urlscan.io logo urlscan.io
SecurityTrails logo

www.investigationdiscovery.com Open in urlscan Pro
18.66.122.48  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.investigationdiscovery.com/
Effective URL: https://www.investigationdiscovery.com/
Submission: On November 20 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 3 countries across 19 domains to perform 60 HTTP transactions. The main IP is 18.66.122.48, located in United States and belongs to AMAZON-02, US. The main domain is www.investigationdiscovery.com. The Cisco Umbrella rank of the primary domain is 539579.
TLS certificate: Issued by Amazon RSA 2048 M01 on April 30th 2023. Valid for: a year.
This is the only time www.investigationdiscovery.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    18.66.122.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-80.fra60.r.cloudfront.net
www.investigationdiscovery.com
5    18.66.122.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-48.fra60.r.cloudfront.net
www.investigationdiscovery.com
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a02:26f0:3500:16::215:1490 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
1    2a02:26f0:480:f::213:7ee1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
2    18.203.109.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-109-165.eu-west-1.compute.amazonaws.com
global-prod.disco-api.com
11    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
20    3.219.156.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-156-13.compute-1.amazonaws.com
us1-prod-direct.investigationdiscovery.com
5    54.76.71.108 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-71-108.eu-west-1.compute.amazonaws.com
dpm.demdex.net
scripps.demdex.net
1    52.30.96.55 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-96-55.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    143.204.98.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-91.fra50.r.cloudfront.net
us1-prod-images.disco-api.com
2    54.78.254.47 (None, )

ASN- ()
loadm.exelator.com
1    2a02:6ea0:c700::11 (None, )

ASN- ()
load77.exelator.com
3    172.217.16.130 (None, )

ASN- ()
cm.g.doubleclick.net
1    151.101.2.49 (None, )

ASN- ()
rtd.tubemogul.com
4    151.101.66.49 (None, )

ASN- ()
rtd-tm.everesttech.net
sync-tm.everesttech.net
1    104.244.42.131 (None, )

ASN- ()
analytics.twitter.com
1    3.229.230.187 (None, )

ASN- ()
usermatch.krxd.net
1    54.72.15.103 (None, )

ASN- ()
beacon.krxd.net
1    2600:1f16:e61:3f00:6418:3db0:a56e:6f03 (None, )

ASN- ()
dmp.v.fwmrm.net
1    35.244.159.8 (None, )

ASN- ()
us-u.openx.net
1    2a03:2880:f173:81:face:b00c:0:25de (None, )

ASN- ()
www.facebook.com
Apex Domain
Subdomains		 Transfer
26 investigationdiscovery.com
www.investigationdiscovery.com — Cisco Umbrella Rank: 539579
us1-prod-direct.investigationdiscovery.com — Cisco Umbrella Rank: 368886
1 MB
11 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 562
31 KB
5 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1275
rtd-tm.everesttech.net
sync-tm.everesttech.net
1 KB
5 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 228
scripps.demdex.net — Cisco Umbrella Rank: 28251
7 KB
3 doubleclick.net
cm.g.doubleclick.net
1 KB
3 exelator.com
loadm.exelator.com
load77.exelator.com
2 KB
3 disco-api.com
global-prod.disco-api.com — Cisco Umbrella Rank: 144914
us1-prod-images.disco-api.com — Cisco Umbrella Rank: 57954
270 KB
2 krxd.net
usermatch.krxd.net
beacon.krxd.net
528 B
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 225
952 B
2 typekit.net
use.typekit.net — Cisco Umbrella Rank: 506
p.typekit.net — Cisco Umbrella Rank: 621
988 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
3 KB
1 facebook.com
www.facebook.com
883 B
1 openx.net
us-u.openx.net
264 B
1 fwmrm.net
dmp.v.fwmrm.net
460 B
1 twitter.com
analytics.twitter.com
394 B
1 tubemogul.com
rtd.tubemogul.com
269 B
1 gstatic.com
fonts.gstatic.com
48 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
47 KB
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
60 19
Domain Requested by
20 us1-prod-direct.investigationdiscovery.com www.investigationdiscovery.com
11 js-agent.newrelic.com www.investigationdiscovery.com
6 www.investigationdiscovery.com 1 redirects www.investigationdiscovery.com
4 dpm.demdex.net www.investigationdiscovery.com
3 sync-tm.everesttech.net 3 redirects
3 cm.g.doubleclick.net 2 redirects
2 loadm.exelator.com 2 redirects
2 bam.nr-data.net www.investigationdiscovery.com
2 global-prod.disco-api.com www.investigationdiscovery.com
2 fonts.googleapis.com client
1 www.facebook.com
1 us-u.openx.net
1 dmp.v.fwmrm.net
1 beacon.krxd.net
1 usermatch.krxd.net 1 redirects
1 analytics.twitter.com
1 rtd-tm.everesttech.net 1 redirects
1 rtd.tubemogul.com 1 redirects
1 load77.exelator.com
1 us1-prod-images.disco-api.com
1 fonts.gstatic.com fonts.googleapis.com
1 cm.everesttech.net 1 redirects
1 scripps.demdex.net www.investigationdiscovery.com
1 p.typekit.net use.typekit.net
1 use.typekit.net client
1 www.googletagmanager.com www.investigationdiscovery.com
0 sync.search.spotxchange.com Failed
60 27

This site contains no links.

Subject Issuer Validity Valid
*.investigationdiscovery.com
Amazon RSA 2048 M01		 2023-04-30 -
2024-05-28		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-21 -
2024-10-21		 a year crt.sh
*.disco-api.com
Amazon RSA 2048 M01		 2023-09-18 -
2024-10-16		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-13 -
2024-05-14		 a year crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2024-10-01		 a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-31 -
2024-10-29		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-09 -
2023-12-10		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.investigationdiscovery.com/
Frame ID: 4C8EE190A12AB4A123E7F45A8BB72047
Requests: 38 HTTP requests in this frame

Frame: https://scripps.demdex.net/dest5.html?d_nsid=0
Frame ID: B291F676E787F0192EA0594B988CFF58
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ID GO - Watch TV Shows Online

Page URL History Show full URLs

  1. http://www.investigationdiscovery.com/ HTTP 301
    https://www.investigationdiscovery.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Page Statistics

60
Requests

85 %
HTTPS

32 %
IPv6

19
Domains

27
Subdomains

20
IPs

3
Countries

1549 kB
Transfer

4735 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.investigationdiscovery.com/ HTTP 301
    https://www.investigationdiscovery.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46
  • https://cm.everesttech.net/cm/dd?d_uuid=45891187695599820234558001688678688693 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZVsF0QAAAGQ_tQO-
Request Chain 49
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=45891187695599820234558001688678688693 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=45891187695599820234558001688678688693&xl8blockcheck=1 HTTP 302
  • https://load77.exelator.com/pixel.gif
Request Chain 50
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDU4OTExODc2OTU1OTk4MjAyMzQ1NTgwMDE2ODg2Nzg2ODg2OTM= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NDU4OTExODc2OTU1OTk4MjAyMzQ1NTgwMDE2ODg2Nzg2ODg2OTM=&google_tc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPR-CeRwG2BM9t38tITiEJk&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 51
  • https://rtd.tubemogul.com/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://rtd-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=782&dpuuid=ZVsF0QAAAGQ_tQO-
Request Chain 53
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=45891187695599820234558001688678688693 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=45891187695599820234558001688678688693
Request Chain 55
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WlZzRjBRQUFBR1FfdFFPLQ==
Request Chain 56
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZVsF0QAAAGQ_tQO-
Request Chain 57
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZVsF0QAAAGQ_tQO-&img=1
Request Chain 58
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZVsF0QAAAGQ_tQO-&t=2592000&o=0

60 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.investigationdiscovery.com/
Redirect Chain
  • http://www.investigationdiscovery.com/
  • https://www.investigationdiscovery.com/
73 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-48.fra60.r.cloudfront.net
Software
/
Resource Hash
51ea8415e15e7fe3c29a15de3177167895f7b40d6377d38bc027aae7c5ed673e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=60
content-encoding
gzip
content-type
text/html
date
Mon, 20 Nov 2023 07:07:56 GMT
etag
W/"6544edfa-12219"
last-modified
Fri, 03 Nov 2023 12:56:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains max-age=15724800; includeSubDomains;
vary
Accept-Encoding
via
1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
x-amz-cf-id
lee0PX9ZZnP_buqunItIRqL0Oy9RHeNLeG2_iqvnu7O9uhVCRkXw8A==
x-amz-cf-pop
FRA60-P2
x-cache
Miss from cloudfront
x-content-type-options
nosniff

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Mon, 20 Nov 2023 07:07:56 GMT
Location
https://www.investigationdiscovery.com/
Server
CloudFront
Via
1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
X-Amz-Cf-Id
-lB6jRmaSR21Z0SKMYsVMOsOhmYrHxejYVtEn5jrg-ZXJOBshuWO_Q==
X-Amz-Cf-Pop
FRA60-P2
X-Cache
Redirect from cloudfront
11.1dda5165f8997f2f7015.sha.js
www.investigationdiscovery.com/ 		69 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.investigationdiscovery.com/11.1dda5165f8997f2f7015.sha.js
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-48.fra60.r.cloudfront.net
Software
/
Resource Hash
8bd6dd0e3bcc9860749af884ec13f6a759fb2e55de63a3216182e420dd9a6844
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investigationdiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 07:07:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15724800; includeSubDomains;
x-content-type-options
nosniff
last-modified
Fri, 03 Nov 2023 12:56:26 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P2
etag
W/"6544edfa-11298"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-id
EJnF1XSTgV1CjmfD0JQSwk0cUzZ0a8gAaDHbI-VALuKKfS1EpWXVlg==
main.0fdf2052609e5bb7958b.sha.js
www.investigationdiscovery.com/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.investigationdiscovery.com/main.0fdf2052609e5bb7958b.sha.js
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-48.fra60.r.cloudfront.net
Software
/
Resource Hash
b46656a147ead92566b61ef239345f75a7e5b57ed6fbe06755453ad935dc0fd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investigationdiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 07:07:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15724800; includeSubDomains;
x-content-type-options
nosniff
last-modified
Fri, 03 Nov 2023 12:56:26 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P2
etag
W/"6544edfa-26bf"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-id
I07HhCIEOxNHhGp-nZrpfk-I9Gp_b908y3EtUmMDpj7foMOjLxw1Xw==
gtm.js
www.googletagmanager.com/ 		127 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-544SVFJ
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
74e0e67d33c44fd560b672646fdf338aa51d54533796639d3074d15de9cf4dd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investigationdiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 07:07:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47535
x-xss-protection
0
last-modified
Mon, 20 Nov 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 20 Nov 2023 07:07:57 GMT
css2
fonts.googleapis.com/ 		29 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c9cc8e33a15d6f739e16ec44ae2cd8907a4ec6201386bf9cca6a85a53103168
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investigationdiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 20 Nov 2023 07:07:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 20 Nov 2023 06:42:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 20 Nov 2023 07:07:57 GMT
css2
fonts.googleapis.com/ 		27 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investigationdiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 20 Nov 2023 07:07:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 20 Nov 2023 06:24:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 20 Nov 2023 07:07:57 GMT
ple4uwa.css
use.typekit.net/ 		1 KB
816 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/ple4uwa.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
3787e64b2ba0bd1699932a4acd90fffc190cdb01c71442eb0365150845c900de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investigationdiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Mon, 20 Nov 2023 07:07:57 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
593
423.584bb69ec60bcee2e3ff.sha.js
www.investigationdiscovery.com/ 		3 MB
903 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.investigationdiscovery.com/423.584bb69ec60bcee2e3ff.sha.js
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-48.fra60.r.cloudfront.net
Software
/
Resource Hash
1ef1f0512e28b1a23f1bb8c2bbda2c33539e15b5e2587a0787bc1ac0c0c222b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investigationdiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 07:07:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15724800; includeSubDomains;
x-content-type-options
nosniff
last-modified
Fri, 03 Nov 2023 12:56:26 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P2
etag
W/"6544edfa-2fd50d"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-id
p-IWyqpqpHbDMayzPYE8HRcoJXao5bx5OpT3mXHYjsb9_a-lF121aw==
407.d9ad47ff87a7773b5a87.sha.js
www.investigationdiscovery.com/ 		939 KB
181 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.investigationdiscovery.com/407.d9ad47ff87a7773b5a87.sha.js
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-48.fra60.r.cloudfront.net
Software
/
Resource Hash
87e286fac915962ba6ffff7697800e364d0bc3020c5db8d62e305226f195ef38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investigationdiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 07:07:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=15724800; includeSubDomains;
x-content-type-options
nosniff
last-modified
Fri, 03 Nov 2023 12:56:26 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P2
etag
W/"6544edfa-eab3b"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-id
9oChLkWZ01XmATJGbpz1k31wc-qlz-S66-4ZpeyocNVi1rR9Ike-tw==
p.css
p.typekit.net/ 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=ple4uwa&ht=tk&f=44428&a=27519086&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ple4uwa.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 07:07:57 GMT
last-modified
Fri, 14 Jul 2023 12:44:32 GMT
server
nginx
etag
"64b14330-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
bootstrapInfo
global-prod.disco-api.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://global-prod.disco-api.com/bootstrapInfo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-109-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Headers
x-disco-client,x-disco-params
Access-Control-Request-Method
GET
Origin
https://www.investigationdiscovery.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,X-disco-client,X-disco-params,X-device-id,X-device-info,Accept-Language,X-gisdk
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://www.investigationdiscovery.com
access-control-max-age
31536000
content-length
0
date
Mon, 20 Nov 2023 07:07:58 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
vary
Accept-Encoding,Origin
bootstrapInfo
global-prod.disco-api.com/ 		306 B
459 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://global-prod.disco-api.com/bootstrapInfo
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-109-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
45c7343b3d889cc5f681a8ad1cd0385b42ccb1d848ac2163d133ffbed89c6cb9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Referer
https://www.investigationdiscovery.com/
X-Disco-client
WEB:UNKNOWN:ids:3.10.0
accept-language
de-DE,de;q=0.9
X-Disco-Params
hth=us,bid=ids,hn=www.investigationdiscovery.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
https://www.investigationdiscovery.com
date
Mon, 20 Nov 2023 07:07:58 GMT
content-encoding
gzip
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains;
vary
Accept-Encoding,Origin
content-type
application/json
async-api.61caf4d9-1228.min.js
js-agent.newrelic.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/async-api.61caf4d9-1228.min.js
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
079c85d823b588108b623f842c5aca6c805c4f1b2c9af00d5aff193224d0d477
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investigationdiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
LPytohAJAh6bTW3KLhmsI_b7W18e_Wdl
content-encoding
br
via
1.1 varnish
date
Mon, 20 Nov 2023 07:07:58 GMT
strict-transport-security
max-age=300
x-amz-request-id
3NZ2WBZVQ8MFYF1R
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1172
x-amz-id-2
ZfwxW3uwcy3w5Ghg+CYvXZiiF/gyc6LFL6w8qksgA5SvV6mRu/OlIRgvQfKW40VB7EyfcwDYQys=
x-served-by
cache-cph2320045-CPH
last-modified
Wed, 18 Oct 2023 20:57:43 GMT
server
AmazonS3
x-timer
S1700464079.785972,VS0,VE0
etag
"5a15fa90d5c9cf59729e937de488758b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
16999
lazy-loader.37550b27-1228.min.js
js-agent.newrelic.com/ 		928 B
913 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/lazy-loader.37550b27-1228.min.js
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83c6c18f8719320cbd6cd83248055a13a92e1c7866c23a347c08c92c7d1fe391
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investigationdiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
7HqxWiqtoEFSWhHz5dK4KokyBUh3tOtc
content-encoding
br
via
1.1 varnish
date
Mon, 20 Nov 2023 07:07:58 GMT
strict-transport-security
max-age=300
x-amz-request-id
3NZA4ZS3Z7HEYDDK
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
398
x-amz-id-2
7DM2FuSickXyKB9GHkByDJwky+JoRly6n/At1ij3vkTcbHwwRxVPauCh0LSwl/zvrSpjGuRMo84=
x-served-by
cache-cph2320045-CPH
last-modified
Wed, 18 Oct 2023 20:58:28 GMT
server
AmazonS3
x-timer
S1700464079.785966,VS0,VE0
etag
"b6eaf4dad9b3e3384b0e9366ff9d0080"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
17007
862.e74e95d2-1228.min.js
js-agent.newrelic.com/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/862.e74e95d2-1228.min.js
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f4f57044cd0b10b29ffb36a590e48ab912275a5daf264cd58241b25cac03e5f
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investigationdiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
UnyfMeNdMYj2ASKWwFUciQH_hu5.46xy
content-encoding
br
via
1.1 varnish
date
Mon, 20 Nov 2023 07:07:58 GMT
strict-transport-security
max-age=300
x-amz-request-id
3NZ7B448VA5P1JNM
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3444
x-amz-id-2
bdR2aRRYw9JBcpRHQW6oUaH+82TMfrEwB+cNtBBUGLKEJ5vU3ph6VnqoU+NXTtI+tAGtsMqZSOg=
x-served-by
cache-cph2320045-CPH
last-modified
Wed, 18 Oct 2023 20:57:12 GMT
server
AmazonS3
x-timer
S1700464079.823021,VS0,VE0
etag
"ff02f82193fd2ec047cb131aa65a0dd8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
17035
page_view_event-aggregate.46b69e61-1228.min.js
js-agent.newrelic.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/page_view_event-aggregate.46b69e61-1228.min.js
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
22051e5464f07018297c13799b1db21f39f6b0676c72fce70dbbc6b9a4793c0a
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investigationdiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
5P_qhDJlyZglLnAAqltYb6l3SHfyUg1K
content-encoding
br
via
1.1 varnish
date
Mon, 20 Nov 2023 07:07:58 GMT
strict-transport-security
max-age=300
x-amz-request-id
3NZE2QD7CNCZ22W3
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1795
x-amz-id-2
4DRMYNGEEq1udXYd1ygEMjH5QTyr5GxPlCqaZQA8g4/J/0dypAfBCPCTd/KZ3ZPwfwwP1HbyzYU=
x-served-by
cache-cph2320045-CPH
last-modified
Wed, 18 Oct 2023 21:34:36 GMT
server
AmazonS3
x-timer
S1700464079.823419,VS0,VE0
etag
"75e56b9529bc3582d1ee120d4a1d49e9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
16994
page_view_timing-aggregate.ced8c919-1228.min.js
js-agent.newrelic.com/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/page_view_timing-aggregate.ced8c919-1228.min.js
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf4c54ffc8c78d41d423befa6d5ec511b8e125470ff7deb69bc462dfbb70d780
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investigationdiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
_Wixry6heoAl_oPjMI4VCyoUTinmSEJq
content-encoding
br
via
1.1 varnish
date
Mon, 20 Nov 2023 07:07:58 GMT
strict-transport-security
max-age=300
x-amz-request-id
3NZ76WRY8ESK0Y3Z
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
2305
x-amz-id-2
vJBZ2OOoOHWUAdv6MOETsH/lc0HioBrr5e11q2FoypXPCbYHDstamiMKz2lRgsAeuNMa3+3qi9Y=
x-served-by
cache-cph2320045-CPH
last-modified
Wed, 18 Oct 2023 21:34:59 GMT
server
AmazonS3
x-timer
S1700464079.823405,VS0,VE0
etag
"ddb946a277f5c644d555e8e1bcf23b77"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
17009
metrics-aggregate.56d9a464-1228.min.js
js-agent.newrelic.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/metrics-aggregate.56d9a464-1228.min.js
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb5175866e24b14e6c800a230af050366c0dcf144254dcdb0ceca4c10549dbe3
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investigationdiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
n9y22TX5y5x49OvkzlAJIRIrXs91.2as
content-encoding
br
via
1.1 varnish
date
Mon, 20 Nov 2023 07:07:58 GMT
strict-transport-security
max-age=300
x-amz-request-id
3NZ08SQV7VS2DCBS
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1823
x-amz-id-2
Gf6I3e8/cu+g76Tt+DAvEPw8u2oyBg7CRUPefQyBDh+biYTdSed327WWfJ4oPamlnALfa/Bfbi0=
x-served-by
cache-cph2320045-CPH
last-modified
Wed, 18 Oct 2023 20:58:41 GMT
server
AmazonS3
x-timer
S1700464079.823684,VS0,VE0
etag
"04475d81e10a8c7213d39d14e581c599"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
17031
jserrors-aggregate.64f61365-1228.min.js
js-agent.newrelic.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/jserrors-aggregate.64f61365-1228.min.js
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
73e9fd5d1e48f63c04fc67135326a3e83eb635050aab2536c39dfa9e8989e269
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investigationdiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
cV_59IFoxGCu4ZReYNMW6_WaRyh6edwK
content-encoding
br
via
1.1 varnish
date
Mon, 20 Nov 2023 07:07:58 GMT
strict-transport-security
max-age=300
x-amz-request-id
3NZ3ZARBZPN8MBGF
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3075
x-amz-id-2
wWntbvAsdCP2EZ3ypzWocnNLSrwSvvqSbD3rvBty3r6ENYTr3dj2CjRKdqL6G1P54mcNLey9vR0=
x-served-by
cache-cph2320045-CPH
last-modified
Wed, 18 Oct 2023 20:58:10 GMT
server
AmazonS3
x-timer
S1700464079.823970,VS0,VE0
etag
"06e9895d210a73225fa4b9a47e6e9c5a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
17075
ajax-aggregate.e6085a9a-1228.min.js
js-agent.newrelic.com/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/ajax-aggregate.e6085a9a-1228.min.js
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
35d5e3136036964661cc94855e1028e063341e3cf4b41a410930fb149cfed5ce
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investigationdiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
bejjos7ZJbAfatBlEzLH7LLu9WZA5nyK
content-encoding
br
via
1.1 varnish
date
Mon, 20 Nov 2023 07:07:58 GMT
strict-transport-security
max-age=300
x-amz-request-id
3NZ5HRDETNQYDPAY
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
2465
x-amz-id-2
YTuNCZZJI10ajSvcqYL4y7lxNIJMnVaFBw569Itjuj8AodRmfxYuH3IO5vdnxEoXI/Q1cXl2ayo=
x-served-by
cache-cph2320045-CPH
last-modified
Wed, 18 Oct 2023 20:57:32 GMT
server
AmazonS3
x-timer
S1700464079.824229,VS0,VE0
etag
"61554094cde63c6eec39f630c32a828f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
17058
session_trace-aggregate.ada8b15b-1228.min.js
js-agent.newrelic.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/session_trace-aggregate.ada8b15b-1228.min.js
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
531b518173a4f9ac1a1aab5ad10c610d45437166fd39adc0d8208e51dc60f8d6
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investigationdiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
BjqcVXCU7NUDv_0zwEfBw_n21f5cpHAN
content-encoding
br
via
1.1 varnish
date
Mon, 20 Nov 2023 07:07:58 GMT
strict-transport-security
max-age=300
x-amz-request-id
3NZDASA1AEEXQ70V
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3926
x-amz-id-2
FzYQbZFhAt4FxtK3/nOANf0PjaSfi9j295kSllwvk06rR/hRwodh6G8uEkjMKZ1alZ8MJnYTR6g=
x-served-by
cache-cph2320045-CPH
last-modified
Wed, 18 Oct 2023 21:36:08 GMT
server
AmazonS3
x-timer
S1700464079.824513,VS0,VE0
etag
"69d309900c2caeef33af662ddf91affc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
17095
page_action-aggregate.1ef08094-1228.min.js
js-agent.newrelic.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/page_action-aggregate.1ef08094-1228.min.js
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0ec14af764fc18154e349ac3889637b2dc64debe89d7759dbcbb1db6cfe79ef8
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investigationdiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
pRUubKvREoTR4fAEnMjJp4keqYEGWgw6
content-encoding
br
via
1.1 varnish
date
Mon, 20 Nov 2023 07:07:58 GMT
strict-transport-security
max-age=300
x-amz-request-id
3NZCRPC0KDEA16F2
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1249
x-amz-id-2
oweylZ6Q9wD/5qxOMHOFt3U0xvt5DYodbiDJwAPa6m3vyDiX1OjgUvpvh3JVaApsygcR2HrE/hE=
x-served-by
cache-cph2320045-CPH
last-modified
Wed, 18 Oct 2023 21:34:15 GMT
server
AmazonS3
x-timer
S1700464079.824888,VS0,VE0
etag
"9c1563b1437a04e5cd75285b2f4bffb0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
17026
spa-aggregate.7222cbb6-1228.min.js
js-agent.newrelic.com/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/spa-aggregate.7222cbb6-1228.min.js
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
af92ff4576df40958f74249a9e167171305a5c842c886a2b1127bc46d727244a
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investigationdiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
cWmrWCUlr_v2r_X6zNP.c88eJeAeGqh6
content-encoding
br
via
1.1 varnish
date
Mon, 20 Nov 2023 07:07:58 GMT
strict-transport-security
max-age=300
x-amz-request-id
3NZBMAH8M6YHKKEH
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
6989
x-amz-id-2
1nptBa7uL6QzgzA3hdn2vcHJS1h5h2Mt8Ni48mcNMxsISdV3hEMV29a/7a6EH02xs8pRmHgx9zo=
x-served-by
cache-cph2320045-CPH
last-modified
Wed, 18 Oct 2023 21:36:28 GMT
server
AmazonS3
x-timer
S1700464079.824893,VS0,VE0
etag
"5d22b006d12752c6dafe1b5f41318762"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
10305
NRJS-3f04a28582c60344757
bam.nr-data.net/1/ 		56 B
534 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/NRJS-3f04a28582c60344757?a=1120001969&sa=1&v=1228.PROD&t=Unnamed%20Transaction&rst=2271&ck=0&s=b3b62fbf01a17563&ref=https://www.investigationdiscovery.com/&be=542&fe=1573&dc=402&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1700464076580,%22n%22:0,%22f%22:70,%22dn%22:71,%22dne%22:71,%22c%22:71,%22s%22:88,%22ce%22:112,%22rq%22:112,%22rp%22:513,%22rpe%22:515,%22dl%22:516,%22di%22:558,%22ds%22:943,%22de%22:943,%22dc%22:2114,%22l%22:2114,%22le%22:2116%7D,%22navigation%22:%7B%7D%7D&fp=568&ja=%7B%22network%22:%22ids%22,%22appVersion%22:%223.10.0%22%7D&jsonp=NREUM.setToken
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investigationdiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 20 Nov 2023 07:07:59 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
CF-Ray
828edbed7fa49159-FRA
me
us1-prod-direct.investigationdiscovery.com/users/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://us1-prod-direct.investigationdiscovery.com/users/me
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.156.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-156-13.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Headers
x-disco-client,x-disco-params
Access-Control-Request-Method
GET
Origin
https://www.investigationdiscovery.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Accept-Language,User-Agent,Cookie,If-None-Match,X-disco-client,X-disco-client-id,X-disco-params,X-disco-recaptcha-token,X-disco-recaptcha-sitekey,X-disco-arkose-token,X-disco-arkose-sitekey,X-Device-Info,X-gisdk
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://www.investigationdiscovery.com
access-control-max-age
31536000
content-length
0
date
Mon, 20 Nov 2023 07:07:59 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
vary
Accept-Encoding,Origin
me
us1-prod-direct.investigationdiscovery.com/users/ 		134 B
380 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us1-prod-direct.investigationdiscovery.com/users/me
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.156.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-156-13.compute-1.amazonaws.com
Software
/
Resource Hash
95c6177be15a47948f268a42812c505a96b8d3dc17a5d40633b3759dcc3d851e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Referer
https://www.investigationdiscovery.com/
X-Disco-client
WEB:UNKNOWN:ids:3.10.0
accept-language
de-DE,de;q=0.9
X-disco-params
realm=go,siteLookupKey=ids,bid=ids,hn=www.investigationdiscovery.com,hth=us,features=ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 07:07:59 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains;
vary
Accept-Encoding,Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.investigationdiscovery.com
x-disco-id
MMyEng5JXj
access-control-allow-credentials
true
NRJS-3f04a28582c60344757
bam.nr-data.net/events/1/ 		24 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/NRJS-3f04a28582c60344757?a=1120001969&sa=1&v=1228.PROD&t=Unnamed%20Transaction&rst=2624&ck=0&s=b3b62fbf01a17563&ref=https://www.investigationdiscovery.com/
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://www.investigationdiscovery.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

Date
Mon, 20 Nov 2023 07:07:59 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.investigationdiscovery.com
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
828edbef192e9159-FRA
Content-Length
24
token
us1-prod-direct.investigationdiscovery.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://us1-prod-direct.investigationdiscovery.com/token?deviceId=5ae8ca8c-da42-4876-a7b1-41f9e4c8ed23&realm=go&shortlived=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.156.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-156-13.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Headers
x-device-info,x-disco-client,x-disco-params
Access-Control-Request-Method
GET
Origin
https://www.investigationdiscovery.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Accept-Language,User-Agent,Cookie,If-None-Match,X-disco-client,X-disco-client-id,X-disco-params,X-disco-recaptcha-token,X-disco-recaptcha-sitekey,X-disco-arkose-token,X-disco-arkose-sitekey,X-Device-Info,X-gisdk
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://www.investigationdiscovery.com
access-control-max-age
31536000
content-length
0
date
Mon, 20 Nov 2023 07:07:59 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
vary
Accept-Encoding,Origin
token
us1-prod-direct.investigationdiscovery.com/ 		436 B
969 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us1-prod-direct.investigationdiscovery.com/token?deviceId=5ae8ca8c-da42-4876-a7b1-41f9e4c8ed23&realm=go&shortlived=true
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.156.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-156-13.compute-1.amazonaws.com
Software
/
Resource Hash
8bab340499a2cf5586156bc6a89967b1ba951668f1500ba4307e04e9da58d218
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Referer
https://www.investigationdiscovery.com/
X-device-info
ids/3.10.0 (desktop/desktop; Windows/NT 10.0; 5ae8ca8c-da42-4876-a7b1-41f9e4c8ed23)
X-Disco-client
WEB:UNKNOWN:ids:3.10.0
accept-language
de-DE,de;q=0.9
X-disco-params
realm=go,siteLookupKey=ids,bid=ids,hn=www.investigationdiscovery.com,hth=us,features=ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 07:07:59 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains;
etag
W/"4268404486"
vary
Accept-Encoding,Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.investigationdiscovery.com
x-disco-id
rmBNRIWSkV
cache-control
max-age=0, must-revalidate
access-control-allow-credentials
true
me
us1-prod-direct.investigationdiscovery.com/users/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://us1-prod-direct.investigationdiscovery.com/users/me
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.156.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-156-13.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Headers
x-disco-client,x-disco-params
Access-Control-Request-Method
GET
Origin
https://www.investigationdiscovery.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Accept-Language,User-Agent,Cookie,If-None-Match,X-disco-client,X-disco-client-id,X-disco-params,X-disco-recaptcha-token,X-disco-recaptcha-sitekey,X-disco-arkose-token,X-disco-arkose-sitekey,X-Device-Info,X-gisdk
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://www.investigationdiscovery.com
access-control-max-age
31536000
content-length
0
date
Mon, 20 Nov 2023 07:08:00 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
vary
Accept-Encoding,Origin
me
us1-prod-direct.investigationdiscovery.com/users/ 		826 B
831 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us1-prod-direct.investigationdiscovery.com/users/me
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.156.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-156-13.compute-1.amazonaws.com
Software
/
Resource Hash
d6be242c48b5abb7a5bffc1cba4628b620f27e7e054cd0fe352ae43d80f68a9d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Referer
https://www.investigationdiscovery.com/
X-Disco-client
WEB:UNKNOWN:ids:3.10.0
accept-language
de-DE,de;q=0.9
X-disco-params
realm=go,siteLookupKey=ids,bid=ids,hn=www.investigationdiscovery.com,hth=us,features=ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 07:08:00 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains;
etag
W/"3967333441"
vary
Accept-Encoding,Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.investigationdiscovery.com
x-disco-id
utHSVMlMGt
cache-control
max-age=0, must-revalidate
access-control-allow-credentials
true
partners
us1-prod-direct.investigationdiscovery.com/users/me/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://us1-prod-direct.investigationdiscovery.com/users/me/partners
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.156.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-156-13.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Headers
x-disco-client,x-disco-params
Access-Control-Request-Method
GET
Origin
https://www.investigationdiscovery.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Accept-Language,User-Agent,Cookie,If-None-Match,X-disco-client,X-disco-client-id,X-disco-params,X-disco-recaptcha-token,X-disco-recaptcha-sitekey,X-disco-arkose-token,X-disco-arkose-sitekey,X-Device-Info,X-gisdk
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://www.investigationdiscovery.com
access-control-max-age
31536000
content-length
0
date
Mon, 20 Nov 2023 07:08:00 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
vary
Accept-Encoding,Origin
web-config-prod
us1-prod-direct.investigationdiscovery.com/cms/configs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://us1-prod-direct.investigationdiscovery.com/cms/configs/web-config-prod
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.156.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-156-13.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Headers
x-disco-client,x-disco-params
Access-Control-Request-Method
GET
Origin
https://www.investigationdiscovery.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,X-disco-client,X-disco-params,X-device-id,X-device-info,Accept-Language,X-gisdk
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://www.investigationdiscovery.com
access-control-max-age
31536000
content-length
0
date
Mon, 20 Nov 2023 07:08:00 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
vary
Accept-Encoding,Origin
paws-desktop-mobile
us1-prod-direct.investigationdiscovery.com/cms/configs/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://us1-prod-direct.investigationdiscovery.com/cms/configs/paws-desktop-mobile
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.156.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-156-13.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Headers
x-disco-client,x-disco-params
Access-Control-Request-Method
GET
Origin
https://www.investigationdiscovery.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,X-disco-client,X-disco-params,X-device-id,X-device-info,Accept-Language,X-gisdk
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://www.investigationdiscovery.com
access-control-max-age
31536000
content-length
0
date
Mon, 20 Nov 2023 07:08:00 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
vary
Accept-Encoding,Origin
partners
us1-prod-direct.investigationdiscovery.com/users/me/ 		197 B
438 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us1-prod-direct.investigationdiscovery.com/users/me/partners
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.156.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-156-13.compute-1.amazonaws.com
Software
/
Resource Hash
49de96c1503914c09ac07ef36df391abb68301abbd5c802c563c4d631e9b0fcc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Referer
https://www.investigationdiscovery.com/
X-Disco-client
WEB:UNKNOWN:ids:3.10.0
accept-language
de-DE,de;q=0.9
X-disco-params
realm=go,siteLookupKey=ids,bid=ids,hn=www.investigationdiscovery.com,hth=us,features=ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 07:08:00 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains;
etag
W/"1437699305"
vary
Accept-Encoding,Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.investigationdiscovery.com
x-disco-id
y9KvSwQQZe
cache-control
max-age=0, must-revalidate
access-control-allow-credentials
true
web-config-prod
us1-prod-direct.investigationdiscovery.com/cms/configs/ 		161 B
392 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us1-prod-direct.investigationdiscovery.com/cms/configs/web-config-prod
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.156.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-156-13.compute-1.amazonaws.com
Software
/
Resource Hash
2ba86163dd30e2ff4dc4ba0694546a3bd3f77c45a29215aef8475da0685babd0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Referer
https://www.investigationdiscovery.com/
X-Disco-client
WEB:UNKNOWN:ids:3.10.0
accept-language
de-DE,de;q=0.9
X-disco-params
realm=go,siteLookupKey=ids,bid=ids,hn=www.investigationdiscovery.com,hth=us,features=ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 07:08:00 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains;
vary
Accept-Encoding,Origin
content-type
application/json
access-control-allow-origin
https://www.investigationdiscovery.com
x-disco-id
4h7NeWdyFu
access-control-allow-credentials
true
paws-desktop-mobile
us1-prod-direct.investigationdiscovery.com/cms/configs/ 		165 B
397 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us1-prod-direct.investigationdiscovery.com/cms/configs/paws-desktop-mobile
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.156.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-156-13.compute-1.amazonaws.com
Software
/
Resource Hash
4e77db65fb7f347c99ed109c1a9bb935ca132e43d15f1c31cb79206bb52aa193
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Referer
https://www.investigationdiscovery.com/
X-Disco-client
WEB:UNKNOWN:ids:3.10.0
accept-language
de-DE,de;q=0.9
X-disco-params
realm=go,siteLookupKey=ids,bid=ids,hn=www.investigationdiscovery.com,hth=us,features=ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 07:08:00 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains;
vary
Accept-Encoding,Origin
content-type
application/json
access-control-allow-origin
https://www.investigationdiscovery.com
x-disco-id
xjmWXCSTE4
access-control-allow-credentials
true
web-menubar
us1-prod-direct.investigationdiscovery.com/cms/collections/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://us1-prod-direct.investigationdiscovery.com/cms/collections/web-menubar?include=default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.156.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-156-13.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Headers
x-disco-client,x-disco-params
Access-Control-Request-Method
GET
Origin
https://www.investigationdiscovery.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,X-disco-client,X-disco-params,X-device-id,X-device-info,Accept-Language,X-gisdk
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://www.investigationdiscovery.com
access-control-max-age
31536000
content-length
0
date
Mon, 20 Nov 2023 07:08:00 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
vary
Accept-Encoding,Origin
web-footer
us1-prod-direct.investigationdiscovery.com/cms/collections/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://us1-prod-direct.investigationdiscovery.com/cms/collections/web-footer?include=default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.156.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-156-13.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Headers
x-disco-client,x-disco-params
Access-Control-Request-Method
GET
Origin
https://www.investigationdiscovery.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,X-disco-client,X-disco-params,X-device-id,X-device-info,Accept-Language,X-gisdk
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://www.investigationdiscovery.com
access-control-max-age
31536000
content-length
0
date
Mon, 20 Nov 2023 07:08:00 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
vary
Accept-Encoding,Origin
home
us1-prod-direct.investigationdiscovery.com/cms/routes/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://us1-prod-direct.investigationdiscovery.com/cms/routes/home?include=default&decorators=viewingHistory,isFavorite,playbackAllowed&page[items.number]=1&page[items.size]=8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.156.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-156-13.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Headers
x-disco-client,x-disco-params
Access-Control-Request-Method
GET
Origin
https://www.investigationdiscovery.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,X-disco-client,X-disco-params,X-device-id,X-device-info,Accept-Language,X-gisdk
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://www.investigationdiscovery.com
access-control-max-age
31536000
content-length
0
date
Mon, 20 Nov 2023 07:08:00 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
vary
Accept-Encoding,Origin
web-menubar
us1-prod-direct.investigationdiscovery.com/cms/collections/ 		157 B
388 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us1-prod-direct.investigationdiscovery.com/cms/collections/web-menubar?include=default
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.156.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-156-13.compute-1.amazonaws.com
Software
/
Resource Hash
bbc9e8a71586f349b7aa36e0b3033efa9b92680f377c534401794b8f30fba55e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Referer
https://www.investigationdiscovery.com/
X-Disco-client
WEB:UNKNOWN:ids:3.10.0
accept-language
de-DE,de;q=0.9
X-disco-params
realm=go,siteLookupKey=ids,bid=ids,hn=www.investigationdiscovery.com,hth=us,features=ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 07:08:00 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains;
vary
Accept-Encoding,Origin
content-type
application/json
access-control-allow-origin
https://www.investigationdiscovery.com
x-disco-id
Dkld3go2Dx
access-control-allow-credentials
true
web-footer
us1-prod-direct.investigationdiscovery.com/cms/collections/ 		156 B
390 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us1-prod-direct.investigationdiscovery.com/cms/collections/web-footer?include=default
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.156.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-156-13.compute-1.amazonaws.com
Software
/
Resource Hash
ecf00199e6dbc77446fdbd6eb173f12f11c2f5cdc1fd31c33ea831f291879c3a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Referer
https://www.investigationdiscovery.com/
X-Disco-client
WEB:UNKNOWN:ids:3.10.0
accept-language
de-DE,de;q=0.9
X-disco-params
realm=go,siteLookupKey=ids,bid=ids,hn=www.investigationdiscovery.com,hth=us,features=ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 07:08:00 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains;
vary
Accept-Encoding,Origin
content-type
application/json
access-control-allow-origin
https://www.investigationdiscovery.com
x-disco-id
CdFuRhqLEI
access-control-allow-credentials
true
home
us1-prod-direct.investigationdiscovery.com/cms/routes/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us1-prod-direct.investigationdiscovery.com/cms/routes/home?include=default&decorators=viewingHistory,isFavorite,playbackAllowed&page[items.number]=1&page[items.size]=8
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.156.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-156-13.compute-1.amazonaws.com
Software
/
Resource Hash
f6b62ed20dacd84d82f9bafa2eeb1783126c9daff7194e34fa3dbbe279c8b500
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Referer
https://www.investigationdiscovery.com/
X-Disco-client
WEB:UNKNOWN:ids:3.10.0
accept-language
de-DE,de;q=0.9
X-disco-params
realm=go,siteLookupKey=ids,bid=ids,hn=www.investigationdiscovery.com,hth=us,features=ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 07:08:00 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains;
etag
W/"3141134233"
vary
Accept-Encoding,Origin
content-type
application/json
access-control-allow-origin
https://www.investigationdiscovery.com
x-disco-id
scSQFH1jhG
cache-control
max-age=0, must-revalidate
access-control-allow-credentials
true
decisions
us1-prod-direct.investigationdiscovery.com/labs/api/v1/feature-flags/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://us1-prod-direct.investigationdiscovery.com/labs/api/v1/feature-flags/decisions
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.156.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-156-13.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.investigationdiscovery.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
https://www.investigationdiscovery.com
access-control-max-age
31536000
content-length
0
date
Mon, 20 Nov 2023 07:08:00 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
vary
Accept-Encoding,Origin
id
dpm.demdex.net/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=BC501253513148ED0A490D45%40AdobeOrg&d_nsid=0&ts=1700464080607
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.76.71.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-71-108.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4b06572dfa3310b5503d8f17018f2ecf8bd790628d6b20adabfc3882dd40872c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.investigationdiscovery.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

dcs
dcscanary-prod-irl1-1-v067-0bdddab1a.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Mon, 20 Nov 2023 07:08:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
u6lMmpfNSCA=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://www.investigationdiscovery.com
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
970
expires
Thu, 01 Jan 1970 00:00:00 UTC
decisions
us1-prod-direct.investigationdiscovery.com/labs/api/v1/feature-flags/ 		47 B
307 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us1-prod-direct.investigationdiscovery.com/labs/api/v1/feature-flags/decisions
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.156.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-156-13.compute-1.amazonaws.com
Software
/
Resource Hash
f319ffcdcce72986e07931eda51322f22c63673a3a280dba7207275523723f43
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

Referer
https://www.investigationdiscovery.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.investigationdiscovery.com
date
Mon, 20 Nov 2023 07:08:00 GMT
content-encoding
gzip
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains;
vary
Origin, Accept-Encoding,Origin
content-type
application/json
dest5.html
scripps.demdex.net/ Frame B291 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://scripps.demdex.net/dest5.html?d_nsid=0
Requested by
Host: www.investigationdiscovery.com
URL: https://www.investigationdiscovery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.76.71.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-71-108.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.investigationdiscovery.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 20 Nov 2023 07:08:00 GMT
dcs
dcs-prod-irl1-1-v054-00cd77fef.edge-irl1.demdex.com 0 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Wed, 8 Nov 2023 20:59:55 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
b9zqbgU/RPs=
ibs:dpid=411&dpuuid=ZVsF0QAAAGQ_tQO-
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=45891187695599820234558001688678688693
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZVsF0QAAAGQ_tQO-
42 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZVsF0QAAAGQ_tQO-
Protocol
H2
Server
54.76.71.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-71-108.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investigationdiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

dcs
dcs-prod-irl1-1-v054-085d062c2.edge-irl1.demdex.com 1 ms
pragma
no-cache
date
Mon, 20 Nov 2023 07:08:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
eGwhh6wjQK0=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZVsF0QAAAGQ_tQO-
Date
Mon, 20 Nov 2023 07:08:01 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.investigationdiscovery.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 18:16:19 GMT
x-content-type-options
nosniff
age
305502
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Nov 2024 18:16:19 GMT
bf86562a-524b-4cce-b72b-b4be1d0707c3.png
us1-prod-images.disco-api.com/2020/10/13/ 		269 KB
270 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us1-prod-images.disco-api.com/2020/10/13/bf86562a-524b-4cce-b72b-b4be1d0707c3.png?bf=0&f=jpg&p=true&q=85&w=2000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-91.fra50.r.cloudfront.net
Software
/
Resource Hash
560a38944df2e2e9a74adf66eae9ad9cd62eaab23932af33e8e43f6b43303929
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.investigationdiscovery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 20:45:40 GMT
strict-transport-security
max-age=15724800; includeSubDomains;
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
4962141
etag
"0eebd90ad592f2d1bba5b4dc3e8d5bc6"
vary
Accept-Encoding,Origin
x-cache
Hit from cloudfront
content-type
image/jpeg
x-disco-id
T5Y7ycEsvV
cache-control
public, max-age=31536000
content-length
275296
x-amz-cf-id
GnqpaZAXXk-RUkn2RCfJLzbdci82vCYtTDkxU6u_geMnJMuIDpgWAg==
pixel.gif
load77.exelator.com/ Frame B291
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=45891187695599820234558001688678688693
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=45891187695599820234558001688678688693&xl8blockcheck=1
  • https://load77.exelator.com/pixel.gif
43 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://load77.exelator.com/pixel.gif
Protocol
H2
Server
2a02:6ea0:c700::11 -, , ASN (),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://scripps.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 20 Nov 2023 07:08:02 GMT
x-age-lb
951621
x-77-cache
HIT
x-accel-date
1699512461
content-length
43
x-77-nzt
AcO1ryc3Nzf/RYUOAA
x-accel-expires
@1700486867
x-77-age
951621
x-cache-lb
HIT
last-modified
Wed, 25 Oct 2017 17:03:56 GMT
server
CDN77-Turbo
etag
"59f0c3fc-2b"
x-77-nzt-ray
25b0213156b2fb5ed2055b65e722ee0f
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes

Redirect headers

date
Mon, 20 Nov 2023 07:08:01 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://load77.exelator.com/pixel.gif
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
ibs:dpid=771&dpuuid=CAESEPR-CeRwG2BM9t38tITiEJk&google_cver=1
dpm.demdex.net/ Frame B291
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDU4OTExODc2OTU1OTk4MjAyMzQ1NTgwMDE2ODg2Nzg2ODg2OTM=
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NDU4OTExODc2OTU1OTk4MjAyMzQ1NTgwMDE2ODg2Nzg2ODg2OTM=&google_tc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPR-CeRwG2BM9t38tITiEJk&google_cver=1?gdpr=0&gdpr_consent=
42 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPR-CeRwG2BM9t38tITiEJk&google_cver=1?gdpr=0&gdpr_consent=
Protocol
H2
Server
54.76.71.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-71-108.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://scripps.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

dcs
dcs-prod-irl1-1-v054-00ab78b20.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Mon, 20 Nov 2023 07:08:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
eaCGGvigSGE=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 20 Nov 2023 07:08:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPR-CeRwG2BM9t38tITiEJk&google_cver=1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=782&dpuuid=ZVsF0QAAAGQ_tQO-
dpm.demdex.net/ Frame B291
Redirect Chain
  • https://rtd.tubemogul.com/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D
  • https://rtd-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D
  • https://dpm.demdex.net/ibs:dpid=782&dpuuid=ZVsF0QAAAGQ_tQO-
42 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=782&dpuuid=ZVsF0QAAAGQ_tQO-
Protocol
H2
Server
54.76.71.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-71-108.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://scripps.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

dcs
dcs-prod-irl1-2-v054-0b71ea9a0.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Mon, 20 Nov 2023 07:08:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
CVwFuGrCS/U=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

x-served-by
cache-cph2320026-CPH
pragma
no-cache
date
Mon, 20 Nov 2023 07:08:02 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1700464082.330266,VS0,VE95
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://dpm.demdex.net/ibs:dpid=782&dpuuid=ZVsF0QAAAGQ_tQO-
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
adsct
analytics.twitter.com/i/ Frame B291 		43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?p_user_id=45891187695599820234558001688678688693&p_id=38594
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 -, , ASN (),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://scripps.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-response-time
171
date
Mon, 20 Nov 2023 07:08:01 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
efb5e21720cd6add
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
53540c5a84e53026d944f7dd2295458960800d3bcd1ef98a0d77d1f8486fe571
content-length
43
usermatch.gif
beacon.krxd.net/ Frame B291
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=45891187695599820234558001688678688693
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=45891187695599820234558001688678688693
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=45891187695599820234558001688678688693
Protocol
H2
Server
54.72.15.103 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://scripps.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-served-by
beacon-n024-dub-prod.krxd.net
date
Mon, 20 Nov 2023 07:08:02 GMT
cache-control
private, no-cache, no-store
x-request-time
D=52 t=1700464082
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=45891187695599820234558001688678688693
date
Mon, 20 Nov 2023 07:08:02 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a014-ash-prod.krxd.net
u
dmp.v.fwmrm.net/ad/ Frame B291 		0
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D796%26dpuuid%3D%23%7Buser.id%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f16:e61:3f00:6418:3db0:a56e:6f03 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://scripps.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Nov 2023 07:08:02 GMT
X-Fw-Request-Id
umo0447_1700464082916850821
Content-Type
text/html
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
0
Expires
0
pixel
cm.g.doubleclick.net/ Frame B291
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WlZzRjBRQUFBR1FfdFFPLQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WlZzRjBRQUFBR1FfdFFPLQ==
Protocol
H3
Server
172.217.16.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://scripps.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 07:08:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-cph2320026-CPH
pragma
no-cache
date
Mon, 20 Nov 2023 07:08:02 GMT
via
1.1 varnish
server
Varnish
x-timer
S1700464082.272588,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WlZzRjBRQUFBR1FfdFFPLQ==
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sd
us-u.openx.net/w/1.0/ Frame B291
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZVsF0QAAAGQ_tQO-
43 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZVsF0QAAAGQ_tQO-
Protocol
H2
Server
35.244.159.8 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://scripps.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Nov 2023 07:08:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-cph2320026-CPH
pragma
no-cache
date
Mon, 20 Nov 2023 07:08:02 GMT
via
1.1 varnish
server
Varnish
x-timer
S1700464082.272582,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZVsF0QAAAGQ_tQO-
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
partner
sync.search.spotxchange.com/ Frame B291
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZVsF0QAAAGQ_tQO-&img=1
0
0
b.php
www.facebook.com/fr/ Frame B291
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZVsF0QAAAGQ_tQO-&t=2592000&o=0
43 B
883 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZVsF0QAAAGQ_tQO-&t=2592000&o=0
Protocol
H2
Server
2a03:2880:f173:81:face:b00c:0:25de -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://scripps.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 23:08:02 PST
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
public
x-fb-debug
bzSkUyctETyDzF+L+6sbZ1J6bl6q+O0u71p1MpKNR03aBR4UoeN9ewhap6BLZ/xQADzWZaSM+8ApIYKsYUcanw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
image/gif
origin-agent-cluster
?0
cache-control
public, max-age=0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
expires
Sun, 19 Nov 2023 23:08:02 PST

Redirect headers

x-served-by
cache-cph2320026-CPH
pragma
no-cache
date
Mon, 20 Nov 2023 07:08:02 GMT
via
1.1 varnish
server
Varnish
x-timer
S1700464082.272710,VS0,VE0
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZVsF0QAAAGQ_tQO-&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZVsF0QAAAGQ_tQO-&img=1

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture string| applicationID string| agentID object| NREUM object| webpackChunkNRBA object| newrelic object| NRBA object| dataLayer object| google_tag_manager object| google_tag_data object| webpackChunk_discovery_tve object| __meta function| __ object| gsapVersions object| webpackJsonpSonicPlayer function| sprintf function| vsprintf object| _translations object| adobe function| Visitor object| s_c_il number| s_c_in

9 Cookies

Domain/Path Name / Value
us1-prod-direct.investigationdiscovery.com/ Name: st
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJVU0VSSUQ6Z286MDc1Y2FhMmMtMDcwMi00N2RhLTkwMmMtM2FiZWU0YWNkYmU0IiwianRpIjoidG9rZW4tYTY2ZTczNmYtOWFkNS00NDEzLWEyMzItNjdjYzE3ODQ0NGJiIiwiYW5vbnltb3VzIjp0cnVlLCJpYXQiOjE3MDA0NjQwNzl9.SCnq9jUKxibkSsq1ouH2jCmeSljLetIS7Nd6_I267uA
.investigationdiscovery.com/ Name: gi_ls
Value: 0
.investigationdiscovery.com/ Name: ass
Value: 1ae9121b-bde5-4941-9930-8b8bcac04b8d.1700465881.1700464081
.demdex.net/ Name: demdex
Value: 45891187695599820234558001688678688693
.investigationdiscovery.com/ Name: AMCVS_BC501253513148ED0A490D45%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZVsF0QAAAGQ_tQO-
.dpm.demdex.net/ Name: dpm
Value: 45891187695599820234558001688678688693
.investigationdiscovery.com/ Name: AMCV_BC501253513148ED0A490D45%40AdobeOrg
Value: -1124106680%7CMCIDTS%7C19682%7CMCMID%7C46038688075763372734542635725542593291%7CMCAAMLH-1701068880%7C6%7CMCAAMB-1701068880%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1700471280s%7CNONE%7CMCSYNCSOP%7C411-19689%7CvVersion%7C5.2.0
.demdex.net/ Name: dextp
Value: 3-1-1700464081097|771-1-1700464081202|782-1-1700464081312

7 Console Messages

Source Level URL
Text
network error URL: https://us1-prod-direct.investigationdiscovery.com/users/me
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://us1-prod-direct.investigationdiscovery.com/cms/configs/paws-desktop-mobile
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://us1-prod-direct.investigationdiscovery.com/cms/configs/web-config-prod
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://us1-prod-direct.investigationdiscovery.com/cms/collections/web-footer?include=default
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://us1-prod-direct.investigationdiscovery.com/cms/collections/web-menubar?include=default
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://us1-prod-direct.investigationdiscovery.com/labs/api/v1/feature-flags/decisions
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZVsF0QAAAGQ_tQO-&img=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
bam.nr-data.net
beacon.krxd.net
cm.everesttech.net
cm.g.doubleclick.net
dmp.v.fwmrm.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
global-prod.disco-api.com
js-agent.newrelic.com
load77.exelator.com
loadm.exelator.com
p.typekit.net
rtd-tm.everesttech.net
rtd.tubemogul.com
scripps.demdex.net
sync-tm.everesttech.net
sync.search.spotxchange.com
us-u.openx.net
us1-prod-direct.investigationdiscovery.com
us1-prod-images.disco-api.com
use.typekit.net
usermatch.krxd.net
www.facebook.com
www.googletagmanager.com
www.investigationdiscovery.com
sync.search.spotxchange.com
104.244.42.131
143.204.98.91
151.101.2.137
151.101.2.49
151.101.66.49
162.247.241.14
172.217.16.130
18.203.109.165
18.66.122.48
18.66.122.80
2600:1f16:e61:3f00:6418:3db0:a56e:6f03
2a00:1450:4001:80e::2008
2a00:1450:4001:828::200a
2a00:1450:4001:830::2003
2a02:26f0:3500:16::215:1490
2a02:26f0:480:f::213:7ee1
2a02:6ea0:c700::11
2a03:2880:f173:81:face:b00c:0:25de
3.219.156.13
3.229.230.187
35.244.159.8
52.30.96.55
54.72.15.103
54.76.71.108
54.78.254.47
079c85d823b588108b623f842c5aca6c805c4f1b2c9af00d5aff193224d0d477
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0ec14af764fc18154e349ac3889637b2dc64debe89d7759dbcbb1db6cfe79ef8
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c9cc8e33a15d6f739e16ec44ae2cd8907a4ec6201386bf9cca6a85a53103168
1ef1f0512e28b1a23f1bb8c2bbda2c33539e15b5e2587a0787bc1ac0c0c222b5
22051e5464f07018297c13799b1db21f39f6b0676c72fce70dbbc6b9a4793c0a
2ba86163dd30e2ff4dc4ba0694546a3bd3f77c45a29215aef8475da0685babd0
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
35d5e3136036964661cc94855e1028e063341e3cf4b41a410930fb149cfed5ce
3787e64b2ba0bd1699932a4acd90fffc190cdb01c71442eb0365150845c900de
45c7343b3d889cc5f681a8ad1cd0385b42ccb1d848ac2163d133ffbed89c6cb9
49de96c1503914c09ac07ef36df391abb68301abbd5c802c563c4d631e9b0fcc
4b06572dfa3310b5503d8f17018f2ecf8bd790628d6b20adabfc3882dd40872c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e77db65fb7f347c99ed109c1a9bb935ca132e43d15f1c31cb79206bb52aa193
4f4f57044cd0b10b29ffb36a590e48ab912275a5daf264cd58241b25cac03e5f
51ea8415e15e7fe3c29a15de3177167895f7b40d6377d38bc027aae7c5ed673e
531b518173a4f9ac1a1aab5ad10c610d45437166fd39adc0d8208e51dc60f8d6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
560a38944df2e2e9a74adf66eae9ad9cd62eaab23932af33e8e43f6b43303929
5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55
73e9fd5d1e48f63c04fc67135326a3e83eb635050aab2536c39dfa9e8989e269
74e0e67d33c44fd560b672646fdf338aa51d54533796639d3074d15de9cf4dd2
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
83c6c18f8719320cbd6cd83248055a13a92e1c7866c23a347c08c92c7d1fe391
87e286fac915962ba6ffff7697800e364d0bc3020c5db8d62e305226f195ef38
8bab340499a2cf5586156bc6a89967b1ba951668f1500ba4307e04e9da58d218
8bd6dd0e3bcc9860749af884ec13f6a759fb2e55de63a3216182e420dd9a6844
95c6177be15a47948f268a42812c505a96b8d3dc17a5d40633b3759dcc3d851e
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af92ff4576df40958f74249a9e167171305a5c842c886a2b1127bc46d727244a
b46656a147ead92566b61ef239345f75a7e5b57ed6fbe06755453ad935dc0fd8
bbc9e8a71586f349b7aa36e0b3033efa9b92680f377c534401794b8f30fba55e
cf4c54ffc8c78d41d423befa6d5ec511b8e125470ff7deb69bc462dfbb70d780
d6be242c48b5abb7a5bffc1cba4628b620f27e7e054cd0fe352ae43d80f68a9d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecf00199e6dbc77446fdbd6eb173f12f11c2f5cdc1fd31c33ea831f291879c3a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f319ffcdcce72986e07931eda51322f22c63673a3a280dba7207275523723f43
f6b62ed20dacd84d82f9bafa2eeb1783126c9daff7194e34fa3dbbe279c8b500
f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d
fb5175866e24b14e6c800a230af050366c0dcf144254dcdb0ceca4c10549dbe3