata&google_tc=
  • https://sync3.sniperlog.ru/?src=ggl&extra1=mmr8rjtJ/LlFSt6UTtpQ4Q&extra2=aidata&google_gid=CAESEFYonpEcKWedapkIGE1CGoc&google_cver=1
0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync3.sniperlog.ru/?src=ggl&extra1=mmr8rjtJ/LlFSt6UTtpQ4Q&extra2=aidata&google_gid=CAESEFYonpEcKWedapkIGE1CGoc&google_cver=1
Protocol
HTTP/1.1
Server
31.172.81.160 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Connection
keep-alive
Date
Sun, 31 Oct 2021 17:16:28 GMT
Server
nginx

Redirect headers

pragma
no-cache
date
Sun, 31 Oct 2021 17:16:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync3.sniperlog.ru/?src=ggl&extra1=mmr8rjtJ/LlFSt6UTtpQ4Q&extra2=aidata&google_gid=CAESEFYonpEcKWedapkIGE1CGoc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/adfserve/ Frame F4C4 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=44760290;rtbwp=05OadWY7OG16CTmI1CBxS4KAho2d0JhcnMXRfg;rtbdata=Kjn_Dmzoips0_mwX9F7jWf9rJSN-Pjk4sPiOcvtqZVDXj-fEYzgmm_3EdzY6iRaxKGIsPpfsgVtABzAewheSpaQxuFGxZylsvmTE0o7CowCFIQIbZK0Q-rZawB6gw7oVOY1r1Qs5JMADhZoZs_0HUQOCjXJ4pkxAJEv0DZKJVqrhf-E7Svz7ULNA_8xAwVYKHIjw9p8qfGowKvLjvM_hhvl0IVPlGatpg8id5EPEn4Toc0RYJZwOkfWeUiXw_IdwV4cNgfjq2cmrZnv5W_Evql6TJEUvcBlScM-vyPUvk-qvs-xl4YTkom-3qCV-0BPU3o9HQ5S6PkaTGJWq5R7Vfec1WZEscE_SejuXK1CiyBvZSFDRdLfbVG0n9ACSdag9J66wd7eqnNJXhND6bicRKxUCzFW9muloOycMMnD-fYXiEZLnu-L3zIUuRASEZw1nuBYaO0OyCybE4_sQZGQgqA2;js=1;adfxid=1x;6666;set=en-US|en-US|1600X1200|0|350|300|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fthetruedefender.com%2Fbreaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified%2F
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
459d818b11ea6cdf2fe2d5bc5dbbd92f685295bb2a17de42959fd0f7ce3e4b0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 17:16:28 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2742
expires
-1
syncframe
gum.criteo.com/ Frame B1B8 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=thetruedefender.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
1853
date
Sun, 31 Oct 2021 17:16:27 GMT
content-length
4685
cors
data.ad-score.com/data/ Frame 3CCF 		1 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=EETPJRqfhlZizPuNtOKbmFsYifHrnuLa-FE7fPshldVrrKD4R03nPEEjF-E0zCOctmbFDlMA==&pm_ct=6fa0a3c56853244dba77fb7c&pm_pl=1635700587616&pm_td=944&pid=1000787&en=1.1&callback=__pm_glbl_DPDPMBY5aqTgnQIc7pieFQIq._gc6&v=e6b1558
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000787
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://thetruedefender.com
Date
Sun, 31 Oct 2021 17:16:28 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/.gSBgiDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame F4C4 		86 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/.gSBgiDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4e1e3534cd3dc977db196bf47b9c20924218aa39a5db8181261b4429f40b56bb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:28 GMT
content-encoding
gzip
last-modified
Mon, 25 Oct 2021 09:07:47 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Mon, 01 Nov 2021 20:09:26 GMT
sid
mug.criteo.com/ Frame B1B8
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=thetruedefender.com&sn=ChromeSyncframe&so=0&topUrl=thetruedefender.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=S4yh2XxiSXpYMTFEQzljL3czV3NEOVpFeW9sRlp5V1ZxTzlYQTJyMHUxNXdsSXM5RjBlSHl3dS9MeFNjQ1JwZ0lTR3N2UE9zbVFLYjUzQURvNUQrbStiRDBvdGsya0F1KzMxTmdld2ptWERsQzJFaFR1dWhQZGx3WThiRG...
460 B
645 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=S4yh2XxiSXpYMTFEQzljL3czV3NEOVpFeW9sRlp5V1ZxTzlYQTJyMHUxNXdsSXM5RjBlSHl3dS9MeFNjQ1JwZ0lTR3N2UE9zbVFLYjUzQURvNUQrbStiRDBvdGsya0F1KzMxTmdld2ptWERsQzJFaFR1dWhQZGx3WThiRGdUNnhsc1dvYk9lczVHQUQ4TXp2NEhLelNhNDBYNys0K1p3azNVdE9WSTlYQzFLcnRTMWc0Q0U1dFN6Q0daY1E1QmhTUnEzRDNpNUFCb0RGZGMzeVVyejlVbXkzTkJwcEs2TDRMOGxIbFNraytPMUQ3NGQ5NEl4L2NvY2gza0VkUklTam1ZQzh0NVkyNTdTRUFPZTNHN0tNVXcxYld6UT09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
f4d2dfe768bb0b363d4b19583900693345663d01a44b146af0c064dea7fa7dd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 31 Oct 2021 17:16:28 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2811
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 31 Oct 2021 17:16:28 GMT
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=S4yh2XxiSXpYMTFEQzljL3czV3NEOVpFeW9sRlp5V1ZxTzlYQTJyMHUxNXdsSXM5RjBlSHl3dS9MeFNjQ1JwZ0lTR3N2UE9zbVFLYjUzQURvNUQrbStiRDBvdGsya0F1KzMxTmdld2ptWERsQzJFaFR1dWhQZGx3WThiRGdUNnhsc1dvYk9lczVHQUQ4TXp2NEhLelNhNDBYNys0K1p3azNVdE9WSTlYQzFLcnRTMWc0Q0U1dFN6Q0daY1E1QmhTUnEzRDNpNUFCb0RGZGMzeVVyejlVbXkzTkJwcEs2TDRMOGxIbFNraytPMUQ3NGQ5NEl4L2NvY2gza0VkUklTam1ZQzh0NVkyNTdTRUFPZTNHN0tNVXcxYld6UT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2434
content-length
541
expires
0
/
track.adform.net/csimpr/ Frame F4C4 		35 B
471 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=44760290&csi=5a5MxvQpr3VoE7K5312tzxOP661a1pogHoVQLa3sQszrygPkIxxfk2KkaO2HyUmUDCsX2sSbI5rwO-ZsN_XdO2QBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.251 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 17:16:28 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
41278457.jpg
s1.adform.net/Banners/41278457/ Frame F4C4 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/41278457/41278457.jpg?bv=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4173a569c934a99a52feb01c07751fa1aaf8a270ee5ad3ac2c5dd756ec94210a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:28 GMT
last-modified
Fri, 16 Oct 2020 13:06:58 GMT
server
nginx
etag
"5f899af2-e077"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
57463
ping
links.services.disqus.com/api/ 		0
0
usync.html
eus.rubiconproject.com/ Frame 2747
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=4d6f224f-4400-5330-9268-7736f316b85d&CACHEBUSTER=285296
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 31 Oct 2021 17:16:28 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Date
Sun, 31 Oct 2021 17:16:28 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
usync.js
eus.rubiconproject.com/ Frame 2747 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3a97df53baadc7f20a3ccd6bb9c6b5fab12ce7efaab6ca0987be6c62489b2dc2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 17:16:28 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Oct 2021 15:57:03 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=66411
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9399
Expires
Mon, 01 Nov 2021 11:43:19 GMT
khaos.jpg
token.rubiconproject.com/ Frame 2747 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/jpg
285296
www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 605F 		43 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/285296
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software
ms-counter-3.2.14/1.20.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=2678400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 17:16:28 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-3.2.14/1.20.1
strict-transport-security
max-age=2678400
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
usersync
rtb.gumgum.com/ Frame 605F
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=4d6f224f-4400-5330-9268-7736f316b85d&expires=60
  • https://rtb.gumgum.com/usersync?b=bsw&i=b2f4a99e-30f3-4bee-9f25-941ddf052f7f
35 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=b2f4a99e-30f3-4bee-9f25-941ddf052f7f
Protocol
H2
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 17:16:29 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
//rtb.gumgum.com/usersync?b=bsw&i=b2f4a99e-30f3-4bee-9f25-941ddf052f7f
Date
Sun, 31 Oct 2021 17:16:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
view
ads.betweendigital.com/ Frame 3CCF 		68 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/view?context=AAAAAF8tgsFhdgACdwAtAs1TzWsTQRTPvoYSQqhSCoJ4WDxIC85mJrO7yVokbdpqpY2WGulFKLPZSTPNfoTdjWkLQq9evAr-B-LNu_9BQbyoeBBED6KXHqonKc7mo1Wrvepjdt_M2997-97vzYNFo24Uig3dRtQxKNIbVEcWwUVEdcuSFqdEGAXy6vm3R7l3n15-fbyeuSd4N5WCPWjGcTu6ks_HTR6HHe7wBvcdHmr1wMvbIWct4W8gn3cj5PGIoXrQ8eNwW2o3CJkToAIuYMRdXo9F4KOQJ4G5g2S4bdSQ4GQbdCLmOxEKGshmrhvEkfT3Y-YJn8US_GsMrxPFyObI4XUexqIhuJOH0ml5wnmLaMSyNEJKWpHCR6Ua7AjXZXlDw-rkmvCdoBupN2sqwRqeVqXB1KfVLVOfUmfbbZevcXtJxHmDFjVqqpNLi7Xq8mXVFS2uXuf1VjClzjXDwON5SwbUdJOWNENXb7MGC8XAC7I6pXpxqHImMQm1YEzHho4LBN6k4WAEUnAWQL5TcOkPhUjzuGRwPWqykCeg7I3ZCikMVEoKJM_EoKB1giFrYkoopOcX4OK1kPmtRieMVeapVSZ8SC8uQKagYQxph8PYwA-AQPaW_H84VBmCaUlG1ldrFQlS8-oSc2SQLrfVlZB7ouPB-GZXRG5Qb4l-InChtrJsrc_OG6RAsV46cc7pRtEs6TA6t1KFCUd22teSi5QUAXeH_WROpNk87nLJgtgQMXN7LWXOZhT45fhqO-S2cOTvcn4QesyVu73XAG8_fB7pZZGSfCqg9JjpnXsr1-8XpC2jZ-997dP3N5l_-uX-uX27fArkH8h--eekf89fnnfLQ7MyqBO-P3k_IzcPK5BS4Kh2CUgQ_8GoHCqpE4kk6R0qo6t3KicogH5b_yLKwciQKWWMYrxVMPDos4yy-2Bn4PfiTLL6Mj6MmZMjVUTyciSD2bMkY6kc8zqciWPSZ_qoIz5_AA==&tld=dGhldHJ1ZWRlZmVuZGVyLmNvbQ==&jsp=rsize%3D300x250%26dh%3Dv1_0001000000001%26utbo%3D-00%3A00%26ib%3D0%26fstc%3D-1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
/
onetag-sys.com/usync/ Frame 7A1E 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5d1628750185ace
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=4d6f224f-4400-5330-9268-7736f316b85d&CACHEBUSTER=285296
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
cors
data.ad-score.com/data/ Frame 3CCF 		1 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=EETPJRqfhlZizPuNtOKbmFsYifHrnuLa-FE7fPshldVrrKD4R03nPEEjF-E0zCOctmbFDlMA==&pm_ct=6fa0a3c56853244dba77fb7c&pm_pl=1635700587616&pm_td=1544&pid=1000787&en=1.1&callback=__pm_glbl_DPDPMBY5aqTgnQIc7pieFQIq._gc7&v=e6b1558
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000787
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://thetruedefender.com
Date
Sun, 31 Oct 2021 17:16:29 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
4d6f224f-4400-5330-9268-7736f316b85d
an.yandex.ru/mapuid/betweendigitalis/ Frame 605F
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F4d6f224f-4400-5330-9268-7736f316b85d
  • https://an.yandex.ru/mapuid/betweendigitalis/4d6f224f-4400-5330-9268-7736f316b85d
  • https://an.yandex.ru/mapuid/betweendigitalis/4d6f224f-4400-5330-9268-7736f316b85d?redir-setuniq=1
43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/betweendigitalis/4d6f224f-4400-5330-9268-7736f316b85d?redir-setuniq=1
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 17:16:29 GMT
content-encoding
gzip
last-modified
Sun, 31 Oct 2021 17:16:29 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 31 Oct 2021 17:16:29 GMT

Redirect headers

pragma
no-cache
date
Sun, 31 Oct 2021 17:16:29 GMT
content-encoding
gzip
last-modified
Sun, 31 Oct 2021 17:16:29 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://an.yandex.ru/mapuid/betweendigitalis/4d6f224f-4400-5330-9268-7736f316b85d?redir-setuniq=1
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 31 Oct 2021 17:16:29 GMT
sync
t.adx.opera.com/ Frame 605F 		0
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60079&uid=4d6f224f-4400-5330-9268-7736f316b85d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 17:16:29 GMT
server
Tengine
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthetruedefender.com%2F&domain=thetruedefender.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=8qPa_XxkbWd2MXFCc29BZHE3OTZCVU1OOTkyckRlWXhXaGpEdGJLNFY1cS9hRGFOdVp0bkJyUjBKVnhvYno1YllUUlRwOFJvOU1yUXBBMkc4MktVVXlXYjZKN01HZDV3ZXNvVTNKamphZ1NpV0swMGhWa202MTFDV0J5c3...
470 B
695 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=8qPa_XxkbWd2MXFCc29BZHE3OTZCVU1OOTkyckRlWXhXaGpEdGJLNFY1cS9hRGFOdVp0bkJyUjBKVnhvYno1YllUUlRwOFJvOU1yUXBBMkc4MktVVXlXYjZKN01HZDV3ZXNvVTNKamphZ1NpV0swMGhWa202MTFDV0J5c3JMVWJTZlpxbnBDdlFadHdxcnhSRnNPU2lsS05xTFpDZUQ2MWc3c3podGNHd0c1WHZUUHJ1bVFLZUlRZk9yZXF2K25DVWVJd3IrVVJ6UjR4a1E3aGNDYWZaODB5eFEyU1FwTi9Vb2NBT3dUaC9pVkl2OHdveGdHL2VMZ3paaGhUMitJbXBUbzhsZjRQZ2FCNW94VDlZakx2VkE4T1M5Q2h1bFA0aVZEWFhNOXIvWTRVYTZqaz18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
153efa2423e6a62d1546026da53158d5fd77d1ae25d8d258b8b2dc131296d017
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 31 Oct 2021 17:16:30 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1874
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 31 Oct 2021 17:16:29 GMT
location
https://mug.criteo.com/sid?cpp=8qPa_XxkbWd2MXFCc29BZHE3OTZCVU1OOTkyckRlWXhXaGpEdGJLNFY1cS9hRGFOdVp0bkJyUjBKVnhvYno1YllUUlRwOFJvOU1yUXBBMkc4MktVVXlXYjZKN01HZDV3ZXNvVTNKamphZ1NpV0swMGhWa202MTFDV0J5c3JMVWJTZlpxbnBDdlFadHdxcnhSRnNPU2lsS05xTFpDZUQ2MWc3c3podGNHd0c1WHZUUHJ1bVFLZUlRZk9yZXF2K25DVWVJd3IrVVJ6UjR4a1E3aGNDYWZaODB5eFEyU1FwTi9Vb2NBT3dUaC9pVkl2OHdveGdHL2VMZ3paaGhUMitJbXBUbzhsZjRQZ2FCNW94VDlZakx2VkE4T1M5Q2h1bFA0aVZEWFhNOXIvWTRVYTZqaz18&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2150
content-length
567
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthetruedefender.com%2F&domain=thetruedefender.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://thetruedefender.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://thetruedefender.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1438
date
Sun, 31 Oct 2021 17:16:29 GMT
content-encoding
gzip
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1D86 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Mon, 01 Nov 2021 17:16:32 GMT
Date
Sun, 31 Oct 2021 17:16:30 GMT
Connection
keep-alive
Vary
Accept-Encoding
connectmyusers.php
cdn.connectad.io/ Frame A568 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a6e88105dd04e25-FRA
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
connectmyusers.php
cdn.connectad.io/ Frame AD63 		1 KB
712 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a6e88105dd24e25-FRA
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
connectmyusers.php
cdn.connectad.io/ Frame B209 		1 KB
703 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a6e88105dcf4e25-FRA
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
apacdex
sync.quantumdex.io/usersync/ Frame 8DF8 		3 KB
801 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a81e65bd964a3fd5f86f19e08985b0e4e89ea350d0d0bc54b50e4a6fc90ac12e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
content-type
text/html
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a6e88105efd6913-FRA
content-encoding
gzip
usersync
ssp.wp.pl/bidder/ Frame 8EB9 		442 B
439 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

server
nginx
date
Sun, 31 Oct 2021 17:16:30 GMT
content-type
text/html; charset=utf-8
content-length
306
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
accept-ch-lifetime
604800
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
authorization, origin, x-requested-with, cookie, content-type, accept-ch
access-control-allow-methods
POST, GET
access-control-allow-origin
content-encoding
gzip
last-modified
Tue, 26 Oct 2021 10:14:07 GMT
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 41FB 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Mon, 01 Nov 2021 17:16:32 GMT
Date
Sun, 31 Oct 2021 17:16:30 GMT
Connection
keep-alive
Vary
Accept-Encoding
connectmyusers.php
cdn.connectad.io/ Frame D0DD 		1 KB
703 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a6e88105dd54e25-FRA
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
sspmatch-iframe
ads.betweendigital.com/ Frame FCFA 		0
159 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
usersync
ssp.wp.pl/bidder/ Frame 5713 		442 B
348 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

server
nginx
date
Sun, 31 Oct 2021 17:16:30 GMT
content-type
text/html; charset=utf-8
content-length
306
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
accept-ch-lifetime
604800
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
authorization, origin, x-requested-with, cookie, content-type, accept-ch
access-control-allow-methods
POST, GET
access-control-allow-origin
content-encoding
gzip
last-modified
Tue, 26 Oct 2021 10:14:07 GMT
vary
Accept-Encoding
sspmatch-iframe
ads.betweendigital.com/ Frame D959 		0
159 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3D50 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Mon, 01 Nov 2021 17:16:32 GMT
Date
Sun, 31 Oct 2021 17:16:30 GMT
Connection
keep-alive
Vary
Accept-Encoding
sspmatch-iframe
ads.betweendigital.com/ Frame 9B82 		0
159 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
/
onetag-sys.com/usync/ Frame 83DC 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1635700586860
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
onetag-sys.com/usync/ Frame 5C8B 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1635700586840
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
apacdex
sync.quantumdex.io/usersync/ Frame D10E 		3 KB
932 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c72367fb62461ccb6894d279505a5bf0016c186b025148d8f5035b3b1e5d2a8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
content-type
text/html
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a6e88106f146913-FRA
content-encoding
gzip
sspmatch-iframe
ads.betweendigital.com/ Frame 3D25 		0
159 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
apacdex
sync.quantumdex.io/usersync/ Frame 0948 		3 KB
804 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2884141abdb3f4d44e370687203e652ce033eb89ef2bdd1a4f4a2ada10ffcb87

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
content-type
text/html
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a6e88106f296913-FRA
content-encoding
gzip
usersync
ssp.wp.pl/bidder/ Frame E8F5 		442 B
348 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

server
nginx
date
Sun, 31 Oct 2021 17:16:30 GMT
content-type
text/html; charset=utf-8
content-length
306
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
accept-ch-lifetime
604800
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
authorization, origin, x-requested-with, cookie, content-type, accept-ch
access-control-allow-methods
POST, GET
access-control-allow-origin
content-encoding
gzip
last-modified
Tue, 26 Oct 2021 10:14:07 GMT
vary
Accept-Encoding
usersync
ssp.wp.pl/bidder/ Frame 3AC0 		442 B
348 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

server
nginx
date
Sun, 31 Oct 2021 17:16:30 GMT
content-type
text/html; charset=utf-8
content-length
306
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
accept-ch-lifetime
604800
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
authorization, origin, x-requested-with, cookie, content-type, accept-ch
access-control-allow-methods
POST, GET
access-control-allow-origin
content-encoding
gzip
last-modified
Tue, 26 Oct 2021 10:14:07 GMT
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 8270 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1635700586843
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
usersync
ssp.wp.pl/bidder/ Frame FB7E 		442 B
348 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

server
nginx
date
Sun, 31 Oct 2021 17:16:30 GMT
content-type
text/html; charset=utf-8
content-length
306
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
accept-ch-lifetime
604800
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
authorization, origin, x-requested-with, cookie, content-type, accept-ch
access-control-allow-methods
POST, GET
access-control-allow-origin
content-encoding
gzip
last-modified
Tue, 26 Oct 2021 10:14:07 GMT
vary
Accept-Encoding
sspmatch-iframe
ads.betweendigital.com/ Frame CCFC 		0
159 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
apacdex
sync.quantumdex.io/usersync/ Frame 68DC 		3 KB
798 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc07f1787431129ff7835307a46dfa4f382e125c6664579be53a343ef89f3d90

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
content-type
text/html
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a6e88107f666913-FRA
content-encoding
gzip
connectmyusers.php
cdn.connectad.io/ Frame A61A 		1 KB
703 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a6e88107e0c4e25-FRA
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6E0A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Mon, 01 Nov 2021 17:16:32 GMT
Date
Sun, 31 Oct 2021 17:16:30 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9FFB 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Mon, 01 Nov 2021 17:16:32 GMT
Date
Sun, 31 Oct 2021 17:16:30 GMT
Connection
keep-alive
Vary
Accept-Encoding
apacdex
sync.quantumdex.io/usersync/ Frame C9A6 		3 KB
793 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3120be07fb8b5daa12790c9f7dc4f1ebf5d5edbaedbab6bd93ad4a95983e1e1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
content-type
text/html
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a6e88107f6e6913-FRA
content-encoding
gzip
usermatch
ssum-sec.casalemedia.com/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fgdpr%3D0%26issi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fgdpr%3D0%26issi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:30 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fgdpr%3D0%26issi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
390
Expires
Sun, 31 Oct 2021 17:16:30 GMT
/
onetag-sys.com/usync/ 		0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=03030001_617ecf6e35a5c&gdpr=0&gdpr_consent=
43 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=03030001_617ecf6e35a5c&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
185.86.138.144 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 17:16:29 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Sun, 31 Oct 2021 17:16:30 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=03030001_617ecf6e35a5c&gdpr=0&gdpr_consent=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
get_user_agent_id
cookie-matching.mediarithmics.com/v1/ 		0
85 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=smart17&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.68.57.71 , France, ASN16276 (OVH, FR),
Reverse DNS
ip71.ip-51-68-57.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubDomains;preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
strict-transport-security
max-age=63072000;includeSubDomains;preload
redir
rtb-csync.smartadserver.com/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAD8O07C_Z8AABb-5bJB7g&gdpr=0
43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAD8O07C_Z8AABb-5bJB7g&gdpr=0
Protocol
HTTP/1.1
Server
185.86.138.144 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 17:16:29 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAD8O07C_Z8AABb-5bJB7g&gdpr=0
Date
Sun, 31 Oct 2021 17:16:30 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
bsync
visitor.omnitagjs.com/visitor/ 		0
158 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.153 Paris, France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 17:16:29 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
0
expires
0
cors
data.ad-score.com/data/ Frame 3CCF 		1 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=EETPJRqfhlZizPuNtOKbmFsYifHrnuLa-FE7fPshldVrrKD4R03nPEEjF-E0zCOctmbFDlMA==&pm_ct=6fa0a3c56853244dba77fb7c&pm_pl=1635700587616&pm_td=2544&pid=1000787&en=1.1&callback=__pm_glbl_DPDPMBY5aqTgnQIc7pieFQIq._gc8&v=e6b1558
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000787
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://thetruedefender.com
Date
Sun, 31 Oct 2021 17:16:30 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=8qPa_XxkbWd2MXFCc29BZHE3OTZCVU1OOTkyckRlWXhXaGpEdGJLNFY1cS9hRGFOdVp0bkJyUjBKVnhvYno1YllUUlRwOFJvOU1yUXBBMkc4MktVVXlXYjZKN01HZDV3ZXNvVTNKamphZ1NpV0swMGhWa202MTFDV0J5c3JMVWJTZlpxbnBDdlFadHdxcnhSRnNPU2lsS05xTFpDZUQ2MWc3c3podGNHd0c1WHZUUHJ1bVFLZUlRZk9yZXF2K25DVWVJd3IrVVJ6UjR4a1E3aGNDYWZaODB5eFEyU1FwTi9Vb2NBT3dUaC9pVkl2OHdveGdHL2VMZ3paaGhUMitJbXBUbzhsZjRQZ2FCNW94VDlZakx2VkE4T1M5Q2h1bFA0aVZEWFhNOXIvWTRVYTZqaz18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
884
date
Sun, 31 Oct 2021 17:16:29 GMT
content-encoding
gzip
vary
Accept-Encoding
wpjslib-sync.js
std.wpcdn.pl/wpjslib/ Frame 8EB9 		103 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
af835718d2bbc006f11104cbd1258b00c59804cbcfda40488707a58c672b2e94

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
content-encoding
br
last-modified
Wed, 27 Oct 2021 14:07:23 GMT
server
nginx
etag
W/"962d07016767b8ecfd9e5a6f757b7c4f"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
bounce
ib.adnxs.com/ Frame 41FB
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:30 GMT
X-Proxy-Origin
91.199.118.73; 91.199.118.73; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c44278f1-17b2-44dd-a5b7-6d2d9f37c929
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:30 GMT
X-Proxy-Origin
91.199.118.73; 91.199.118.73; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c2c04a3c-b21f-4ccc-b616-579dca362ad0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
ib.adnxs.com/ Frame 3D50
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:30 GMT
X-Proxy-Origin
91.199.118.73; 91.199.118.73; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
523a3047-7c26-4409-aa25-1b010f8ea72b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:30 GMT
X-Proxy-Origin
91.199.118.73; 91.199.118.73; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
0fcc8916-74c5-4521-a2e7-e2d6f7a015a3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
wpjslib-sync.js
std.wpcdn.pl/wpjslib/ Frame 5713 		103 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
af835718d2bbc006f11104cbd1258b00c59804cbcfda40488707a58c672b2e94

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
content-encoding
br
last-modified
Wed, 27 Oct 2021 14:07:23 GMT
server
nginx
etag
W/"962d07016767b8ecfd9e5a6f757b7c4f"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
bounce
ib.adnxs.com/ Frame 1D86
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:30 GMT
X-Proxy-Origin
91.199.118.73; 91.199.118.73; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
5708956b-9fe4-4915-b7dd-4dbf37365da8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:30 GMT
X-Proxy-Origin
91.199.118.73; 91.199.118.73; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
876d8ada-2f9f-46f0-b0fd-d68e5c8d8e97
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
wpjslib-sync.js
std.wpcdn.pl/wpjslib/ Frame E8F5 		103 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
af835718d2bbc006f11104cbd1258b00c59804cbcfda40488707a58c672b2e94

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
content-encoding
br
last-modified
Wed, 27 Oct 2021 14:07:23 GMT
server
nginx
etag
W/"962d07016767b8ecfd9e5a6f757b7c4f"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
wpjslib-sync.js
std.wpcdn.pl/wpjslib/ Frame 3AC0 		103 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
af835718d2bbc006f11104cbd1258b00c59804cbcfda40488707a58c672b2e94

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
content-encoding
br
last-modified
Wed, 27 Oct 2021 14:07:23 GMT
server
nginx
etag
W/"962d07016767b8ecfd9e5a6f757b7c4f"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
bounce
ib.adnxs.com/ Frame 6E0A
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:30 GMT
X-Proxy-Origin
91.199.118.73; 91.199.118.73; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
825c486d-3591-41f0-9f8c-67c58a7d7b2f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:30 GMT
X-Proxy-Origin
91.199.118.73; 91.199.118.73; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
2f76e347-f754-4128-ad83-b9e62682cf08
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame D10E
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2291873998
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2291873998
  • https://sync.1rx.io/usersync/tradedesk/cf29c773-4f35-4361-babe-f078b1a40e96
  • https://sync.targeting.unrulymedia.com/csync/RX-c421bd82-e47d-4518-a33e-828541fe0754-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-c421bd82-e47d-4518-a33e-828541f...
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-c421bd82-e47d-4518-a33e-828541fe0754-003
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-c421bd82-e47d-4518-a33e-828541fe0754-003
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e88160f1f6913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-c421bd82-e47d-4518-a33e-828541fe0754-003
date
Sun, 31 Oct 2021 17:16:31 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXc421bd82e47d4518a33e828541fe0754003
content-type
text/html
us
sync.go.sonobi.com/ Frame D10E 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:30 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame D10E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7876132081178951649
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7876132081178951649
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e8812adee6913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:30 GMT
X-Proxy-Origin
91.199.118.73; 91.199.118.73; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f83acbbc-e72e-43b2-8ac5-4e4b1db19032
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7876132081178951649
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame D10E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-RCOBwotE2uEhFcXWFG6gd1WEQzQFvvhu0saLL5c-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-RCOBwotE2uEhFcXWFG6gd1WEQzQFvvhu0saLL5c-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e88133f6c6913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Sun, 31 Oct 2021 17:16:30 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-RCOBwotE2uEhFcXWFG6gd1WEQzQFvvhu0saLL5c-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame D10E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7876132081178951649
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7876132081178951649
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e88133f696913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:30 GMT
X-Proxy-Origin
91.199.118.73; 91.199.118.73; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
5ace2d6f-3113-4447-b2ca-efa50bae8e11
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7876132081178951649
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs.lkqd.net/ Frame D10E 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=758&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dlkqd-desktop%26uid%3D%24%24userId%24%24
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.142 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
setuid
sync.quantumdex.io/ Frame D10E
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP4a00e9a7-3a6e-11ec-8798-06bcf37db48a
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP4a00e9a7-3a6e-11ec-8798-06bcf37db48a
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP4a00e9a7-3a6e-11ec-8798-06bcf37db48a
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e8813b8dc6913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Sun, 31 Oct 2021 17:16:30 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP4a00e9a7-3a6e-11ec-8798-06bcf37db48a
Connection
keep-alive
Content-Length
0
1.gif
id5-sync.com/c/495/0/0/ Frame D10E
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Server
54.36.109.22 , France, ASN16276 (OVH, FR),
Reverse DNS
p09.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 17:16:23 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Location
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date
Sun, 31 Oct 2021 17:16:23 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame D10E
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=852bd4cc-04ef-4061-8d3f-81b917f89f17
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=852bd4cc-04ef-4061-8d3f-81b917f89f17
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e8813b8db6913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=852bd4cc-04ef-4061-8d3f-81b917f89f17
date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e88121c506913-FRA
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
setuid
sync.quantumdex.io/ Frame D10E
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=57635a82-5293-496a-ab37-f64f7605e1ff
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=57635a82-5293-496a-ab37-f64f7605e1ff
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e88131f2d6913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=57635a82-5293-496a-ab37-f64f7605e1ff
date
Sun, 31 Oct 2021 17:16:30 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame D10E
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f33dc8278e5dc37df697c81e
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f33dc8278e5dc37df697c81e
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e881398936913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Sun, 31 Oct 2021 17:16:30 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f33dc8278e5dc37df697c81e
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
wpjslib-sync.js
std.wpcdn.pl/wpjslib/ Frame FB7E 		103 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
af835718d2bbc006f11104cbd1258b00c59804cbcfda40488707a58c672b2e94

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
content-encoding
br
last-modified
Wed, 27 Oct 2021 14:07:23 GMT
server
nginx
etag
W/"962d07016767b8ecfd9e5a6f757b7c4f"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
cs
cs.lkqd.net/ Frame 0948 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=758&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dlkqd-desktop%26uid%3D%24%24userId%24%24
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.142 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
setuid
sync.quantumdex.io/ Frame 0948
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP4a00e9a7-3a6e-11ec-8798-06bcf37db48a
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP4a00e9a7-3a6e-11ec-8798-06bcf37db48a
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP4a00e9a7-3a6e-11ec-8798-06bcf37db48a
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e8813b8d66913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Sun, 31 Oct 2021 17:16:30 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP4a00e9a7-3a6e-11ec-8798-06bcf37db48a
Connection
keep-alive
Content-Length
0
1.gif
id5-sync.com/c/495/0/0/ Frame 0948
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Server
54.36.109.22 , France, ASN16276 (OVH, FR),
Reverse DNS
p09.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 17:16:23 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Location
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date
Sun, 31 Oct 2021 17:16:23 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 0948
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=dda0f77f-d162-49ab-b55e-dd782d2f6861
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=dda0f77f-d162-49ab-b55e-dd782d2f6861
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e8813987c6913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=dda0f77f-d162-49ab-b55e-dd782d2f6861
date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e88121c556913-FRA
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
setuid
sync.quantumdex.io/ Frame 0948
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2282844342217095484
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2282844342217095484
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e8813988d6913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:30 GMT
X-Proxy-Origin
91.199.118.73; 91.199.118.73; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
7e6b125d-747a-4ea8-87c9-d1f55c7a7ec0
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2282844342217095484
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 0948
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=7fed4a6b-e3dd-4ab6-839c-ff18b426fc3a
43 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=7fed4a6b-e3dd-4ab6-839c-ff18b426fc3a
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e88131f2f6913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=7fed4a6b-e3dd-4ab6-839c-ff18b426fc3a
date
Sun, 31 Oct 2021 17:16:30 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame 0948
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f33dc8278e5dc37df697c81e
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f33dc8278e5dc37df697c81e
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e8812adf26913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Sun, 31 Oct 2021 17:16:30 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f33dc8278e5dc37df697c81e
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
setuid
sync.quantumdex.io/ Frame 0948
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7163654611
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7163654611
  • https://sync.1rx.io/usersync/tradedesk/cf29c773-4f35-4361-babe-f078b1a40e96
  • https://sync.targeting.unrulymedia.com/csync/RX-c421bd82-e47d-4518-a33e-828541fe0754-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-c421bd82-e47d-4518-a33e-828541f...
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-c421bd82-e47d-4518-a33e-828541fe0754-003
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-c421bd82-e47d-4518-a33e-828541fe0754-003
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e88160f236913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-c421bd82-e47d-4518-a33e-828541fe0754-003
date
Sun, 31 Oct 2021 17:16:31 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXc421bd82e47d4518a33e828541fe0754003
content-type
text/html
us
sync.go.sonobi.com/ Frame 0948 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:30 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame 0948
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-RCOBwotE2uEhFcXWFG6gd1WEQzQFvvhu0saLL5c-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-RCOBwotE2uEhFcXWFG6gd1WEQzQFvvhu0saLL5c-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e88133f6b6913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Sun, 31 Oct 2021 17:16:30 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-RCOBwotE2uEhFcXWFG6gd1WEQzQFvvhu0saLL5c-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 0948
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7876132081178951649
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7876132081178951649
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e881429f66913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:30 GMT
X-Proxy-Origin
91.199.118.73; 91.199.118.73; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f8b04cbb-9765-4fa7-81f3-813626d60eff
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7876132081178951649
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
ib.adnxs.com/ Frame 9FFB
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:30 GMT
X-Proxy-Origin
91.199.118.73; 91.199.118.73; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
56de0a01-93c1-4096-851a-0e6c52f43710
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:30 GMT
X-Proxy-Origin
91.199.118.73; 91.199.118.73; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
0a7f1f01-e208-4ded-96e0-9e270a7f8ba5
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs.lkqd.net/ Frame 68DC 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=758&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dlkqd-desktop%26uid%3D%24%24userId%24%24
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.142 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
setuid
sync.quantumdex.io/ Frame 68DC
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP4a00e9a7-3a6e-11ec-8798-06bcf37db48a
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP4a00e9a7-3a6e-11ec-8798-06bcf37db48a
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP4a00e9a7-3a6e-11ec-8798-06bcf37db48a
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e8813b8d96913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Sun, 31 Oct 2021 17:16:30 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP4a00e9a7-3a6e-11ec-8798-06bcf37db48a
Connection
keep-alive
Content-Length
0
1.gif
id5-sync.com/c/495/0/0/ Frame 68DC
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Server
54.36.109.22 , France, ASN16276 (OVH, FR),
Reverse DNS
p09.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 17:16:23 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Location
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date
Sun, 31 Oct 2021 17:16:23 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 68DC
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=28489953-e1ac-4750-8311-3e27f24886aa
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=28489953-e1ac-4750-8311-3e27f24886aa
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e881398716913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=28489953-e1ac-4750-8311-3e27f24886aa
date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e88121c616913-FRA
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
setuid
sync.quantumdex.io/ Frame 68DC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2282844342217095484
43 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2282844342217095484
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e8813988a6913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:30 GMT
X-Proxy-Origin
91.199.118.73; 91.199.118.73; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
95bccd4e-85f1-408e-be88-ddfc4f97769c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2282844342217095484
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 68DC
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=3c1994bc-f9bb-4539-996c-06234b8575fd
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=3c1994bc-f9bb-4539-996c-06234b8575fd
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e88132f396913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=3c1994bc-f9bb-4539-996c-06234b8575fd
date
Sun, 31 Oct 2021 17:16:30 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame 68DC
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f33dc8278e5dc37df697c81e
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f33dc8278e5dc37df697c81e
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e8812ce1a6913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Sun, 31 Oct 2021 17:16:30 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f33dc8278e5dc37df697c81e
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
setuid
sync.quantumdex.io/ Frame 68DC
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2308815295
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2308815295
  • https://sync.1rx.io/usersync/tradedesk/cf29c773-4f35-4361-babe-f078b1a40e96
  • https://sync.targeting.unrulymedia.com/csync/RX-c421bd82-e47d-4518-a33e-828541fe0754-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-c421bd82-e47d-4518-a33e-828541f...
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-c421bd82-e47d-4518-a33e-828541fe0754-003
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-c421bd82-e47d-4518-a33e-828541fe0754-003
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e88160f276913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-c421bd82-e47d-4518-a33e-828541fe0754-003
date
Sun, 31 Oct 2021 17:16:31 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXc421bd82e47d4518a33e828541fe0754003
content-type
text/html
us
sync.go.sonobi.com/ Frame 68DC 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:30 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame 68DC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-RCOBwotE2uEhFcXWFG6gd1WEQzQFvvhu0saLL5c-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-RCOBwotE2uEhFcXWFG6gd1WEQzQFvvhu0saLL5c-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e881398896913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Sun, 31 Oct 2021 17:16:30 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-RCOBwotE2uEhFcXWFG6gd1WEQzQFvvhu0saLL5c-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 68DC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2282844342217095484
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2282844342217095484
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e881398946913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:30 GMT
X-Proxy-Origin
91.199.118.73; 91.199.118.73; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f4485fc0-27dc-4ead-b4a3-dcfc79cad182
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2282844342217095484
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame C9A6
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7876132081178951649
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7876132081178951649
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e8812adef6913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:30 GMT
X-Proxy-Origin
91.199.118.73; 91.199.118.73; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
b8116bbd-8fa4-47c3-96b7-3df80cbb3448
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7876132081178951649
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs.lkqd.net/ Frame C9A6 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=758&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dlkqd-desktop%26uid%3D%24%24userId%24%24
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.142 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
setuid
sync.quantumdex.io/ Frame C9A6
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=e37c2af4-a9ba-4a35-856d-3d29520dec47
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=e37c2af4-a9ba-4a35-856d-3d29520dec47
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e88132f3a6913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=e37c2af4-a9ba-4a35-856d-3d29520dec47
date
Sun, 31 Oct 2021 17:16:30 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame C9A6
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f33dc8278e5dc37df697c81e
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f33dc8278e5dc37df697c81e
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e88133f6d6913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Sun, 31 Oct 2021 17:16:30 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f33dc8278e5dc37df697c81e
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
setuid
sync.quantumdex.io/ Frame C9A6
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4733305801
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4733305801
  • https://sync.1rx.io/usersync/tradedesk/cf29c773-4f35-4361-babe-f078b1a40e96
  • https://sync.targeting.unrulymedia.com/csync/RX-c421bd82-e47d-4518-a33e-828541fe0754-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-c421bd82-e47d-4518-a33e-828541f...
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-c421bd82-e47d-4518-a33e-828541fe0754-003
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-c421bd82-e47d-4518-a33e-828541fe0754-003
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e88160f2a6913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-c421bd82-e47d-4518-a33e-828541fe0754-003
date
Sun, 31 Oct 2021 17:16:31 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXc421bd82e47d4518a33e828541fe0754003
content-type
text/html
us
sync.go.sonobi.com/ Frame C9A6 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:30 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame C9A6
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-RCOBwotE2uEhFcXWFG6gd1WEQzQFvvhu0saLL5c-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-RCOBwotE2uEhFcXWFG6gd1WEQzQFvvhu0saLL5c-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e881398786913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Sun, 31 Oct 2021 17:16:30 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-RCOBwotE2uEhFcXWFG6gd1WEQzQFvvhu0saLL5c-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame C9A6
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2282844342217095484
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2282844342217095484
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e8813b8dd6913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:30 GMT
X-Proxy-Origin
91.199.118.73; 91.199.118.73; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
cbc81c4b-3290-449f-9215-8c41ba52811e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2282844342217095484
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame C9A6
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP4a00e9a7-3a6e-11ec-8798-06bcf37db48a
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP4a00e9a7-3a6e-11ec-8798-06bcf37db48a
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP4a00e9a7-3a6e-11ec-8798-06bcf37db48a
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e88133f6e6913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Sun, 31 Oct 2021 17:16:30 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP4a00e9a7-3a6e-11ec-8798-06bcf37db48a
Connection
keep-alive
Content-Length
0
1.gif
id5-sync.com/c/495/0/0/ Frame C9A6
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Server
54.36.109.22 , France, ASN16276 (OVH, FR),
Reverse DNS
p09.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 17:16:23 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Location
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date
Sun, 31 Oct 2021 17:16:23 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame C9A6
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=bc0e3a55-12a4-46f3-b0d0-474bf9a296ff
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=bc0e3a55-12a4-46f3-b0d0-474bf9a296ff
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e8813988e6913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=bc0e3a55-12a4-46f3-b0d0-474bf9a296ff
date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e88122c976913-FRA
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
1
sync-eu.connectad.io/syncer/ Frame CDA5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.connectad.io/

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
cache-control
no-cache, private
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a6e881209b34e25-FRA
setuid
sync.quantumdex.io/ Frame 8DF8
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7876132081178951649
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7876132081178951649
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e8812adde6913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:30 GMT
X-Proxy-Origin
91.199.118.73; 91.199.118.73; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
54288621-3d89-47af-8a06-d057cbf00a6b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7876132081178951649
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs.lkqd.net/ Frame 8DF8 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=758&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dlkqd-desktop%26uid%3D%24%24userId%24%24
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.142 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
setuid
sync.quantumdex.io/ Frame 8DF8
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP4a00e9a7-3a6e-11ec-8798-06bcf37db48a
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP4a00e9a7-3a6e-11ec-8798-06bcf37db48a
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP4a00e9a7-3a6e-11ec-8798-06bcf37db48a
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e881398856913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Sun, 31 Oct 2021 17:16:30 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP4a00e9a7-3a6e-11ec-8798-06bcf37db48a
Connection
keep-alive
Content-Length
0
1.gif
id5-sync.com/c/495/0/0/ Frame 8DF8
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Server
54.36.109.22 , France, ASN16276 (OVH, FR),
Reverse DNS
p09.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 17:16:23 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Location
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date
Sun, 31 Oct 2021 17:16:23 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 8DF8
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=6b94e309-f034-4c3a-9033-357417c31149
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=6b94e309-f034-4c3a-9033-357417c31149
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e8813b8e16913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=6b94e309-f034-4c3a-9033-357417c31149
date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e88123cc96913-FRA
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
setuid
sync.quantumdex.io/ Frame 8DF8
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2282844342217095484
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2282844342217095484
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e8813f9646913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:30 GMT
X-Proxy-Origin
91.199.118.73; 91.199.118.73; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
45081cf0-739b-45ae-8ef1-0282c9cd9ffe
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2282844342217095484
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 8DF8
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=1e9fe48e-7b8b-4682-a458-e583aa10c26c
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=1e9fe48e-7b8b-4682-a458-e583aa10c26c
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e88131f366913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=1e9fe48e-7b8b-4682-a458-e583aa10c26c
date
Sun, 31 Oct 2021 17:16:30 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame 8DF8
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f33dc8278e5dc37df697c81e
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f33dc8278e5dc37df697c81e
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e88133f706913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Sun, 31 Oct 2021 17:16:30 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=f33dc8278e5dc37df697c81e
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
setuid
sync.quantumdex.io/ Frame 8DF8
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7524076729
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7524076729
  • https://sync.1rx.io/usersync/tradedesk/cf29c773-4f35-4361-babe-f078b1a40e96
  • https://sync.targeting.unrulymedia.com/csync/RX-c421bd82-e47d-4518-a33e-828541fe0754-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-c421bd82-e47d-4518-a33e-828541f...
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-c421bd82-e47d-4518-a33e-828541fe0754-003
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-c421bd82-e47d-4518-a33e-828541fe0754-003
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e88160f1d6913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-c421bd82-e47d-4518-a33e-828541fe0754-003
date
Sun, 31 Oct 2021 17:16:31 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXc421bd82e47d4518a33e828541fe0754003
content-type
text/html
us
sync.go.sonobi.com/ Frame 8DF8 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:30 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame 8DF8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Z2h7C4NE2uGZoACZaN91Jt_v5zK1xAFAXk4Ad8k-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Z2h7C4NE2uGZoACZaN91Jt_v5zK1xAFAXk4Ad8k-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e8812adea6913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Sun, 31 Oct 2021 17:16:30 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Z2h7C4NE2uGZoACZaN91Jt_v5zK1xAFAXk4Ad8k-~A
Connection
keep-alive
Content-Length
0
uc.html
sync.go.sonobi.com/ Frame 2A9D 		43 B
551 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Date
Sun, 31 Oct 2021 17:16:30 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
usermatch
ssum-sec.casalemedia.com/ Frame 3249 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
543b56d6bda08078596c947ee83549aeb163015a44146611e3521ed5a9274cd4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|46|206|130|57|156|51|40
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1465
Expires
Sun, 31 Oct 2021 17:16:30 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:30 GMT
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3D26 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=44715
expires
Mon, 01 Nov 2021 05:41:45 GMT
date
Sun, 31 Oct 2021 17:16:30 GMT
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 6555 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
usermatch
ssum-sec.casalemedia.com/ Frame 630F 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a250e817735f3c884d276fd448678d9b9da75e622d4d8cd26cfeb4d0ded83945

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|46|4|130|105|196|241|152
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1386
Expires
Sun, 31 Oct 2021 17:16:30 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:30 GMT
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5E0B 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=44715
expires
Mon, 01 Nov 2021 05:41:45 GMT
date
Sun, 31 Oct 2021 17:16:30 GMT
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame AB87 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
uc.html
sync.go.sonobi.com/ Frame 9F0E 		43 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Date
Sun, 31 Oct 2021 17:16:30 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
usermatch
ssum-sec.casalemedia.com/ Frame 0320 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d507d08b7453a068eb998065bc88b8413785843fec5af9643bcbdb9c4fdb3e03

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
46|73|3|4|156|191|190|230
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1628
Expires
Sun, 31 Oct 2021 17:16:30 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:30 GMT
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C7FD 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=44715
expires
Mon, 01 Nov 2021 05:41:45 GMT
date
Sun, 31 Oct 2021 17:16:30 GMT
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame D62A 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
uc.html
sync.go.sonobi.com/ Frame B9BF 		43 B
551 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Date
Sun, 31 Oct 2021 17:16:30 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
/
onetag-sys.com/usync/ Frame A2EB 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
uc.html
sync.go.sonobi.com/ Frame 50D7 		43 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Date
Sun, 31 Oct 2021 17:16:30 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
usermatch
ssum-sec.casalemedia.com/ Frame 6E83 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
de238755e9ae7c7a3453b4093b666de0630eca0cfb451d850997373b1e1cdce8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|46|3|4|47|230|90|88
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1755
Expires
Sun, 31 Oct 2021 17:16:30 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:30 GMT
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C99C 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=44715
expires
Mon, 01 Nov 2021 05:41:45 GMT
date
Sun, 31 Oct 2021 17:16:30 GMT
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame AEF2 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d8fd520c40e5e323e360e6efdba7b051be14aa97fb1ab63ac163e0dbc9d86c59

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
46|73|130|206|3|57|196|111
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1516
Expires
Sun, 31 Oct 2021 17:16:30 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:30 GMT
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3FEB 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=44715
expires
Mon, 01 Nov 2021 05:41:45 GMT
date
Sun, 31 Oct 2021 17:16:30 GMT
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame D2AE 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
uc.html
sync.go.sonobi.com/ Frame B973 		43 B
551 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Date
Sun, 31 Oct 2021 17:16:30 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
YX7PbnPFISXP6cwQ_GTN1wAABHcAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 630F 		43 B
876 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YX7PbnPFISXP6cwQ_GTN1wAABHcAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:dc78:e42b:b41a:32a0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
getuid
secure.adnxs.com/ Frame 630F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 630F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3675597560054672788
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3675597560054672788
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 31 Oct 2021 17:16:31 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3675597560054672788
pragma
no-cache
date
Sun, 31 Oct 2021 17:16:30 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ie
match.prod.bidr.io/cookie-sync/ Frame 630F 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.229.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-229-21.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:30 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 630F
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:30 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 31 Oct 2021 17:16:30 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Sun, 31 Oct 2021 17:16:30 GMT
server
nginx/1.20.0
content-length
76
crum
dsum-sec.casalemedia.com/ Frame 630F
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 31 Oct 2021 17:16:31 GMT

Redirect headers

date
Sun, 31 Oct 2021 17:16:30 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
dcm
s.amazon-adsystem.com/ Frame 630F
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX7PbnPFISXP6cwQ_GTN1wAABHcAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX7PbnPFISXP6cwQ_GTN1wAABHcAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX7PbnPFISXP6cwQ_GTN1wAABHcAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:31 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
A422GQHEJX5CND12E8N6
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:31 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
G38R32YDNWAMG8G4SSP6
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX7PbnPFISXP6cwQ_GTN1wAABHcAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 630F
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=819e74f5-af01-4d34-a503-5cd241bf61d9
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=819e74f5-af01-4d34-a503-5cd241bf61d9
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 31 Oct 2021 17:16:31 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:31 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=819e74f5-af01-4d34-a503-5cd241bf61d9
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
setuid
sync.quantumdex.io/ Frame 630F 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YX7PbnPFISXP6cwQ_GTN1wAABHcAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e881409946913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
YX7PbnPFISXP6cwQ_GTN1wAABHcAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 3249 		43 B
875 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YX7PbnPFISXP6cwQ_GTN1wAABHcAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:dc78:e42b:b41a:32a0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
getuid
secure.adnxs.com/ Frame 3249 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
sync
ups.analytics.yahoo.com/ups/55940/ Frame 3249 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YX7PbnPFISXP6cwQ_GTN1wAABHcAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 17:16:30 GMT
Server
ATS/7.1.2.138
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ie
match.prod.bidr.io/cookie-sync/ Frame 3249 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.229.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-229-21.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:30 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3249
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433821574542215
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433821574542215
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 31 Oct 2021 17:16:31 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433821574542215
Date
Sun, 31 Oct 2021 17:16:30 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cookiesync
bttrack.com/pixel/ Frame 3249 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

X-ServerName
Track002-dc3
Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:00 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
sync
x.bidswitch.net/ Frame 3249 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.169.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-169-248.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 17:16:30 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
setuid
sync.quantumdex.io/ Frame 3249 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YX7PbnPFISXP6cwQ_GTN1wAABHcAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e881429d96913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
getuid
secure.adnxs.com/ Frame 0320 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
YX7PbnPFISXP6cwQ_GTN1wAABHcAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 0320 		43 B
875 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YX7PbnPFISXP6cwQ_GTN1wAABHcAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:dc78:e42b:b41a:32a0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame 0320
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=640c617e-cf6b-4100-af15-3fe960b07d48&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=640c617e-cf6b-4100-af15-3fe960b07d48&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:30 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 31 Oct 2021 17:16:30 GMT

Redirect headers

Date
Sun, 31 Oct 2021 17:16:30 GMT
Server
MT3 4067 88cc6bf master zrh-pixel-x31 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=640c617e-cf6b-4100-af15-3fe960b07d48&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 31 Oct 2021 17:16:29 GMT
rum
dsum-sec.casalemedia.com/ Frame 0320
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3459424777940888980
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3459424777940888980
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 31 Oct 2021 17:16:31 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3459424777940888980
pragma
no-cache
date
Sun, 31 Oct 2021 17:16:30 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cookiesync
bttrack.com/pixel/ Frame 0320 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

X-ServerName
Track003-dc3
Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:00 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
index
dmp.brand-display.com/cm/api/ Frame 0320 		0
0
getuid
ib.adnxs.com/ Frame 0320 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
usermatchredir
ssum-sec.casalemedia.com/ Frame 0320
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YX7PbnPFISXP6cwQ_GTN1wAABHcAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPXHVsCshTaa6eT42XJyrO4&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPXHVsCshTaa6eT42XJyrO4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:30 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 31 Oct 2021 17:16:30 GMT

Redirect headers

pragma
no-cache
date
Sun, 31 Oct 2021 17:16:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPXHVsCshTaa6eT42XJyrO4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
sync.quantumdex.io/ Frame 0320 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YX7PbnPFISXP6cwQ_GTN1wAABHcAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e881429e26913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
YX7PbnPFISXP6cwQ_GTN1wAABHcAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 6E83 		43 B
875 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YX7PbnPFISXP6cwQ_GTN1wAABHcAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:dc78:e42b:b41a:32a0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
getuid
secure.adnxs.com/ Frame 6E83 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 6E83
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=640c617e-cf6b-4100-af15-3fe960b07d48&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=640c617e-cf6b-4100-af15-3fe960b07d48&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 31 Oct 2021 17:16:31 GMT

Redirect headers

Date
Sun, 31 Oct 2021 17:16:30 GMT
Server
MT3 4067 88cc6bf master zrh-pixel-x25 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=640c617e-cf6b-4100-af15-3fe960b07d48&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 31 Oct 2021 17:16:29 GMT
rum
dsum-sec.casalemedia.com/ Frame 6E83
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3676441984984804756
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3676441984984804756
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 31 Oct 2021 17:16:31 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3676441984984804756
pragma
no-cache
date
Sun, 31 Oct 2021 17:16:30 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 6E83
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=eb5MUShp1MHerA5&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=eb5MUShp1MHerA5&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 31 Oct 2021 17:16:31 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:30 GMT
Server
PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-00eeed23208b59ecc@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=eb5MUShp1MHerA5&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 6E83
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YX7PbnPFISXP6cwQ_GTN1wAABHcAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPXHVsCshTaa6eT42XJyrO4&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPXHVsCshTaa6eT42XJyrO4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:30 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 31 Oct 2021 17:16:30 GMT

Redirect headers

pragma
no-cache
date
Sun, 31 Oct 2021 17:16:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEPXHVsCshTaa6eT42XJyrO4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
no_match_opted_out
um.simpli.fi/ Frame 6E83
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 31 Oct 2021 17:16:30 GMT
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Sun, 31 Oct 2021 17:16:30 GMT
x-content-type-options
nosniff
server
openresty
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 30 Oct 2021 17:16:30 GMT
rum
dsum-sec.casalemedia.com/ Frame 6E83
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YX7PbwABEEdbxQBR
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YX7PbwABEEdbxQBR&gdpr=1&_test=YX7PbwABEEdbxQBR
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YX7PbwABEEdbxQBR&gdpr=1&_test=YX7PbwABEEdbxQBR
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 31 Oct 2021 17:16:31 GMT

Redirect headers

pragma
no-cache
date
Sun, 31 Oct 2021 17:16:31 GMT
via
1.1 varnish
server
Varnish
x-timer
S1635700591.144976,VS0,VE0
x-served-by
cache-fra19129-FRA
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YX7PbwABEEdbxQBR&gdpr=1&_test=YX7PbwABEEdbxQBR
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
setuid
sync.quantumdex.io/ Frame 6E83 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YX7PbnPFISXP6cwQ_GTN1wAABHcAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e88150c7d6913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
getuid
secure.adnxs.com/ Frame AEF2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
YX7PbnPFISXP6cwQ_GTN1wAABHcAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame AEF2 		43 B
875 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YX7PbnPFISXP6cwQ_GTN1wAABHcAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:dc78:e42b:b41a:32a0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
ie
match.prod.bidr.io/cookie-sync/ Frame AEF2 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.229.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-229-21.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:30 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame AEF2 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YX7PbnPFISXP6cwQ_GTN1wAABHcAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 17:16:30 GMT
Server
ATS/7.1.2.138
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame AEF2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=640c617e-cf6b-4100-af15-3fe960b07d48&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=640c617e-cf6b-4100-af15-3fe960b07d48&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 31 Oct 2021 17:16:31 GMT

Redirect headers

Date
Sun, 31 Oct 2021 17:16:30 GMT
Server
MT3 4067 88cc6bf master zrh-pixel-x15 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=640c617e-cf6b-4100-af15-3fe960b07d48&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 31 Oct 2021 17:16:29 GMT
crum
dsum-sec.casalemedia.com/ Frame AEF2
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433821574542215
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433821574542215
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 31 Oct 2021 17:16:31 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433821574542215
Date
Sun, 31 Oct 2021 17:16:30 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame AEF2
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 31 Oct 2021 17:16:31 GMT

Redirect headers

date
Sun, 31 Oct 2021 17:16:30 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
match
c1.adform.net/serving/cookie/ Frame AEF2 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 17:16:30 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
setuid
sync.quantumdex.io/ Frame AEF2 		43 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YX7PbnPFISXP6cwQ_GTN1wAABHcAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a6e88151c966913-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cs&eq_cc=1
um2.eqads.com/um/ Frame 1F31
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.10.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-10-151.compute-1.amazonaws.com
Software
/
Resource Hash
d1989f177fbcc173e6e522dc9ff05ae589e0286b7de58cca0b59145cbcea6079

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/

Response headers

date
Sun, 31 Oct 2021 17:16:31 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Sun, 31 Oct 2021 17:16:31 GMT
pragma
no-cache

Redirect headers

date
Sun, 31 Oct 2021 17:16:31 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
PugMaster
image6.pubmatic.com/AdServer/ Frame 3D26 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=92028699&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 17:16:30 GMT
content-length
0
async_usersync
ib.adnxs.com/ Frame 41FB 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:31 GMT
X-Proxy-Origin
91.199.118.73; 91.199.118.73; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c8b09c02-4c01-498b-95d7-2d2d6787e0b9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 3D50 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:31 GMT
X-Proxy-Origin
91.199.118.73; 91.199.118.73; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
68e0b6d2-27e4-4755-b7bc-16376b521dde
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 1D86 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:31 GMT
X-Proxy-Origin
91.199.118.73; 91.199.118.73; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
44bbfc4d-6d3b-4cf6-92ec-850c0a146714
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6E0A 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:31 GMT
X-Proxy-Origin
91.199.118.73; 91.199.118.73; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
8e4a838d-899a-4efd-a99c-2768b5382e44
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 9FFB 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:31 GMT
X-Proxy-Origin
91.199.118.73; 91.199.118.73; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
61318309-6f77-43e3-a6b8-8f7dcac6e657
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 1F31 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=48f1b102-af27-4a5d-9d2f-36fed7db11a3&expiration=1643649391
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 31 Oct 2021 17:16:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 31 Oct 2021 17:16:31 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
links.services.disqus.com
URL
https://links.services.disqus.com/api/ping
Domain
dmp.brand-display.com
URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1

Verdicts & Comments Add Verdict or Comment

194 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| tieSkin object| html string| htmlSkin undefined| tieSkinInverted object| google_tag_manager object| dataLayer string| em_version boolean| em_track_user string| em_no_track_reason string| disableStr function| __gtagTrackerIsOptedOut function| __gtagTrackerOptout function| gaOptout function| __gtagTracker object| google_tag_data string| GoogleAnalyticsObject function| ga function| gtag function| __gaTracker object| _wpemojiSettings object| AdSlotCollection object| WebComponents function| __CE_installPolyfill object| ShadyCSS object| regeneratorRuntime object| exactmetrics_frontend function| ExactMetrics object| ExactMetricsObject object| gaplugins object| gaGlobal object| gaData undefined| $ function| jQuery object| FullworksAntiSpamFELO object| header boolean| mnIsDark boolean| tnIsDark boolean| __isGoogleAllowed object| googletag object| pbjs325474 object| ldAdInit object| countVars string| disqus_shortname object| embedVars string| disqus_url string| disqus_identifier string| disqus_container_id string| disqus_title undefined| disqus_config_custom function| disqus_config object| _peq object| jetpackLazyImagesL10n object| tie function| tieFlexMenu function| tieLazyLoad function| tieTabs function| tie_animate_element function| tie_animate_reviews object| $doc object| $window object| $html object| $body object| $themeHeader object| $mainNav object| $container boolean| is_RTL number| intialWidth boolean| isDuringAjax boolean| scrollBarWidth boolean| mobileMenu object| emergence object| browserPrefixes boolean| is_boxed_layout boolean| megaMenuAjax object| Modernizr function| TieSticky object| $the_post object| $postContent object| addComment object| wp object| _stq function| loadCSS string| c object| twemoji object| jeengConfig object| __core-js_shared__ function| setImmediate function| clearImmediate object| core function| __extends function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __values function| __read function| __spread function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault object| jeeng function| st_go function| linktracker_init object| wpcom object| _ldStickyConfig object| _ldAdIdMap object| php_js number| distance number| time object| animationAction function| pbjs325474Chunk object| _pbjsGlobals object| ADAGIO object| Criteo object| ggeac object| google_js_reporting_queue object| DISQUSWIDGETS undefined| disqus_domain boolean| _ldStickyRendered object| _peSd object| _peD object| _peE object| _pe object| DISQUS function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| pe object| sas object| apntag object| _ADAGIO object| criteo_pubtag object| criteo_pubtag_prebid_113 object| Criteo_prebid_113 boolean| __v5k function| vl_cB function| vl_disable function| vglnk_16357005882726 object| vglnk object| Adform boolean| __adform_onload function| vglnk_16357005887747

93 Cookies

Domain/Path Name / Value
thetruedefender.com/ Name: PHPSESSID
Value: 9003280608a7839f081a0b120bb87dc7
.thetruedefender.com/ Name: _ga
Value: GA1.2.1373192930.1635700586
.thetruedefender.com/ Name: _gid
Value: GA1.2.2038097024.1635700586
.scribd.com/ Name: scribd_ubtc
Value: u%3D396dd6dd-e78d-4662-b208-3b942f109f2b%26h%3DCOAbLI1Hz4WTtf6LCDqnAkx%2BD23PNgRm4ziHfCePihc%3D
.thetruedefender.com/ Name: _gat_gtag_UA_186892928_1
Value: 1
thetruedefender.com/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
thetruedefender.com/ Name: PushSubscriberStatus
Value: CLOSED
thetruedefender.com/ Name: peclosed
Value: true
.smartadserver.com/ Name: pbw
Value: %24b%3d16950%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 402008=4645036
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: sasd
Value: %24qc%3D1313506140%3B%24ql%3DUnknown%3B%24qpc%3D76726%3B%24qt%3D25_1767_24818t%3B%24dma%3D0
.quantumdex.io/ Name: uid
Value: 5334c33a-82d9-4fb8-9aa5-1e1021115fec
.a-mo.net/ Name: amuid2
Value: 4ea057aa-ce5c-41be-869e-49846f813135
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1313506140%3B%24ql%3DUnknown%3B%24qpc%3D76726%3B%24qt%3D25_1767_24818t%3B%24dma%3D0&c=1&l=926403020&lo=960306011&lt=637713009869517590&o=1
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
.betweendigital.com/ Name: tuuid
Value: 4d6f224f-4400-5330-9268-7736f316b85d
.smartadserver.com/ Name: pid
Value: 4317186085487062099
.smartadserver.com/ Name: pdomid
Value: 1
prebid.a-mo.net/ Name: __amc
Value: 2_1635700586_1635700587
js.ad-score.com/ Name: token
Value: XeseHRXiKARyR-85t7-XwMCKveZlkQNP
.bidswitch.net/ Name: tuuid
Value: b2f4a99e-30f3-4bee-9f25-941ddf052f7f
.bidswitch.net/ Name: c
Value: 1635700587
.bidswitch.net/ Name: tuuid_lu
Value: 1635700587
.lijit.com/ Name: ljt_reader
Value: f33dc8278e5dc37df697c81e
.adsniper.ru/ Name: uuid3
Value: IiQ0ODUxNDgxZS0zYTZlLTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.adhigh.net/ Name: gi_u
Value: u6CIhlQkKavG.AikABlF811o8Iw
thetruedefender.com/ Name: pmtimesig
Value: [[1635700587624,0]]
xn--r1a.website/ Name: stel_ssid
Value: aa8c23972158747ce4_17065158402909774172
.tns-counter.ru/ Name: guid
Value: 92876A0E617ECF6BX1635700587
pool.admedo.com/ Name: tuuid
Value: 0c50b2c8-bfb8-4394-b4a6-ef0c8cce0388
pool.admedo.com/ Name: c
Value: 1635700587
pool.admedo.com/ Name: tuuid_lu
Value: 1635700588
.adhigh.net/ Name: btw_sync
Value: ItC
data.ad-score.com/ Name: token
Value: zdVGDRFsjdooy-95c0-ylrbphWOoShhH
.bumlam.com/ Name: suuid3
Value: IiQ0ODUxNDgxZS0zYTZlLTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.smartadserver.com/ Name: Trk0
Value: Value=1366485&Creation=31%2f10%2f2021+18%3a16%3a28
.adform.net/ Name: C
Value: 1
.mathtag.com/ Name: uuid
Value: 640c617e-cf6b-4100-af15-3fe960b07d48
.adform.net/ Name: uid
Value: 3594040813065671702
.adform.net/ Name: TPC
Value: 1635700588470
.criteo.com/ Name: uid
Value: cd64994e-0804-4618-a428-f7763e70ce10
.aidata.io/ Name: __upin
Value: mmr8rjtJ/LlFSt6UTtpQ4Q
.aidata.io/ Name: __upints
Value: 1635700588
.thetruedefender.com/ Name: cto_bundle
Value: CSfxAF9OUWN4RzdGZiUyQmNOZVBVVEM2NDhYM2RvR3o0SFAwSFI4MVRHYSUyQlNrcXVxMXZjQTZWWFNrOG1ZNzlqemZhRUlUMGxIR1dCejNLTXBXM3k4RzRBSVFldm40MDhybzBnbmpkUWRzcUI4eGFScENwcklUQkFVNGpJMkVTS3daVkZrMDd1cEI4eG1lJTJCMjk0NHZzWDFFOU5jdCUyRmklMkJscWZhJTJGanhVekF3U1lCbG9WJTJCQSUzRA
.doubleclick.net/ Name: IDE
Value: AHWqTUkrTV2_EM0tvJltREZxjstJoHUKwbZeEuEIokQbg6BKke9tApecm5BDC3miPFg
.betweendigital.com/ Name: ut
Value: YX7PbQADZxgLsmHLi1V-ohVswNmXn-7iUkyVIg==
.yandex.ru/ Name: yuidss
Value: 1644552911635700589
.yandex.ru/ Name: yandexuid
Value: 1644552911635700589
.adx.opera.com/ Name: UID
Value: fec8d82a0bc6457db143c61f4190e43f
.casalemedia.com/ Name: CMID
Value: YX7PbnPFISXP6cwQ-GTN1wAA
.casalemedia.com/ Name: CMPS
Value: 5224
.dyntrk.com/ Name: dyn_u
Value: 03030001_617ecf6e35a5c
.casalemedia.com/ Name: CMPRO
Value: 1143
thetruedefender.com/ Name: cto_bundle
Value: hg1zWF9kUzVOVyUyRmxMJTJCVkYlMkZBdk8zUHB2bFFWbzhmSGdURVFCenNyQmUxbFlYYVI4a1ZneUg3TzhpbU1KaldGNkpBdWRPYzRtRUIzWXdRcWZlUUJPR2tKWXhCVHk5bUdzSG5aek8lMkJOckg2SmNXVjdiNXRsamtrbXJxZlM5V2o4WW93b3pkJTJCalM3Z2FFU29PcXduY2RTTTFqdVk0OGlvWDA0NnNMd0klMkJPdXdVWFF2RlklM0Q
thetruedefender.com/ Name: cto_bidid
Value: D45zlF9XR0I1JTJGcGZYeEV5cGUzQSUyQkZ6MTVkNGh5bkM4dlczb1dRT0Y3VEJYbVBLdzNPOHI2T1Z3UUFad2t6SkElMkZkcXpEdlYzN29jVk1sUHl0bGltNDMlMkZqeGVaaWlPM0RocUpLM2xPa2dwWHpCOE1EVFcxJTJCOExDZjFLVXRWcFlFVzBpc3g
.bidr.io/ Name: bito
Value: AAD8O07C_Z8AABb-5bJB7g
.bidr.io/ Name: bitoIsSecure
Value: ok
.advertising.com/ Name: APID
Value: UP4a00e9a7-3a6e-11ec-8798-06bcf37db48a
.smartadserver.com/ Name: csync
Value: 127:AAD8O07C_Z8AABb-5bJB7g
.yahoo.com/ Name: A3
Value: d=AQABBG7PfmECEEDr8TXlxp0CkxW4YC-DZfQFEgEBAQEggGGIYQAAAAAA_eMAAA&S=AQAAAmpc7ywYcBITgY5utFigIdE
.sharethrough.com/ Name: stx_user_id
Value: e37c2af4-a9ba-4a35-856d-3d29520dec47
.analytics.yahoo.com/ Name: IDSYNC
Value: "192w~219t:192x~219t"
.yahoo.com/ Name: APID
Value: UP4a00e9a7-3a6e-11ec-8798-06bcf37db48a
.yahoo.com/ Name: APIDTS
Value: 1635700590
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: id5
Value: 38c117c5-b07b-46d0-b863-f0d1369ee5e0#1635700583306#1
.adsrvr.org/ Name: TDID
Value: cf29c773-4f35-4361-babe-f078b1a40e96
ms.quantumdex.io/ Name: qdsp_uid
Value: 6b94e309-f034-4c3a-9033-357417c31149
.id5-sync.com/ Name: callback
Value:
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwi4triWnaeOOhAFOAE.
.adnxs.com/ Name: uuid2
Value: 2282844342217095484
.ads.pubmatic.com/ Name: KCCH
Value: YES
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0MDcxNrYwMjQ1NzE1MQLSQnyGugZRZfEeSWbpJtlJJlK8hmbGpuYGBqaWBhZmlgDg3F9ONAAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0MDcxNrYwMjQ1NzE1MQLSQnyGugZRZfEeSWbpJtlJJgCZ39g-JQAAAA
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-c421bd82-e47d-4518-a33e-828541fe0754-003%22%7D
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAPvFyGtoZmxqbmBgamlgaWAAADTwTTYQAAAA
.turn.com/ Name: uid
Value: 3676441984984804756
.simpli.fi/ Name: suid
Value: D99EFB5B3869475DAB67DD4224E4786B
.w55c.net/ Name: wfivefivec
Value: eb5MUShp1MHerA5
.w55c.net/ Name: matchcasale
Value: 5
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-c421bd82-e47d-4518-a33e-828541fe0754-003%22%7D
.casalemedia.com/ Name: CMST
Value: YX7PbmF+z28A
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YX7PbwABEEdbxQBR
.eqads.com/ Name: EQUser
Value: UID=48f1b102-af27-4a5d-9d2f-36fed7db11a3
.casalemedia.com/ Name: CMRUM3
Value: b0617ecf6e05a00&27617ecf6e0b40&03617ecf6e2760640c617e-cf6b-4100-af15-3fe960b07d48&82617ecf6ea8c0&29617ecf6e05a0&28617ecf6f276048f1b102-af27-4a5d-9d2f-36fed7db11a3&2d617ecf6e05a0&c4617ecf6e05a0&ce617ecf6e05a0&39617ecf6e05a0&2e617ecf6e05a0&e6617ecf6e2760&bf617ecf6e05a0&58617ecf6e05a0&98617ecf6f2760819e74f5-af01-4d34-a503-5cd241bf61d9&2f617ecf6f2760eb5MUShp1MHerA5&f1617ecf6e05a0&49617ecf6e05a0&6f617ecf6e05a0

11 Console Messages

Source Level URL
Text
network error URL: https://de.scribd.com/javascripts/embed_code/inject.js
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Message:
Access to XMLHttpRequest at 'https://links.services.disqus.com/api/ping' from origin 'https://thetruedefender.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://links.services.disqus.com/api/ping
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript warning URL: https://thetruedefender.com/breaking-news-mesa-country-colorado-2020-election-reviewed-they-found-thousands-of-ballots-contaminated-2020-election-must-be-decertified/
Message:
The resource https://i2.wp.com/thetruedefender.com/wp-content/uploads/2021/10/Capture-350.png?resize=377%2C219&ssl=1 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.disquscdn.com
acdn.adnxs.com
ad.turn.com
ads.betweendigital.com
ads.pubmatic.com
an.yandex.ru
ap.lijit.com
apps.sascdn.com
bidder.criteo.com
browser.sentry-cdn.com
bttrack.com
c.disquscdn.com
c0.wp.com
c1.adform.net
cache.betweendigital.com
cdn.connectad.io
cdn.jsdelivr.net
cdn.viglink.com
cdn1.lockerdomecdn.com
cdn2.lockerdomecdn.com
cdn4.telesco.pe
ced-ns.sascdn.com
clientcdn.pushengage.com
cm.g.doubleclick.net
cmp.optad360.io
connect.facebook.net
cookie-matching.mediarithmics.com
cs.lkqd.net
d.adroll.com
data.ad-score.com
de.scribd.com
disqus.com
dmp.brand-display.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
get.optad360.io
gu.dyntrk.com
gum.criteo.com
html.scribdassets.com
i.cdnkimg.com
i.connectad.io
i1.wp.com
i2.wp.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
itx4.smartadserver.com
js.ad-score.com
lbs-us-east1.ads.betweendigital.com
links.services.disqus.com
lockerdome.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
ms.quantumdex.io
mug.criteo.com
onetag-sys.com
p.rfihub.com
pixel.advertising.com
pixel.wp.com
pixel.yabidos.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
pre.glotgrx.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prg.smartadserver.com
px.adhigh.net
referrer.disqus.com
rtb-csync.smartadserver.com
rtb.adpone.com
rtb.gumgum.com
s-f.scribdassets.com
s.amazon-adsystem.com
s1.adform.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.gravatar.com
securepubads.g.doubleclick.net
ssp.wp.pl
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
stats.wp.com
std.wpcdn.pl
sync-eu.connectad.io
sync-tm.everesttech.net
sync.1rx.io
sync.bumlam.com
sync.extend.tv
sync.go.sonobi.com
sync.mathtag.com
sync.quantumdex.io
sync.targeting.unrulymedia.com
sync3.adsniper.ru
sync3.sniperlog.ru
t.adx.opera.com
thetruedefender-com.disqus.com
thetruedefender.com
tlgr.org
token.rubiconproject.com
track.adform.net
um.simpli.fi
um2.eqads.com
ups.analytics.yahoo.com
useast.quantumdex.io
users.api.jeeng.com
visitor.omnitagjs.com
wa.scribd.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.scribd.com
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
xn--r1a.website
dmp.brand-display.com
links.services.disqus.com
104.154.142.214
104.16.201.58
130.211.115.4
142.250.185.226
146.20.128.142
147.75.61.140
149.154.164.25
151.101.2.152
151.101.2.49
151.101.64.134
151.236.71.19
169.50.137.190
172.217.18.98
178.162.133.149
178.250.2.131
178.250.2.146
18.213.10.151
18.66.139.91
185.184.8.65
185.255.84.153
185.29.132.241
185.33.220.242
185.33.220.244
185.86.138.144
185.86.139.58
185.86.139.59
192.0.76.3
192.0.77.2
192.0.77.37
192.132.33.46
193.0.160.128
194.190.76.38
198.47.127.19
199.232.196.134
199.232.198.49
2.18.232.130
2.18.233.180
2.18.234.21
2.19.35.65
2001:678:cb4:bbbb::11
2001:6d0:4001::226
212.77.98.32
212.77.99.29
213.174.135.36
213.19.147.45
23.79.143.124
2600:9000:223c:4e00:b:6268:b880:93a1
2600:9000:223c:7800:6:b871:4f00:93a1
2600:9000:2240:2600:6:8656:f5c0:93a1
2600:9000:2250:ce00:a:deb0:3380:93a1
2600:9000:225e:7400:11:a4de:2580:93a1
2600:9000:225e:b600:a:cbb7:a940:93a1
2606:4700:10::6816:37ce
2606:4700:10::6816:39ae
2606:4700:10::ac43:2ac6
2606:4700:20::681a:842
2606:4700:20::681a:8a9
2606:4700:20::ac43:49e4
2606:4700::6810:4036
2606:4700::6810:5814
2606:4700::6810:a40d
2a00:1450:4001:812::2008
2a00:1450:4001:827::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:831::200a
2a00:1450:400c:c09::9c
2a02:2638:1::3
2a02:2638::1c
2a02:26f0:6c00::210:ba0b
2a02:26f0:6c00::210:ba29
2a02:6b8::90
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f130:83:face:b00c:0:25de
2a04:4e42::729
2a04:fa87:fffe::c000:4902
2a05:d018:d29:3605:dc78:e42b:b41a:32a0
3.120.169.248
3.125.99.7
3.126.56.137
31.172.81.158
31.172.81.160
31.172.81.172
34.237.93.25
34.254.122.11
35.210.53.219
35.71.131.137
37.157.4.25
37.157.6.234
37.157.6.251
51.178.20.140
51.38.120.206
51.68.57.71
52.16.229.21
52.19.99.3
52.46.133.124
54.36.109.22
54.93.151.69
54.93.162.63
69.173.144.138
72.251.249.14
82.145.213.8
89.108.120.68
95.216.186.40
96.46.186.57
0111ef8fb7bab66f02ebb76acf1c20ebff86c7eddef1834b50529d3396410c26
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
077402b5b4b792f52e20eeef8feb0da5d6620b55867f232098431d67e6323d6b
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
09255fc220032ea7ecb474d0b0b6daffccade6134caae15332892691465788f8
0a1fc524469c189ab3ef5bb0fd741d4ca4b9397535b88666e87b412fb78cb4f1
0b721ba64a02eb660eb62d1b6d7558ec8d86490c0e4444262b38ac5a54004e88
0c72367fb62461ccb6894d279505a5bf0016c186b025148d8f5035b3b1e5d2a8
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad
0f661b180cb5ec06a2458d8be5c013a37abe06a0d446945709010132ca813d15
112c2415c92b2848b6a960a0c13fe10ae2380423b49a258b14a11be9ff9d40a1
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
153efa2423e6a62d1546026da53158d5fd77d1ae25d8d258b8b2dc131296d017
15deefc3d77630e6de98c0d791608e8794e25ab2b524c9904ff0d4dd399f63e0
15f0f05adf60294a3eb044c7fcd6321b8b56b6613364e2d006ef8fdc03e22869
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9
1b9d5a62513a369a10224f1dc73a463dc165eb58bd798dbb4cb4810ca2b5c79f
1c76aa98178168a1d4b90773f659cfd410764fe8f218a37c74a6fbc4e64f15ec
1e5a7b00e433692575acc609801b152c00a19cdda2b3465288c4b0a2666d5916
201531608a77917e84bf96bc44aec6def53c7ef5afa4aee18a9cafdf266e73b9
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
2349ed37ef59d58fb45f4e4997bf39b1ddfebc076de09c92625548bd525c9ed3
23b800e029b29e46cec33c547cda6c13c22b8db4e46af74cbb929fdf68605764
2414cfaa22a8bfa4294324bc0e1e9e9fb193a6f310149502eebf0151c81d1c5c
2581d556ceadd8cdd3eb15509ff94501871552563a71381393fc7b59611cbc1e
2592b4e46e8af0af3a6d226a426ab1eeff99edd04bc7d064317f0c01717df7fb
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2884141abdb3f4d44e370687203e652ce033eb89ef2bdd1a4f4a2ada10ffcb87
2892a779cee25c3a681f6c8d4c779f0e8632741aec6485a87da48000d84b96c5
29998f7198a07a57187a4b8b860ee22cda8b775c3e81b79ea964ed200fe307a0
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b78b31a729a68c37ae8a5d895f9ab84fc75af20064738dca3f72f75a0737b29
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
2ec34e53b0a6ab6f03198469fe0b957729d764a3e8136e84c376bf98fad28203
300c2a57d0ed169063b3daaff0550227cf8be6e702a58ab79f40a351df655243
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
3531ba4312b55e897b3a54387787ea321c76f2a0627a505f1a14798ec6acd966
360cb757953c12a86e5cab86a14bc19f343fae4b09fa758b1a0535dca3c5f26f
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38734127be941ba31d63acb2b27a45a4cf75e614b12e91b1402114353597449a
38d40d88f49d568e2d16c0de60d40e8b382950b3471752f9d0fb1c4c430ee326
38e88c18b2417af068082949fed9fe1b2933be00bb111b626868e51cffa567a4
3957a54799bf6ef657934607e52d99c1f0355063a1e3ceceeb56729135192e75
3a97df53baadc7f20a3ccd6bb9c6b5fab12ce7efaab6ca0987be6c62489b2dc2
3ac2099f44eb019707c946e2f80999b03498e38e9b25c73531ed708d3b12a227
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c0b0127a2f389842240f949e12df8c30bc6c672a688e769689e52d26546a7d6
3d1480c2cec9d0db461f8d47c04578870d8dfb499156f44df17d5ece6a9bb771
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e994c6b869ce31ac6a8997cfcdaca22ac6c47f137ec735b2ac413e466b7ca0c
3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1
3ebe3ff6e3d8d47304ff7bbcb28cc0579ca64c2cd7989015db2fbdb08ec8dd92
3ebeacc7e432084b5124e56d124b562b06368b78c039ebfdb36635b4399d6746
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4173a569c934a99a52feb01c07751fa1aaf8a270ee5ad3ac2c5dd756ec94210a
42c46bb93dd1418df72a15a8c931c3f186c9509013375d549c1907607922fba8
43a1d8634c554733a119de3c9f39e0dc78c378e4660e4c587c17c85650439ca9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0
459d818b11ea6cdf2fe2d5bc5dbbd92f685295bb2a17de42959fd0f7ce3e4b0e
46385562d9721aabc08ec929d9db7be598eab6db24819b974d375b77e7d5e6f6
479d2d253d0a752d6e3f42cf1e5e4754a591e1ba34e2d222490dc699c8117315
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c927b8902d4876649f77212df673acdbd79d8b81f0d8ce0c922d661eafa64e
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4aedd618e5afdcceeaeb82c1d6926175a4bb43dd363e9c64eacfca2ae80c9b60
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4d5d18946a1db5fd28a256f3a251ce56149ee883f6be8b87b0ad81b9c8ed2181
4d958aa0fe56b2c9ef407522721c72a3f0ac4f0ae063a2e2d05c134b7a79fa85
4d99f2c1e6fde96e2c2308b915e4da16aee198a8d8f86b9350676830544b66fa
4dba1e011745c1bec0b32691b466bf85c8972935bdb186a45fc96296136b23d8
4e1e3534cd3dc977db196bf47b9c20924218aa39a5db8181261b4429f40b56bb
4e2ff4dda6510591e0123ec9153d0dd7f35a566566df7095694625e6c654e527
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
51e78e904c795ed5b0154a9995d1ab0b7e3667f5aede719bda86ba38236c5989
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
543b56d6bda08078596c947ee83549aeb163015a44146611e3521ed5a9274cd4
545b608766998096c6ae7b0954d6b7a13a1df1d95d9542bd07a2a01896c9f2fb
545f7284439440fac6a2ce4a53a16cf7e9c7f9f6dc7a6f09877bd2af7c85e3b1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
553b5cd1a2a3f3768c835a1228c4c5680df0ba1d9fcf0981c5de2e37b56a78dd
58e72f07fdab7cafa4c5a22801bf0151fc7f8f6023e7ce8846cce5a4f66407cd
5909df2b4cb3a39678fe479dd86dcbbd1db58d721625d5ae67442a832333bfd1
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5f259fd86ae2dbac357300c2597ae887054c779ec74f17775009131d133bf916
5f48401d810df54d8c06bd7a85a69b65e5403bab8dcb8d7e919f3d31247e5460
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60631ed8f1dfa6713ff9e30fec41786aadc477c0cac5a75dca66b5a49f76b901
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
62ebdd655eb7d82324ded1127e184b1f4a65132a2b4f5ba0e113d3b65cc47b61
64ad4ae3bb1addf515c321513b1ff54860984fbd21268fe480f09e339db35718
6537bddcfb2e50c47ec4d41857f7bd23f557e53b8787e607bc839eb8e5d76620
6583cc62c29e5bab8a683b7ca1c7d52c9db246bb9b29bbd9f9c3e2dfcf9eddfd
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
679f76b44a08ca36fcd217d02b6b4b9246c7b664fdfaa1a6d0dfb4eab4dd409f
6990ea232bb26e9f419f1c364efc4d46ab62288a58f57aff6f289f4a98459240
6a22fea0d1ce530da5d5278227de19dba8563a6416f093e1b177f08d805639c2
6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b108ca56423e79d6695014ec2c072a4604cb8b5d2bf81fbcd50adab2e28de1a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c84b15475645a583ebcacf9dce3e2ac8ada4feacf3640b2ba60c9139dc9e382
6c93fa5f72512e106a5d3ebb02267e78c35f46e2def56ba782b68035832bce69
6d7bf2b801bc5f1a75cd37efc373b3d8d7de99ecd963112e306b4bf4e9005ef2
6db623175e53f8a8fbe0dd0b9ef38213bfffab51835c940b2ff705514b3bee9c
6fa4798ccff41e087787bf30167254d75eac0019aab0cf06ed2023ce45ff3f72
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453
725bbf672ea72d26044d1cfc6913fade311e7a1b46d15839b34d551398251856
7462bdf789a89db34e26ce9deeb27e2d532113145d71bb560aad30c67dceaf88
7498c2496b7965559570f5931927218ce4229ecbc8b5042f7b1dbb8219c431a7
79c1f9f5001ed4be018b8adf92faa9e5d5e7021ce8371211aae6f87b5f77bb48
79e34e8ea066913d88be93b8462be752ccd77e639161c8262d64cdafd886b093
7a58c121b6a25c9108b8f9a6528ca08b80480c5f411c51a1b184987c77dc72a6
7af53d7077c16f6ad9efd63a975749c4835ce6e495c337fa4176f15ed385f80b
7b91a70926e4e5af3aebfe41b5a607abe3b127e6bcc61f83b843f2100959d5fe
7cab66a8b18e995ab4f2a12c8805b4874123a1f838fe32f0749c403883e999f5
7dcbd9ddb813cf06084d60b6158da5289b9e33ba3f9e7c463fd20e7ec8462014
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
80b5f56879cce5196b2c10bf238bd7e83df53c26ecf581637249d0ff8c28d770
80e633f45105746a0d83f8adeed7d3d65f6fb9bbff8f87df5413eb260d169297
81e6a229e6d54d5353a5b2f4e61603327e2c6492d75bbb7f1d31e6add1a4ae5d
82649ad7d4ec9c61f1e525b2dade75153ffb03610b88d22e1ba3ba98fd55de81
82e4606ac62675946dbd0cfe4aa7a30e5a56d3c3688514189bcd7d4871222310
82ff4455c684dc06d7c2a3531129f7900085f0260c188d67215dc7b9b9d61b5d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
856a60a1ff6e8bfd22a22e794ff065cef2cd11832014b480b3493f92bbe767cf
88264adf3d3193fb56c229f0b92e2a6096770eb76996d1fedc95f5bcb208ccda
896c744a565081042d2ba4e8675474625c8080e878834974c64cedd917f07630
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b918677b3b3691728ff1f45edafcd4c0ee5653fd2812f79f27a253913837ac2
8cd5cd3d1ea346788918230fbf2f5bf676338538cb9ba53eaf034c64f1c7d3bc
90a3d019cc1e15013ed9beddba8b60cdc235d3ff7a14003843e6dfe033cd44ae
929c52d2638faf880134aa864029253d4d804e8a236ece998375f05e9a2f8bfa
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
97d5aa458ae622677dbd0e091aca9796aba8b99ce226aa081b8f518390e23c3e
98c89a5b22452f0eaebb193320aeecd474794274181c61504e3b75de313c7558
995336a0cc4fea8844aa379cc2df08a6c4b0604f0e3e72d9296f4edcae4259b0
9a211890e04f6342daafeab7c7d11cd15419e8a4830f530176b28d872e6a1d9a
9a30ff072ee5be826e1be90c423ff992e732f9b9d729afc39c3e12fe0b3f6783
9e3bec5a0e6159e2dc22dc4fae2d61909f0e95a7f12b9a1e36b1a72418136de8
9e82ea633f25bdd3a5f4d9a076d0f03f5d6fb67419a14178a0222f8b6b642424
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
a008ad674f22dc48af9ca67bf7c4d2496a5d87a2cf71757317e9b98905c3609d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a250e817735f3c884d276fd448678d9b9da75e622d4d8cd26cfeb4d0ded83945
a4908fae9cef98248dce6da83884d04c7a2976a803b362c06d34c41494a92b81
a7145e35459692778d48ee4720e0897425811356b8e60ecdf87decaa8db0fdd6
a81e65bd964a3fd5f86f19e08985b0e4e89ea350d0d0bc54b50e4a6fc90ac12e
a930f01f1e0a5624038faac6bf24dea94ccb9eeab93434aa1b63a0ec3d170909
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aae68d7418f7820c7267d6dc0ec4f3f0935d15e965d5dfd0730ee15265cb932e
ab8834afc3e65fb847fc9bbce9668c938579cf0fd2fd7d3134127e2e7d554601
ae5df397c5c0dac0b9a5156343d18306f38b277664010be4121bd082f795131c
af2e8356515db2140823997c9fe0f10ed5e06d4b47beac80ec9727488e2a3b63
af835718d2bbc006f11104cbd1258b00c59804cbcfda40488707a58c672b2e94
b03a87f179ef9c572383188c376c2aba16eef1c429f91cffb5e670f77b55a995
b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b19b9e1c13db650045da6731522c1b57b4ea0aef5544c5d4e1bb4704ba120385
b27e0fd58dabc8c58c7944cfda0a7fcdefcab27547fbe4d939b27d93af483ca2
b310f6ca0d12500d3d264aa9cc241256f55d65dbdb782485b5bd542d8ff97a8f
b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6
b4e54900492e7fa37b1da9dfb701b52ce20eb8709219e48f9db66b9fd547c429
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b5c639313a20041c6986df07dae08542d6e26be05464cadce13a51141b8a8886
b6456a16f349bc1ea5a1fb056211f3cd00e15e1a0b243190ff45df4b4144de01
b8df22dc9f2226ba734d2dd89f5cf037988e844a193023c288e606016d15eeb7
b9cd3d28d3be36021550a51ce1d85ce63cf1385383b48481981da767d6a6ba8d
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b
bae3305d5151d595126e6dc587caf9a0b5d9b118789e5466674d44ead9799a9c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf28014f1ab4de1fa3aed507de5b74699a6f56edf69dcdff20e40fb834086836
bf3b52f874aebd7cfc4c49cc840977ec1fa179df6026c7cbb23794a3ccbde172
bf7cf40cac4303c84fe1f2023fd8905b9b6e91fc6d37d1b50d12acd3e418ad5d
c0b855fed3e7cafbb0871bca42a9e4f802530cf772f84a76e09715274731aeff
c13f4343057b1604680dbed0d79ec51562e07af6bc7ab2c4945acaed38806baf
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c3120be07fb8b5daa12790c9f7dc4f1ebf5d5edbaedbab6bd93ad4a95983e1e1
c31acb5a1bfd3279d02d72ee15f789cf17d5a3b7aedbccfd69c7fd0c9231249f
c3d8f1101a790ab1233144c17ffcd9e31d648cd90a92cd96fafe64522b1916e0
c49d7715f024a12aa4586d931b6bdf086d68555281295024422693dae428b86e
c4b37f1d3d115af57eb2f1c45ddd3b2034d256946545f2a5490878606c47adbe
c70e3c0db90a8461e326b4ef6759e9250f3acb722bfb2db60302d284ca13a7f6
c75429499f420d0994f7d0ed1784189a42968efae2155f18c7ab74f5d92203c2
c7a5f6507f395b607ab3e05cc7dfc92951e54438e5a708fc10e2f40cd3d0fddb
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce26ce80e2600bac966a056baf7f56e2846350d5d3674d8a2a01adfc4700c329
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf943527b414f179951550393514f51cc9549bd3aaf9f1814848ad96f9230372
d1989f177fbcc173e6e522dc9ff05ae589e0286b7de58cca0b59145cbcea6079
d1bb89b263061363ceb33944389da5dee8d2c2f13e98f02b898d6dc06b25b4ad
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f
d47e461661eb4536ac06275581c61f2abb9fb63dfbbbc4dc7aededdd013676c9
d4ecfd33a764bcf8026c73b1e55243f5a4166aec0104672f433b1d4d8a6fdd2c
d507d08b7453a068eb998065bc88b8413785843fec5af9643bcbdb9c4fdb3e03
d712796d188539ac294a0dd7a2d0b2770cbaca32d836863fd2565e6b39ae5f52
d845900b944d52aaef9f31d5b79d408b9245c8696511726da5d3686c2cac8df3
d8fd520c40e5e323e360e6efdba7b051be14aa97fb1ab63ac163e0dbc9d86c59
d90a92a7cfa091e8b08b8a24572b8c67d1aa35d4e2a9b09887cfb412acc3adfc
dc07f1787431129ff7835307a46dfa4f382e125c6664579be53a343ef89f3d90
dcd346804a786db16b40af2672924a5b8787623f71d648a017da7e236e1b19b4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dde8d8d5c56eb93e433b3b333cb6cbab4e98448622c6738f28264f66657164df
de238755e9ae7c7a3453b4093b666de0630eca0cfb451d850997373b1e1cdce8
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e0f1558405a2cbc294e27c29ef74942d7af07d762e9dbfd3bf53dae4774617b7
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e202fed30124e0962ab5ac656898319d788869f8d72e3219b7228e19d74aa3cd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c0d3f10fb833e44884b8f06a8d50ace01f1bfbeae008e7fe7b7fddf6e9bbe4
e5296b102ae5e69960002cccb13aaa87ab687b2f7ef0571967d618a6974fc692
e561818dbcfdc36bd303e31a62735f68011399640bcd7210bc03ac27293b4780
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
e83944ba659d994bdee15b8cf66fd6eff4904c38e273e8f2c97ec9d3288b6944
e84a340caf47fb7f52d6d4eef3db512e84c911268acf1c5eb66b44887f343457
e856293f0bfd6bee2a808701afc266d9b70995c66fed88a78583a304c1a67a2c
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9020c4c53ca9b85fff4e05ef42fbc1d0004cf8c2eb78fc98b0c8b7dc1d1bf79
eb46d82ef6f86859f18e379660e0f45b85c6f69fa97111905f0c125a08506376
ed766581eaee6de6f81cc5918788b5d63094d90e355900403c5b4be8afdb4e74
ee08d817990b89848550e8b854c9bb72f4f53dea24605614515d409f256b899e
ee78168e1a14c845c88224351da1c3e9156ad9b4d696284946cc7a1f7cfd2635
eed96f3e590c532b46981bb0a80b5d2e873c751ce6c2dc73dec17b4d580275ef
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd5ad608d8f3603b3eb9ca9f2c65ed45d7ca18acd0296fe5fc24b150eb4c4e9
efd9e824a1e4ebcc1191decc082d4718bc50ca3ac692bb9529753d4cc97c5ecc
f1672b6adb575ab5321d426ebcca1e8b00217bfb2704fb41797f0dc91f5f5061
f1c5564219bf188b434ac5e705dd1a2500ddd6aa9703da677ab51a7feb25fd5c
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3bcdfd986f5f85973e253da2fb39abcb04f5b5f98a76328e0f47c82de7d7fc8
f4d2dfe768bb0b363d4b19583900693345663d01a44b146af0c064dea7fa7dd9
f5010764339d94d1fa6a5cc219dd0ab07cfca326a11e866768b80d6081773950
f5627ea74eac809576ae16667ed7522b8dff46df48c38d9452dbe2eb208d2eef
f6d836acd1e04a5a600e876f874a681d1590b961b051390c62b61fe6d8570f0b
f857300ed4558852467fa6d67eb9808e45ebb6d5442241944e6aa0844f38f98a
f85efa80211cd1ab15dcd18887187eaeabc76669b456501c41da854e3621bbf3
fc48ff7ad0cfd1ae65cf7bb2f535b713e18ea29726b79b2974a8a205321d3a41
fc8692c03ecd72d74873bd79e589f6e29f1fdf7c5a25109ac8daa50250cb8ba9
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ff17f08db808e813e0f3270329ce38e06376065502acddb467d39eea8d84d67c