thetruedefender.com Open in urlscan Pro
2606:4700:20::ac43:4551 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Submission: On November 02 via api (November 2nd 2021, 9:52:33 pm UTC) from US — Scanned from DE

Summary HTTP 443 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 84 IPs in 11 countries across 81 domains to perform 443 HTTP transactions. The main IP is 2606:4700:20::ac43:4551, located in United States and belongs to CLOUDFLARENET, US. The main domain is thetruedefender.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 5th 2021. Valid for: a year.

This is the only time thetruedefender.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
33	2606:4700:20:... 2606:4700:20::ac43:4551	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:206... 2600:9000:206f:a600:6:b871:4f00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:206... 2600:9000:206f:ec00:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
4	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
7	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2606:4700:10:... 2606:4700:10::6816:38ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.35.253.117 13.35.253.117	16509 (AMAZON-02) (AMAZON-02)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2600:9000:205... 2600:9000:2057:2400:b:6268:b880:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206f:a000:a:cbb7:a940:93a1	16509 (AMAZON-02) (AMAZON-02)
9	95.216.186.40 95.216.186.40	24940 (HETZNER-AS) (HETZNER-AS)
3	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
3	104.154.142.214 104.154.142.214	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	212.77.99.29 212.77.99.29	12827 (WIRTUALNA...) (WIRTUALNAPOLSKA GDANSK)
3 23	88.212.252.2 88.212.252.2	7979 (SERVERS-COM) (SERVERS-COM)
5	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
11	2606:4700:10:... 2606:4700:10::6816:36ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 59	2606:4700:10:... 2606:4700:10::6816:397e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	147.75.38.124 147.75.38.124	54825 (PACKET) (PACKET)
10 30	185.33.221.50 185.33.221.50	29990 (ASN-APPNEX) (ASN-APPNEX)
6	185.86.139.59 185.86.139.59	201081 (SMARTADSE...) (SMARTADSERVER)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
15	2600:9000:205... 2600:9000:2057:ee00:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	151.101.192.134 151.101.192.134	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
29	149.154.165.133 149.154.165.133	62041 (TELEGRAM) (TELEGRAM)
3	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
2	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
1	199.232.198.49 199.232.198.49	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:a00d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:20:... 2606:4700:20::ac43:49e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
6	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.16.186.104 2.16.186.104	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	185.29.134.249 185.29.134.249	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	138.201.63.164 138.201.63.164	24940 (HETZNER-AS) (HETZNER-AS)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
3	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 5	138.201.220.30 138.201.220.30	24940 (HETZNER-AS) (HETZNER-AS)
5	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
16	37.157.5.73 37.157.5.73	198622 (ADFORM) (ADFORM)
1	85.114.131.233 85.114.131.233	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	185.86.137.17 185.86.137.17	201081 (SMARTADSE...) (SMARTADSERVER)
5	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
11	51.75.86.98 51.75.86.98	() ()
1 1	85.114.159.118 85.114.159.118	() ()
3	185.86.139.115 185.86.139.115	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	164.132.158.126 164.132.158.126	16276 (OVH) (OVH)
1 1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	50.31.142.95 50.31.142.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
5	212.77.98.32 212.77.98.32	12827 (WIRTUALNA...) (WIRTUALNAPOLSKA GDANSK)
11 13	18.156.98.241 18.156.98.241	16509 (AMAZON-02) (AMAZON-02)
2 2	3.120.83.159 3.120.83.159	16509 (AMAZON-02) (AMAZON-02)
6 6	193.232.148.143 193.232.148.143	48061 (UMA-TECH-AS) (UMA-TECH-AS)
9 11	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
5 5	31.172.81.172 31.172.81.172	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
9 9	216.52.2.39 216.52.2.39	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
2	151.236.71.82 151.236.71.82	204720 (CDNETWORKS) (CDNETWORKS)
15 15	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
4 9	51.89.21.5 51.89.21.5	16276 (OVH) (OVH)
5	146.20.132.120 146.20.132.120	27357 (RACKSPACE) (RACKSPACE)
14 15	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
10 15	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
9 9	18.197.47.23 18.197.47.23	16509 (AMAZON-02) (AMAZON-02)
10	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
5 5	18.184.122.71 18.184.122.71	16509 (AMAZON-02) (AMAZON-02)
5	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
10 34	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	35.210.53.219 35.210.53.219	15169 (GOOGLE) (GOOGLE)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
17 17	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
5 10	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
1 2	159.253.128.188 159.253.128.188	36351 (SOFTLAYER) (SOFTLAYER)
1	185.33.221.87 185.33.221.87	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	135.125.160.77 135.125.160.77	16276 (OVH) (OVH)
2 2	3.209.222.165 3.209.222.165	14618 (AMAZON-AES) (AMAZON-AES)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
2 2	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
4 6	104.111.242.53 104.111.242.53	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.3.173.52 52.3.173.52	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	52.212.206.16 52.212.206.16	16509 (AMAZON-02) (AMAZON-02)
1	35.241.40.233 35.241.40.233	() ()
3 3	89.108.119.43 89.108.119.43	197695 (AS-REG) (AS-REG)
2 4	2001:6d0:4001... 2001:6d0:4001::226	() ()
1 2	3.66.41.54 3.66.41.54	() ()
1	3.127.62.220 3.127.62.220	() ()
2 4	2a02:6b8::90 2a02:6b8::90	() ()
2	82.145.213.8 82.145.213.8	() ()
443	84

33 2606:4700:20::ac43:4551 (United States)

ASN13335 (CLOUDFLARENET, US)

thetruedefender.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:a600:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:ec00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.0.77.2 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 192.0.77.37 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:38ae (United States)

ASN13335 (CLOUDFLARENET, US)

users.api.jeeng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-117.fra6.r.cloudfront.net

clientcdn.pushengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:2400:b:6268:b880:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn1.lockerdomecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:a000:a:cbb7:a940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn2.lockerdomecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 95.216.186.40 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.40.186.216.95.clients.your-server.de

xn--r1a.website	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tlgr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.196.134 (United States)

ASN54113 (FASTLY, US)

thetruedefender-com.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.154.142.214 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com

lockerdome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 212.77.99.29 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: ssp.wp.pl

ssp.wp.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 88.212.252.2 (Russian Federation) 3 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:10::6816:36ce (United States)

ASN13335 (CLOUDFLARENET, US)

i.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-eu.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

59 2606:4700:10::6816:397e (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

useast.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ms.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 185.33.221.50 (Amsterdam, Netherlands) 10 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.86.139.59 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
itx4.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2600:9000:2057:ee00:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.192.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 149.154.165.133 (London, United Kingdom)

ASN62041 (TELEGRAM, VG)

cdn4.telesco.pe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.198.49 (United States)

ASN54113 (FASTLY, US)

a.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:a00d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:49e4 (United States)

ASN13335 (CLOUDFLARENET, US)

rtb.adpone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.19.35.65 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.104 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-104.deploy.static.akamaitechnologies.com

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba0b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

apps.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.134.249 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.63.164 (Hockenheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.220.30 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.30.220.201.138.clients.your-server.de

hal900016.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.131.233 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: srv21037.dus4.fastwebserver.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.17 (France)

ASN201081 (SMARTADSERVER, FR)

www8.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 51.75.86.98 (None, )

ASN- ()

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (None, ) 1 redirects

ASN- ()

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.139.115 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.241 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 164.132.158.126 (France)

ASN16276 (OVH, FR)
PTR: ip126.ip-164-132-158.eu

cookie-matching.mediarithmics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.31.142.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 212.77.98.32 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: wifi32.ras.wp.pl

std.wpcdn.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 18.156.98.241 (Frankfurt am Main, Germany) 11 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-98-241.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.83.159 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-83-159.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 193.232.148.143 (Russian Federation) 6 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp4.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 31.172.81.158 (Germany) 9 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync3.sniperlog.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 31.172.81.172 (Germany) 5 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 216.52.2.39 (United States) 9 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.236.71.82 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)

cache.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 3.126.56.137 (Frankfurt am Main, Germany) 15 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 51.89.21.5 (London, United Kingdom) 4 redirects

ASN16276 (OVH, FR)
PTR: p38.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 146.20.132.120 (United States)

ASN27357 (RACKSPACE, US)

cs.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 213.19.147.45 (United Kingdom) 14 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 35.71.131.137 (United States) 10 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.197.47.23 (Frankfurt am Main, Germany) 9 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-47-23.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.184.122.71 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-122-71.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2.18.234.21 (Frankfurt am Main, Germany) 10 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.185.194 (United States) 17 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.46.130.91 (Ashburn, United States) 5 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.253.128.188 (Amsterdam, Netherlands) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.87 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.129 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 135.125.160.77 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns3195934.ip-135-125-160.eu

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.209.222.165 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-222-165.compute-1.amazonaws.com

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.111.242.53 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.3.173.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-173-52.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.212.206.16 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-206-16.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.40.233 (None, )

ASN- ()

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.108.119.43 (Russian Federation) 3 redirects

ASN197695 (AS-REG, RU)
PTR: d51370.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:6d0:4001::226 (None, ) 2 redirects

ASN- ()

www.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.66.41.54 (None, ) 1 redirects

ASN- ()

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.62.220 (None, )

ASN- ()

crb.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::90 (None, ) 2 redirects

ASN- ()

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 82.145.213.8 (None, )

ASN- ()

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	quantumdex.io 5 redirects useast.quantumdex.io sync.quantumdex.io ms.quantumdex.io	10 KB
36	adnxs.com 10 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	109 KB
34	casalemedia.com 10 redirects ssum-sec.casalemedia.com dsum-sec.casalemedia.com	37 KB
33	thetruedefender.com thetruedefender.com	415 KB
29	telesco.pe cdn4.telesco.pe	1 MB
25	betweendigital.com 3 redirects ads.betweendigital.com cache.betweendigital.com	16 KB
23	doubleclick.net 17 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	198 KB
21	adform.net track.adform.net s1.adform.net	197 KB
16	disquscdn.com c.disquscdn.com a.disquscdn.com	548 KB
15	adsrvr.org 10 redirects match.adsrvr.org	6 KB
15	yahoo.com 15 redirects ups.analytics.yahoo.com	13 KB
13	bidswitch.net 11 redirects x.bidswitch.net	5 KB
13	criteo.com 3 redirects bidder.criteo.com gum.criteo.com mug.criteo.com dis.criteo.com	9 KB
13	wp.com i2.wp.com c0.wp.com stats.wp.com i0.wp.com pixel.wp.com	469 KB
12	rubiconproject.com 3 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	33 KB
11	onetag-sys.com onetag-sys.com Failed	8 KB
11	connectad.io i.connectad.io cdn.connectad.io sync-eu.connectad.io	4 KB
10	amazon-adsystem.com 5 redirects s.amazon-adsystem.com	7 KB
10	sonobi.com sync.go.sonobi.com	5 KB
10	1rx.io 10 redirects sync.1rx.io	6 KB
10	smartadserver.com prg.smartadserver.com itx4.smartadserver.com www8.smartadserver.com rtb-csync.smartadserver.com	15 KB
10	wp.pl ssp.wp.pl	2 KB
9	advertising.com 9 redirects pixel.advertising.com	3 KB
9	id5-sync.com 4 redirects id5-sync.com	11 KB
9	lijit.com 9 redirects ap.lijit.com	5 KB
9	bumlam.com 9 redirects sync.bumlam.com	5 KB
8	disqus.com thetruedefender-com.disqus.com disqus.com referrer.disqus.com links.services.disqus.com Failed	63 KB
7	tlgr.org tlgr.org	108 KB
6	owneriq.net 4 redirects px.owneriq.net	2 KB
6	pubmatic.com ads.pubmatic.com image6.pubmatic.com	27 KB
6	adhigh.net 6 redirects px.adhigh.net	2 KB
6	redintelligence.net 1 redirects hal9000.redintelligence.net hal900016.redintelligence.net	7 KB
6	mathtag.com 2 redirects tags.mathtag.com pixel.mathtag.com sync.mathtag.com	3 KB
5	sharethrough.com 5 redirects match.sharethrough.com	1 KB
5	unrulymedia.com 4 redirects sync.targeting.unrulymedia.com	2 KB
5	lkqd.net cs.lkqd.net	2 KB
5	adsniper.ru 5 redirects sync3.adsniper.ru	3 KB
5	wpcdn.pl std.wpcdn.pl	136 KB
5	a-mo.net prebid.a-mo.net	1 KB
5	creativecdn.com prebid-eu.creativecdn.com	905 B
4	yandex.ru 2 redirects an.yandex.ru	952 B
4	tns-counter.ru 2 redirects www.tns-counter.ru	1 KB
3	aidata.io 3 redirects x01.aidata.io	2 KB
3	lockerdome.com lockerdome.com	5 KB
3	lockerdomecdn.com cdn1.lockerdomecdn.com cdn2.lockerdomecdn.com	22 KB
3	google-analytics.com www.google-analytics.com	21 KB
3	optad360.io cmp.optad360.io get.optad360.io	234 KB
2	opera.com t.adx.opera.com	818 B
2	360yield.com 1 redirects ad.360yield.com	847 B
2	sniperlog.ru sync3.sniperlog.ru	1 KB
2	bidr.io 2 redirects match.prod.bidr.io	1 KB
2	quantserve.com 2 redirects pixel.quantserve.com	1019 B
2	cognitivlabs.com 2 redirects beacon.lynx.cognitivlabs.com	754 B
2	dyntrk.com 2 redirects gu.dyntrk.com	850 B
2	rfihub.com 2 redirects p.rfihub.com	2 KB
2	simpli.fi 1 redirects um.simpli.fi	845 B
2	admedo.com 2 redirects pool.admedo.com	715 B
2	creative-serving.com 2 redirects ads.creative-serving.com	1 KB
2	sascdn.com ced-ns.sascdn.com apps.sascdn.com	11 KB
2	criteo.net static.criteo.net	54 KB
2	viglink.com cdn.viglink.com	531 B
2	gstatic.com fonts.gstatic.com	32 KB
2	4dex.io script.4dex.io	23 KB
2	xn--r1a.website xn--r1a.website	18 KB
2	jeeng.com users.api.jeeng.com	118 KB
1	kargo.com crb.kargo.com	360 B
1	brand-display.com dmp.brand-display.com	253 B
1	ad4m.at ad4m.at
1	adentifi.com rtb.adentifi.com	88 B
1	bttrack.com bttrack.com	380 B
1	zemanta.com b1sync.zemanta.com	64 B
1	mediarithmics.com cookie-matching.mediarithmics.com	85 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	487 B
1	contentspread.net cdn.contentspread.net	1 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	adpone.com rtb.adpone.com Failed	988 B
1	gravatar.com secure.gravatar.com	36 KB
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	pushengage.com clientcdn.pushengage.com	19 KB
1	googletagmanager.com www.googletagmanager.com	35 KB
0	adotmob.com Failed sync.adotmob.com Failed
443	81

	Domain	Requested by
49	sync.quantumdex.io	get.optad360.io sync.quantumdex.io ssum-sec.casalemedia.com
33	thetruedefender.com	thetruedefender.com
30	ib.adnxs.com	10 redirects get.optad360.io acdn.adnxs.com
29	cdn4.telesco.pe	xn--r1a.website
23	ads.betweendigital.com	3 redirects get.optad360.io ads.betweendigital.com
19	dsum-sec.casalemedia.com	5 redirects ssum-sec.casalemedia.com
17	cm.g.doubleclick.net	17 redirects
16	s1.adform.net	track.adform.net s1.adform.net thetruedefender.com
15	ssum-sec.casalemedia.com	5 redirects sync.quantumdex.io ssum-sec.casalemedia.com
15	match.adsrvr.org	10 redirects ssum-sec.casalemedia.com
15	ups.analytics.yahoo.com	15 redirects
15	c.disquscdn.com	thetruedefender-com.disqus.com disqus.com c.disquscdn.com
13	x.bidswitch.net	11 redirects ssum-sec.casalemedia.com
11	onetag-sys.com	get.optad360.io sync.quantumdex.io cache.betweendigital.com
10	s.amazon-adsystem.com	5 redirects ssum-sec.casalemedia.com
10	sync.go.sonobi.com	sync.quantumdex.io
10	sync.1rx.io	10 redirects
10	ssp.wp.pl	get.optad360.io
9	pixel.advertising.com	9 redirects
9	id5-sync.com	4 redirects sync.quantumdex.io
9	ap.lijit.com	9 redirects
9	sync.bumlam.com	9 redirects
7	tlgr.org	xn--r1a.website
7	c0.wp.com	thetruedefender.com
6	px.owneriq.net	4 redirects ssum-sec.casalemedia.com
6	px.adhigh.net	6 redirects
6	eus.rubiconproject.com	thetruedefender.com eus.rubiconproject.com cache.betweendigital.com
5	ads.pubmatic.com	sync.quantumdex.io
5	match.sharethrough.com	5 redirects
5	sync.targeting.unrulymedia.com	4 redirects sync.quantumdex.io
5	ms.quantumdex.io	5 redirects
5	cs.lkqd.net	sync.quantumdex.io
5	sync3.adsniper.ru	5 redirects
5	std.wpcdn.pl	ssp.wp.pl
5	cdn.connectad.io	get.optad360.io
5	acdn.adnxs.com	get.optad360.io
5	track.adform.net	hal900016.redintelligence.net s1.adform.net
5	hal900016.redintelligence.net	1 redirects thetruedefender.com hal900016.redintelligence.net
5	prg.smartadserver.com	get.optad360.io
5	prebid.a-mo.net	get.optad360.io
5	useast.quantumdex.io	get.optad360.io
5	i.connectad.io	get.optad360.io
5	prebid-eu.creativecdn.com	get.optad360.io
5	bidder.criteo.com	get.optad360.io
4	an.yandex.ru	2 redirects
4	www.tns-counter.ru	2 redirects
4	gum.criteo.com	2 redirects static.criteo.net
4	disqus.com	thetruedefender-com.disqus.com c.disquscdn.com
3	x01.aidata.io	3 redirects
3	rtb-csync.smartadserver.com
3	token.rubiconproject.com	eus.rubiconproject.com
3	mug.criteo.com
3	tags.mathtag.com	ced-ns.sascdn.com tags.mathtag.com
3	secure-assets.rubiconproject.com	3 redirects
3	stats.g.doubleclick.net	lockerdome.com
3	lockerdome.com	cdn2.lockerdomecdn.com
3	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	i2.wp.com	thetruedefender.com
2	t.adx.opera.com	cache.betweendigital.com
2	ad.360yield.com	1 redirects
2	sync3.sniperlog.ru
2	match.prod.bidr.io	2 redirects
2	pixel.quantserve.com	2 redirects
2	beacon.lynx.cognitivlabs.com	2 redirects
2	gu.dyntrk.com	2 redirects
2	p.rfihub.com	2 redirects
2	um.simpli.fi	1 redirects ssum-sec.casalemedia.com
2	pool.admedo.com	2 redirects
2	cache.betweendigital.com	ads.betweendigital.com
2	ads.creative-serving.com	2 redirects
2	sync.mathtag.com	2 redirects
2	static.criteo.net	get.optad360.io static.criteo.net
2	cdn.viglink.com	thetruedefender.com
2	fonts.gstatic.com	fonts.googleapis.com
2	referrer.disqus.com	c.disquscdn.com thetruedefender.com
2	script.4dex.io	get.optad360.io script.4dex.io
2	thetruedefender-com.disqus.com	thetruedefender.com
2	xn--r1a.website	thetruedefender.com tlgr.org
2	cdn1.lockerdomecdn.com	thetruedefender.com cdn1.lockerdomecdn.com
2	users.api.jeeng.com	thetruedefender.com users.api.jeeng.com
2	get.optad360.io	thetruedefender.com get.optad360.io
1	crb.kargo.com
1	dmp.brand-display.com	ssum-sec.casalemedia.com
1	ad4m.at	ssum-sec.casalemedia.com
1	rtb.adentifi.com	ssum-sec.casalemedia.com
1	bttrack.com	ssum-sec.casalemedia.com
1	secure.adnxs.com	ssum-sec.casalemedia.com
1	image6.pubmatic.com	ads.pubmatic.com
1	sync-eu.connectad.io	cdn.connectad.io
1	b1sync.zemanta.com
1	dis.criteo.com	1 redirects
1	cookie-matching.mediarithmics.com
1	dsp.adfarm1.adition.com	1 redirects
1	www8.smartadserver.com
1	cdn.contentspread.net	hal900016.redintelligence.net
1	pixel.mathtag.com	tags.mathtag.com
1	hal9000.redintelligence.net	thetruedefender.com
1	itx4.smartadserver.com	ced-ns.sascdn.com
1	apps.sascdn.com	ced-ns.sascdn.com
1	ced-ns.sascdn.com	thetruedefender.com
1	a.disquscdn.com	thetruedefender.com
1	fonts.googleapis.com	xn--r1a.website
1	rtb.adpone.com	get.optad360.io
1	secure.gravatar.com	thetruedefender.com
1	cdn.jsdelivr.net	get.optad360.io
1	pixel.wp.com	thetruedefender.com
1	i0.wp.com	thetruedefender.com
1	cdn2.lockerdomecdn.com	thetruedefender.com
1	stats.wp.com	thetruedefender.com
1	clientcdn.pushengage.com	thetruedefender.com
1	www.googletagmanager.com	thetruedefender.com
1	cmp.optad360.io	thetruedefender.com
0	sync.adotmob.com Failed	ssum-sec.casalemedia.com
0	links.services.disqus.com Failed	c.disquscdn.com
443	115

This site contains links to these domains. Also see Links.

Domain
rumble.com
t.me
www.facebook.com
twitter.com
www.linkedin.com
www.tumblr.com
pinterest.com
reddit.com
vk.com
connect.ok.ru
getpocket.com
www.lifesitenews.com
pubmed.ncbi.nlm.nih.gov
www.vigiaccess.org
api.whatsapp.com
telegram.me
lockerdome.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-01-05` - `2022-01-04`	a year	crt.sh
*.optad360.io Amazon	`2020-12-17` - `2022-01-15`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
jeeng.com Cloudflare Inc ECC CA-3	`2021-09-13` - `2022-09-12`	a year	crt.sh
*.pushengage.com Amazon	`2021-01-27` - `2022-02-24`	a year	crt.sh
*.lockerdomecdn.com Amazon	`2021-02-24` - `2022-03-25`	a year	crt.sh
xn--r1a.website R3	`2021-10-28` - `2022-01-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.lockerdome.com Go Daddy Secure Certificate Authority - G2	`2021-09-27` - `2022-10-29`	a year	crt.sh
*.wp.pl RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-05` - `2022-03-14`	a year	crt.sh
ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-06` - `2022-02-16`	2 years	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
connectad.io Cloudflare Inc ECC CA-3	`2021-05-16` - `2022-05-15`	a year	crt.sh
*.a-mo.net R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
a.disquscdn.com Amazon	`2021-10-31` - `2022-11-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
tlgr.org R3	`2021-10-26` - `2022-01-24`	3 months	crt.sh
*.telesco.pe Go Daddy Secure Certificate Authority - G2	`2020-03-10` - `2022-04-13`	2 years	crt.sh
*.disquscdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
ssl1029306.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-07-12` - `2022-06-30`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.sascdn.com DigiCert SHA2 Secure Server CA	`2021-09-13` - `2022-09-13`	a year	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
redintelligence.net R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
contentspread.net R3	`2021-10-04` - `2022-01-02`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
onetag-sys.com R3	`2021-11-02` - `2022-01-31`	3 months	crt.sh
*.mediarithmics.com Gandi Standard SSL CA 2	`2021-02-17` - `2022-03-01`	a year	crt.sh
*.zemanta.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-29` - `2022-08-29`	a year	crt.sh
*.wpcdn.pl RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-14` - `2022-05-15`	a year	crt.sh
cache.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-08` - `2022-02-05`	2 years	crt.sh
*.lkqd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-09` - `2022-07-14`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.id5-sync.com R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-29` - `2022-03-29`	a year	crt.sh
adentifi.com Amazon	`2021-09-04` - `2022-10-03`	a year	crt.sh
*.brand-display.com GeoTrust RSA CA 2018	`2020-06-24` - `2022-06-24`	2 years	crt.sh
*.adx.opera.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-14` - `2022-06-10`	a year	crt.sh

This page contains 70 frames:

Primary Page: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Frame ID: 5F592F41F7E3465BCC9695213E1B1C43
Requests: 143 HTTP requests in this frame

Frame: https://xn--r1a.website/s/TheTrueDefender
Frame ID: 0D6B0057338D3C2F7E26E8C13C066EA1
Requests: 43 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13997836195017830?pubid=ld-5318-880&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Frame ID: 15F2859964366B4A069DE26DF1082E89
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/14009642120598886?pubid=ld-7836-312&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Frame ID: 827799B49FA5B3CE618336323AF8328C
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/14447308783736934?pubid=ld-14447308783736934&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=1560
Frame ID: 0122D849ECF7046D98D11AB10E9DAD6A
Requests: 2 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34670%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34670&t_u=https%3A%2F%2Fthetruedefender.com%2Fthousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots%2F&t_e=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&t_d=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&t_t=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&s_o=default
Frame ID: 156F941CBFD769B2F85482FDC07FDC53
Requests: 16 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Frame ID: CB7D2B1D967B4E83FC50C4D00411129F
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Frame ID: 01EF8A20C7E94A79A34BCB1941211906
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Frame ID: B983658F96AAED0A684032224C1B2291
Requests: 3 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Frame ID: 5DCC6100D730DB500080878AA3F868F7
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=thetruedefender.com
Frame ID: B3537E8CED95E6D2FA8AD06826D314C9
Requests: 2 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22466229771115954545%22%2c%22adomain%22%3a%22johnreed.fitness%22%2c%22page%22%3a%221366485%22%2c%22format%22%3a%2289189%22%2c%22crid%22%3a%229558186%22%2c%22dsp%22%3a%2225%22%2c%22buyer%22%3a%2267013%22%2c%22cid%22%3a%221010206%22%2c%22adid%22%3a%229558186%22%2c%22hash%22%3a%22-6598830072001205560%22%7d
Frame ID: F6F4C6D1A27980CEE5D4B5F8244BC90C
Requests: 1 HTTP requests in this frame

Frame: https://tags.mathtag.com/notify/js?exch=sas&s_exch=sas&id=5aW95q2jLzIzLyAvTjJJMk1EazROV1l0WmpNeE9TMDNaR1JsTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1MjIwNjg0MjI3NDQ5MDkzMDAvOTU1ODE4Ni85NDY0NjAyLzM5LzV2T0ZURm1NVEJpUUYxN1ZwVTRCb2lQTjdXLWpWMHlsa0ZnamxXYjdRT3cvMS8xMDAwLzAvMC8xNjkwMDgzLzMyNTcxNjY4NjgvMjI2NTg5LzEwMTAyMDYvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMTA0LzQyMDg0OS8wLzAvODUyMjA2ODQyMjc0NDkwOTMwMC96cmgvMC85OTk1Lzg3Lzk5OS8zMjIvMTk0LjM2LjEwOC4wLzAuMDAwLzE2MzU4ODk5NDAvMTYzNTkwMjU0MC8xMDAwLzIwNzkv/a6aQD_lExwp1eoDE5K6fv5P3KnA&nodeid=2629&group=zrh&auctionid=8522068422744909300&shardkey=8522068422744909300&sid=9464602&cid=9558186&price=0.236258&bp=a_cdgcfi&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.135.143
Frame ID: B941F184394556224970F6F733935729
Requests: 7 HTTP requests in this frame

Frame: https://hal900016.redintelligence.net/request_content.php?s=58733500250797203500432011766016&a=2ed0d314
Frame ID: E7395919DC76CD06A8EFFCA806236EF4
Requests: 12 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/169192/10431995/10431995.js?ADFassetID=10431995&bv=515
Frame ID: F1164A1D495885B33F836F8089C26A78
Requests: 14 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3972436632CF7403BD313A4423054FE9
Requests: 3 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: E65DF761FAE322CFC850EB08985E19C4
Requests: 5 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 7340D732658A8C9580C0082F25C29F82
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6418CD1D43C05866E01F829E2DCEB212
Requests: 3 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: 09535CE9E4BD95ADC1F783C90ECD9D35
Requests: 12 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0CAB31606946A919A50FFAA9A76ADB9B
Requests: 3 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 802095B33AF6D506B111AE7CA7EEFCF7
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1635889941104
Frame ID: 0BB52DE9642C64BD791D36257FD57F30
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: D0D6300DB60FAE386B31ACE0A1A6856C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 7EBCFECCF0438689318215AD21F6BEE9
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: BE41DD2F9A39AE8D8A5873593783FCF2
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: C71CE4138E53FF2A537E4144C643F088
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: FEEDA64CA8BF17C525AFE78643DBD4D4
Requests: 12 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: 18BF79979013D00EF99FEE7E50CB4E50
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C0718826D73BCA9F997AC755017459BF
Requests: 3 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 691723F38C31F56DBF15DD250336E2C0
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: FC42F2291127E41F629395C07D0B15C3
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 064B3FB6EAE78459E8FBFC7F5656C923
Requests: 3 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: B50A59E91E5454098BF3C2968980BDC7
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: 0EC6360D14417EAF67B8463DC333A16E
Requests: 2 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: FF78CB7222F2E9A8E9FFE10971D439E4
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: DC33CDC058BB2C11E0627C90796E4549
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: C5CE9297D8F4D1A0095B3E26BD4640B7
Requests: 12 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: B1F84A49BD5D3A6060C75AE8CC374517
Requests: 12 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: 968854A783739B718361730198482A27
Requests: 12 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 31127896BEBAF2B2BB654F0C7EEFB283
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1635889941038
Frame ID: 68B973F19369C8FDA339FC050D69A563
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1635889941035
Frame ID: E48DC0CD708D9E34DB1F2A6B365FC31A
Requests: 1 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1&CACHEBUSTER=556578
Frame ID: 087748C6CEDAC5A4417C4AEEC402CAAC
Requests: 7 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1&CACHEBUSTER=539532
Frame ID: 3742D78A4C42C5F0D70A7061B22C90D0
Requests: 7 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1
Frame ID: A7A6261D406ACF3DF6D2144B62BB3636
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: D4E9AD82E0F8C72704644FD655C96680
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 170DA528B3751774B4A4E7D83C3E0176
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: CE98EB937DF1472453304F17E0F0839F
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 2B47AFB1FFE2A974D3B450700436DE60
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: B551638B8C946385761CA85E2C8EEE16
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 1EF43E0114E4E72CBF9D65B0FA32222F
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: B685E3AE7BF6F8C5AE08C81B334B44F0
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 47A735AF341D01E88A848462F413997E
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: F0067BCD628DF8C0117B74A3322FB4E7
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: A9105F283F1D70CA7B017DEBB327CE96
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 654A4DEC24FB9DF5F23769BBF5813BAF
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: CE7D92D510D44102E233B95127E037A9
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: F7478D91C7774E857B34020ED84DF4DF
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: B761D6A80184B56BCF08671C34927324
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 62BB7E9D4744A7D71EB56199BE3442FA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 583A8849A00BB13C959E05A8CEDBD37F
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 510870E95CAAE96E58B26A975EB8A6C5
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 71FC8D2597004C8A1AD83924F6FC4767
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: FCF1D67B7CB5E630640649788B7FA663
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 01B648AAC37E3C9FAFDA36359D1DFA67
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: DADA5A5C22AC210EAB7F7332E2EB102D
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 602BDA0720FD727680677F65EDC9AB44
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: E420BBA8B0913520333058778A422960
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: DE5CDF30AD0BC925E2E728F1C21DD130
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Thousand Reports Confirmed The Abnormal Tumor Development After Taking The COVID Shots - The True Defender !

Page Statistics

443
Requests

77 %
HTTPS

25 %
IPv6

81
Domains

115
Subdomains

84
IPs

11
Countries

4323 kB
Transfer

8768 kB
Size

93
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://rumble.com/c/ConservativeMedia
Title: Rumble

Search URL Search Domain Scan URL

URL: https://t.me/TheTrueDefender
Title: Telegram

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&url=https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/&title=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.tumblr.com/share/link?url=https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/&name=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots
Title: Tumblr

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/&description=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&media=https://i2.wp.com/thetruedefender.com/wp-content/uploads/2021/11/Untitled-16.png?fit=782%2C495&ssl=1
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://reddit.com/submit?url=https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/&title=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots
Title: Reddit

Search URL Search Domain Scan URL

URL: https://vk.com/share.php?url=https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Title: VKontakte

Search URL Search Domain Scan URL

URL: https://connect.ok.ru/dk?st.cmd=WidgetSharePreview&st.shareUrl=https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/&description=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&media=https://i2.wp.com/thetruedefender.com/wp-content/uploads/2021/11/Untitled-16.png?fit=782%2C495&ssl=1
Title: Odnoklassniki

Search URL Search Domain Scan URL

URL: https://getpocket.com/save?title=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&url=https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Title: Pocket

Search URL Search Domain Scan URL

URL: https://www.lifesitenews.com/news/thousands-report-developing-abnormal-tumors-following-covid-shots/
Title: lifesitenews.com

Search URL Search Domain Scan URL

URL: https://pubmed.ncbi.nlm.nih.gov/34707965/
Title: pubmed.ncbi.nlm.nih.gov

Search URL Search Domain Scan URL

URL: https://www.vigiaccess.org/
Title: vigiaccess.org

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots%20https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?url=https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/&text=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots
Title: Telegram

Search URL Search Domain Scan URL

URL: https://lockerdome.com/roi
Title: Promoted

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 200

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

Request Chain 208

https://gum.criteo.com/sid/json?origin=publishertag&domain=thetruedefender.com&sn=ChromeSyncframe&so=0&topUrl=thetruedefender.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=y5HXgHxtLzh5amdZRUE5WWo5S2FvY0QreE1VbzNWYWVkT3BaNy9rV2t1Z1EzeFpOdEJNQjlZMHcxU0RCTGMxamc2L2JKQlZleHFzTGNFZmdPbTZwWGd1WjVHZVNiRHZ2b3AvbkJ3MDAyeDYxYXZzM0lYNDMzTStFRVZpaG9mT05GRXBJcHlLVDJTajlyZXhmcDIra29aNmtLUjN2YWVBOEpnckpuZ1krTkpubUR4bU9vVFZkSzljbHdpbDZPY01YdG1QQTFxenc1RFppcWVYUFdBbGNabUhNbVVKV3NsaDFjc0dRd0VwNjZBc1VjWXR6RmJzN0w0MXVyWUVZZlpTOFFhR2dJZ2ZkdXpINFVwNHI0eUUxK1liK3VnZz09fA&cppv=2

Request Chain 215

https://hal900016.redintelligence.net/request.php?zone=7vw59adviql2&nw=20&renderingType=javascript&namespace=3755b04aae&subid=&uid=83f09655ef0a7330&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Asas&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8522068422744909300%26mt_id%3D9558186%26mt_adid%3D226589%26mt_sid%3D9464602%26mt_exid%3D39%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D37cd6181-b315-4a01-9dc4-5b657bf75408%26mt_cid%3D37cd6181-b315-4a01-9dc4-5b657bf75408%26redirect%3D&documentReferer=https%3A%2F%2Fthetruedefender.com%2Fthousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots%2F&ancestorOrigins=https%3A%2F%2Fthetruedefender.com%2Chttps%3A%2F%2Fthetruedefender.com&random=6398875256767&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900016.redintelligence.net/request.php?zone=7vw59adviql2&nw=20&renderingType=javascript&namespace=3755b04aae&subid=&uid=83f09655ef0a7330&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Asas&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8522068422744909300%26mt_id%3D9558186%26mt_adid%3D226589%26mt_sid%3D9464602%26mt_exid%3D39%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D37cd6181-b315-4a01-9dc4-5b657bf75408%26mt_cid%3D37cd6181-b315-4a01-9dc4-5b657bf75408%26redirect%3D&documentReferer=https%3A%2F%2Fthetruedefender.com%2Fthousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots%2F&ancestorOrigins=https%3A%2F%2Fthetruedefender.com%2Chttps%3A%2F%2Fthetruedefender.com&random=6398875256767&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 242

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthetruedefender.com%2F&domain=thetruedefender.com&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=CfSqJ3xmQ2cyalNDVWVxaTB6WmsyRVhyaUdrZ0VReDBncHF2Zk11bjc5dXJ2RURrR1ZDMWo0a1F1UEl5TEV0MWhGVmZyb2toM3gwOU9GU1hzeDFTZVMzOW5IYWlYU0FBdFozVkR6Tk9JUlNheU53UFdIQXNYWDFBa3E2eTNyaFIwbEhaMEV4emVzZmVHRks3cnkxM3ZsNkRFUXZ6c0tKZ0ZEcWYzcU91a3pIU2VoSjF2RUd0VzJDaWlGdXdLQnY1SUVqb1hnbXNGaEo3R24wbVZSd3dPTWhESzk1c21Ud1l1ZWYvTktsWVo2RjgzK2JleERHTlNWbXh3a3BoTWc2WFd4am1CRVA4NXUxbXFIcS9CL2FjUmhLVEk0Smw4Q1Q1OGQ2d2Q3WjVBaVQrRlR2ST18&cppv=2

Request Chain 273

https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7026093813632268437&gdpr=0&gdpr_consent=

Request Chain 274

https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=37cd6181-b315-4a01-9dc4-5b657bf75408&gdpr=0&gdpr_consent=

Request Chain 276

https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=cf40501b-bda5-419d-aa55-d5c5593146ff&gdpr=0&gdpr_consent=

Request Chain 282

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=b3b0198e-6501-408d-b08a-a55ff055dce3 HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=b3b0198e-6501-408d-b08a-a55ff055dce3 HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=c2f1760c-f2fd-48c2-aaba-8eac511ce7ce&ssp=between&expires=30&user_group=5&bsw_param=b3b0198e-6501-408d-b08a-a55ff055dce3 HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b3b0198e-6501-408d-b08a-a55ff055dce3

Request Chain 283

https://px.adhigh.net/p/cm/btw HTTP 302
https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=8eZzOFdEKI4.AikABlF84qOWug

Request Chain 284

https://sync.bumlam.com/?src=bw1&uid=6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiY5oaMBlIFvp7KygpiJDZmMmNmZWYwLThmOWYtNTEzMy04MjZhLTU0ZTVlM2ViZTdmMQ** HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiY5oaMBlIFvp7KygpiJDZmMmNmZWYwLThmOWYtNTEzMy04MjZhLTU0ZTVlM2ViZTdmMaIBECm358w8JxHspukAJZDIJDc* HTTP 302
https://sync.bumlam.com/?src=bw1&s_data=CAIQABiY5oaMBmIkNmYyY2ZlZjAtOGY5Zi01MTMzLTgyNmEtNTRlNWUzZWJlN2YxogEQKbfnzDwnEeym6QAlkMgkNw** HTTP 302
https://sync.bumlam.com/?src=bw1&s_data=CAIQARiY5oaMBmIkNmYyY2ZlZjAtOGY5Zi01MTMzLTgyNmEtNTRlNWUzZWJlN2YxogEQKbfnzDwnEeym6QAlkMgkNw** HTTP 302
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=29b7e7cc-3c27-11ec-a6e9-002590c82437

Request Chain 285

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true HTTP 307
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=4f681b0473f12007d534bb6d

Request Chain 289

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://px.adhigh.net/p/cm/bsw?u=b3b0198e-6501-408d-b08a-a55ff055dce3&bidswitch_ssp_id=between HTTP 302
https://px.adhigh.net/p/cm/bsw?u=b3b0198e-6501-408d-b08a-a55ff055dce3&bidswitch_ssp_id=between&bounced=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=9&user_id=8eZzOFdEKI4.AikABlF84qOWug&expires=30&ssp=between HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b3b0198e-6501-408d-b08a-a55ff055dce3

Request Chain 290

https://px.adhigh.net/p/cm/btw HTTP 302
https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=8eZzOFdEKI4.AikABlF84qOWug

Request Chain 291

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true HTTP 307
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=4f681b0473f12007d534bb6d

Request Chain 292

https://sync.bumlam.com/?src=bw1&uid=6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiY5oaMBlIFvp7KygpiJDZmMmNmZWYwLThmOWYtNTEzMy04MjZhLTU0ZTVlM2ViZTdmMQ** HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiY5oaMBlIFvp7KygpiJDZmMmNmZWYwLThmOWYtNTEzMy04MjZhLTU0ZTVlM2ViZTdmMaIBECm36248JxHshuAAJZDAZHw* HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQAhiY5oaMBlIFvp7KygpiJDZmMmNmZWYwLThmOWYtNTEzMy04MjZhLTU0ZTVlM2ViZTdmMaIBECm358w8JxHspukAJZDIJDc* HTTP 302
https://sync.bumlam.com/?src=bw1&s_data=CAIQABiY5oaMBmIkNmYyY2ZlZjAtOGY5Zi01MTMzLTgyNmEtNTRlNWUzZWJlN2YxogEQKbfnzDwnEeym6QAlkMgkNw** HTTP 302
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=29b7e7cc-3c27-11ec-a6e9-002590c82437

Request Chain 300

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-M_.U.AZE2uFHkmQJuod5kRwAMXedCJmxHbhGPY0-~A

Request Chain 301

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

Request Chain 303

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5144825251432877873

Request Chain 304

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=7b6f1b2a-96f2-440d-9c1d-15a0c45be396

Request Chain 305

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5144825251432877873

Request Chain 306

https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3896099349 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3896099349 HTTP 302
https://sync.1rx.io/usersync/tradedesk/8e1782ca-b848-417c-ad73-a00de8522d67 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-3c63a55e-01af-4095-8f3e-422e69994212-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-3c63a55e-01af-4095-8f3e-422e69994212-003 HTTP 302
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-3c63a55e-01af-4095-8f3e-422e69994212-003

Request Chain 307

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP29ba9eb6-3c27-11ec-9925-02b6d90ce87a HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP29ba9eb6-3c27-11ec-9925-02b6d90ce87a

Request Chain 308

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4f681b0473f12007d534bb6d

Request Chain 310

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=d35b0059-5249-4829-8009-5a42a0d432e8

Request Chain 311

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4f681b0473f12007d534bb6d

Request Chain 314

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5144825251432877873

Request Chain 315

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=16b5ddd5-bf55-4400-9fa1-76f739143ba1

Request Chain 316

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-M_.U.AZE2uFHkmQJuod5kRwAMXedCJmxHbhGPY0-~A

Request Chain 317

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

Request Chain 318

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5144825251432877873

Request Chain 319

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=66a89f12-5ab4-4ea4-9d80-ca26f2f8e17c

Request Chain 320

https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3763736074 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3763736074 HTTP 302
https://sync.1rx.io/usersync/tradedesk/93fd85dc-2c35-4966-93ea-5d3eceb7b5bf HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-3c63a55e-01af-4095-8f3e-422e69994212-003

Request Chain 321

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP29ba9eb6-3c27-11ec-9925-02b6d90ce87a HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP29ba9eb6-3c27-11ec-9925-02b6d90ce87a

Request Chain 323

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5144825251432877873

Request Chain 324

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=a5ff3dc6-2a08-4586-be02-ea734b6beae7

Request Chain 325

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-O3m5wj9E2uHn_FTl_.RYCZ5qlpYLvwjKWVyRXLk-~A

Request Chain 326

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

Request Chain 328

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5144825251432877873

Request Chain 329

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=a6a8c8f9-fbbb-448a-9767-2fb4e4304e4d

Request Chain 330

https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5381084455 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5381084455 HTTP 302
https://sync.1rx.io/usersync/tradedesk/8e1782ca-b848-417c-ad73-a00de8522d67 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-3c63a55e-01af-4095-8f3e-422e69994212-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-3c63a55e-01af-4095-8f3e-422e69994212-003 HTTP 302
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-3c63a55e-01af-4095-8f3e-422e69994212-003

Request Chain 331

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP29ba9eb6-3c27-11ec-9925-02b6d90ce87a HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP29ba9eb6-3c27-11ec-9925-02b6d90ce87a

Request Chain 332

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4f681b0473f12007d534bb6d

Request Chain 333

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5144825251432877873

Request Chain 334

https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2471066311 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2471066311 HTTP 302
https://sync.1rx.io/usersync/tradedesk/8e1782ca-b848-417c-ad73-a00de8522d67 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-3c63a55e-01af-4095-8f3e-422e69994212-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-3c63a55e-01af-4095-8f3e-422e69994212-003 HTTP 302
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-3c63a55e-01af-4095-8f3e-422e69994212-003

Request Chain 335

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-O3m5wj9E2uHn_FTl_.RYCZ5qlpYLvwjKWVyRXLk-~A

Request Chain 336

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP29ba9eb6-3c27-11ec-9925-02b6d90ce87a HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP29ba9eb6-3c27-11ec-9925-02b6d90ce87a

Request Chain 337

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4f681b0473f12007d534bb6d

Request Chain 340

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=52a65a48-07dd-4860-aee8-feed68a02d00

Request Chain 341

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

Request Chain 342

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5144825251432877873

Request Chain 343

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=10fb9827-5f20-41d7-89f8-e79dcddf43f2

Request Chain 344

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5144825251432877873

Request Chain 345

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=215445d3-723f-49fe-ada4-e2eccd961635

Request Chain 346

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5144825251432877873

Request Chain 347

https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6464052314 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6464052314 HTTP 302
https://sync.1rx.io/usersync/tradedesk/8e1782ca-b848-417c-ad73-a00de8522d67 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-3c63a55e-01af-4095-8f3e-422e69994212-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-3c63a55e-01af-4095-8f3e-422e69994212-003 HTTP 302
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-3c63a55e-01af-4095-8f3e-422e69994212-003

Request Chain 348

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-M_.U.AZE2uFHkmQJuod5kRwAMXedCJmxHbhGPY0-~A

Request Chain 349

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP29ba9eb6-3c27-11ec-9925-02b6d90ce87a HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP29ba9eb6-3c27-11ec-9925-02b6d90ce87a

Request Chain 350

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4f681b0473f12007d534bb6d

Request Chain 353

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=d35b0059-5249-4829-8009-5a42a0d432e8

Request Chain 356

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 360

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 363

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 367

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 371

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 375

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=b3b0198e-6501-408d-b08a-a55ff055dce3 HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=b3b0198e-6501-408d-b08a-a55ff055dce3 HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=54c7b7f3-56da-40c6-9cf0-efe7264e8a85&user_group=1&ssp=between&bsw_param=b3b0198e-6501-408d-b08a-a55ff055dce3 HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b3b0198e-6501-408d-b08a-a55ff055dce3

Request Chain 378

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YYGzGH0WI6VfETmpxXDmIAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENY5djT9SxUk-0M-0wcsZDs&google_cver=1&gdpr=1

Request Chain 379

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYGzGH0WI6VfETmpxXDmIAAABGsAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYGzGH0WI6VfETmpxXDmIAAABGsAAAAB&dcc=t

Request Chain 380

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYGzGH0WI6VfETmpxXDmIAAABGsAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YYGzGH0WI6VfETmpxXDmIAAABGsAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEHcetweNtLp9-n28pUyY0PE&google_cver=1

Request Chain 381

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
https://um.simpli.fi/no_match_opted_out

Request Chain 384

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5133329519424007597

Request Chain 387

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYGzGH0WI6VfETmpxXDmIQAABHQAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YYGzGH0WI6VfETmpxXDmIQAABHQAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJcDqfOvg64traUZd3jRrrE&google_cver=1

Request Chain 388

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYGzGH0WI6VfETmpxXDmIQAABHQAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYGzGH0WI6VfETmpxXDmIQAABHQAAAAB&dcc=t

Request Chain 389

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YYGzGH0WI6VfETmpxXDmIAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEExllE-QwWxUuQKAbEe-vNw&google_cver=1&gdpr=1

Request Chain 390

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

Request Chain 391

https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=eb1525da-ce4b-4f05-bb20-917f6edff842&expiration=1667425944

Request Chain 393

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=LjL7vXow8rQ1NPS-fGHu7Swz9b01M_DqLWfEA1i2

Request Chain 396

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYGzGAGhWkIV76meDNGawwAABG0AAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YYGzGAGhWkIV76meDNGawwAABG0AAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEHy7tXV_lT_M7G9XwutFroE&google_cver=1

Request Chain 397

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYGzGAGhWkIV76meDNGawwAABG0AAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYGzGAGhWkIV76meDNGawwAABG0AAAAB&dcc=t

Request Chain 398

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YYGzGH0WI6VfETmpxXDmIAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBH0YBgm4VkT0CrOH5b42PM&google_cver=1&gdpr=1

Request Chain 399

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6891763441790670284&uid=Q6891763441790670284&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 401

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5123196420304977629

Request Chain 405

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYGzGAGhWkIV76meDNGaxAAABFgAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYGzGAGhWkIV76meDNGaxAAABFgAAAIB&dcc=t

Request Chain 406

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YYGzGH0WI6VfETmpxXDmIAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENUN-zkS_eL_KL_vNyTKWCI&google_cver=1&gdpr=1

Request Chain 407

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYGzGAGhWkIV76meDNGaxAAABFgAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YYGzGAGhWkIV76meDNGaxAAABFgAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEMjUZ4hGCjtM38iqIjxO4fw&google_cver=1

Request Chain 410

https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=5e8a6c59-88ae-442b-b04a-fda42cd41901&expiration=1667425944

Request Chain 411

https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1 HTTP 303
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGep07DA2YAADfHDtoCIw&expiration=1637099544&gdpr=1

Request Chain 414

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYGzGH0WI6VfETmpxXDmIAAABGsAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YYGzGH0WI6VfETmpxXDmIAAABGsAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELsl3wwjCT12mzuiJw0M9wQ&google_cver=1

Request Chain 415

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYGzGH0WI6VfETmpxXDmIAAABGsAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYGzGH0WI6VfETmpxXDmIAAABGsAAAAB&dcc=t

Request Chain 416

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YYGzGH0WI6VfETmpxXDmIAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEExllE-QwWxUuQKAbEe-vNw&google_cver=1&gdpr=1

Request Chain 418

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=-HyROqx-mDPjep46-n2Eb_p5yDjjLp1uq32LAl-B

Request Chain 419

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=37cd6181-b315-4a01-9dc4-5b657bf75408&gdpr=1&gdpr_consent=

Request Chain 420

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6891763441104115118&uid=Q6891763441104115118&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 422

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dbetween%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1&ssp=between&expires=30&user_group=1 HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b3b0198e-6501-408d-b08a-a55ff055dce3

Request Chain 423

https://sync.bumlam.com/?src=aid0 HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=29b7e7cc-3c27-11ec-a6e9-002590c82437 HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=29b7e7cc-3c27-11ec-a6e9-002590c82437&bounce=1 HTTP 302
https://sync.bumlam.com/?src=aid1&uid=sQpS2PVExjmTQuae6WvEaQ& HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=sQpS2PVExjmTQuae6WvEaQ&extra2=aidata HTTP 302
https://sync3.sniperlog.ru/?src=ggl&extra1=sQpS2PVExjmTQuae6WvEaQ&extra2=aidata&google_gid=CAESECKJRW5xbSWrR8u78hOf-E8&google_cver=1

Request Chain 424

https://sync.bumlam.com/?src=aid0 HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=29b7e7cc-3c27-11ec-a6e9-002590c82437 HTTP 302
https://sync.bumlam.com/?src=aid1&uid=sQpS2PVExjmTQuae6WvEaQ& HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=sQpS2PVExjmTQuae6WvEaQ&extra2=aidata HTTP 302
https://sync3.sniperlog.ru/?src=ggl&extra1=sQpS2PVExjmTQuae6WvEaQ&extra2=aidata&google_gid=CAESECKJRW5xbSWrR8u78hOf-E8&google_cver=1

Request Chain 425

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

Request Chain 426

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

Request Chain 431

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/539532 HTTP 302
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/539532

Request Chain 432

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/556578 HTTP 302
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/556578

Request Chain 438

https://x.bidswitch.net/sync?dsp_id=429&user_id=6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1&expires=60 HTTP 302
https://ad.360yield.com/match?publisher_dsp_id=191&external_user_id=b3b0198e-6501-408d-b08a-a55ff055dce3 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=191&external_user_id=b3b0198e-6501-408d-b08a-a55ff055dce3

Request Chain 439

https://x.bidswitch.net/sync?dsp_id=429&user_id=6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1&expires=60 HTTP 302
https://crb.kargo.com/api/v1/bswsync?bsw_uuid=b3b0198e-6501-408d-b08a-a55ff055dce3&dsp_uuid=&dsp_id=&krg_ids=&gdpr=&gdpr_consent=&us_privacy=

Request Chain 443

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1 HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1 HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1?redir-setuniq=1

Request Chain 444

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1 HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1 HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1?redir-setuniq=1

443 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/ 217 KB
28 KB 979ms
925ms Document
text/html 2606:4700:20::ac43:4551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0f5e0bca8b78f9db4a052ac6e5636911334ba2a9cd260f643c1f51a9fbcfd68

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 02 Nov 2021 21:52:19 GMT
content-type: text/html; charset=UTF-8
cf-ray: 6a8096d46e0f3746-MXP
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://thetruedefender.com/wp-json/>; rel="https://api.w.org/", <https://thetruedefender.com/wp-json/wp/v2/posts/34670>; rel="alternate"; type="application/json", <https://thetruedefender.com/?p=34670>; rel=shortlink
vary: Accept-Encoding,User-Agent
cf-cache-status: BYPASS
cf-apo-via: origin,no-cache
cf-edge-cache: cache,platform=wordpress
cf-railgun: direct (starting new WAN connection)
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pragma: no-cache
x-pingback: https://thetruedefender.com/xmlrpc.php
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vLNpOOmbW7%2Br7v7rgxiu8qN72bs%2FqeMhuTtni%2FRWsOEpVw5NYd7Bk73O2r%2BbON1%2FRUf9%2BK%2BX4oyw0TS8cjqlSZd8b%2FolCSwKQqSAjRNgswPMxAAJJNng4RwYkDEvy5aH6xTOHUY3MfFg23d8%2FAFeziQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br

GET
H2 200 f8ec1629-32c3-44fb-be24-9764b22efcd2.min.js Show response
cmp.optad360.io/items/ 2 B
359 B 217ms
9ms Script
application/javascript 2600:9000:206f:a600:6:b871:4f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.optad360.io/items/f8ec1629-32c3-44fb-be24-9764b22efcd2.min.js
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:a600:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:44:02 GMT
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
last-modified: Thu, 28 Oct 2021 09:48:14 GMT
server: AmazonS3
age: 498
etag: "99914b932bd37a50b983c5e7c90ae93b"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 2
x-amz-cf-id: 7BCqHy6ii23H71OsMu-n-iPYrF2fys0aamQYi42qHf3Nz25M8lcGTw==

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/ab4db02e-f004-4923-8d56-ed722ad49704/ 390 KB
91 KB 80ms
18ms Script
application/javascript 2600:9000:206f:ec00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/ab4db02e-f004-4923-8d56-ed722ad49704/plugin.min.js
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ec00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c5ad9508977fa9a8685857181c93948a27aa92116e4801d95f3238c82075bd4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:44:02 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 07:46:40 GMT
server: AmazonS3
age: 498
etag: W/"f6f0cf22d944c20b2a1f8454ca42afe4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 3ygUmrHU6ZGSiou4LPW844ix-5tF7j6pezngVperGXhh6MAKR31AMw==

GET
H2 200 this.png
thetruedefender.com/wp-content/uploads/2021/01/ 19 KB
19 KB 33ms
33ms Image
image/png 2606:4700:20::ac43:4551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thetruedefender.com/wp-content/uploads/2021/01/this.png
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efd9e824a1e4ebcc1191decc082d4718bc50ca3ac692bb9529753d4cc97c5ecc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1582
cf-polished: origSize=21749
content-length: 19502
last-modified: Tue, 05 Jan 2021 23:49:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tI7no9whE6v8JEkJhCP%2FIKdhs3VrT1EDx2kUbG3TRpQwZqnLs3pVnUhgefuitplX6b3EE%2BQyXjX9jjGCU1hQhEb182QRiGFiw2lfOhjrzcZOylroCKpsFzK9softrC9omyOavoZOSHOe8mIkbEjoQzo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6a8096db18993746-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 Untitled-16.png
i2.wp.com/thetruedefender.com/wp-content/uploads/2021/11/ 213 KB
214 KB 31ms
8ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/thetruedefender.com/wp-content/uploads/2021/11/Untitled-16.png?resize=780%2C470&ssl=1

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

5694190f33aafaf67bee0056ee8532facda90c590ad0cc5c980a06c69f3a035d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Tue, 02 Nov 2021 21:52:19 GMT
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 16:38:46 GMT
server: nginx
etag: "dd738fd73c9facdf"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://thetruedefender.com/wp-content/uploads/2021/11/Untitled-16.png>; rel="canonical"
content-length: 218362
expires: Fri, 03 Nov 2023 04:38:46 GMT

GET
H2 200 tielabs-fonticon.woff
thetruedefender.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/ 40 KB
40 KB 44ms
41ms Font
font/woff 2606:4700:20::ac43:4551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82649ad7d4ec9c61f1e525b2dade75153ffb03610b88d22e1ba3ba98fd55de81

Request headers

Referer: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Origin: https://thetruedefender.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:19 GMT
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 317
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xm5fgLFRFA4XLf0EM5m7uxlvwOW14MdEvuhSjNt%2Fa6ybNJ7HOyeZdNZ%2FZzNftiSj4tHirjU7DEBMcw5NqJ4zPS8FAad4xr8gxJDFKH%2B8Fbs%2BEPMu0ZGESvIuTATkQ3xmmZUmKFU2KRek56L4xQLuMB4%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a8096da5edd3746-MXP

GET
H2 200 fa-solid-900.woff2
thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/ 78 KB
78 KB 45ms
43ms Font
font/woff2 2606:4700:20::ac43:4551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-solid-900.woff2
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Request headers

Referer: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Origin: https://thetruedefender.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:19 GMT
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 317
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fTTIueecrWV52n1ORdK0vczItp1u7xLSbdbqyTgpRPwoiS7qPy%2FBnKfPDR0W075xcyHx02MPFHAOdEVYCH6VhY6O%2BO8z7RjwtFbJQEIyNDvCxUXv2PBANW7RtRmuUOEaK7k0lW5CSEDA%2BdVHHUMh74E%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a8096da5ee13746-MXP

GET
H2 200 fa-brands-400.woff2
thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/ 75 KB
75 KB 29ms
26ms Font
font/woff2 2606:4700:20::ac43:4551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-brands-400.woff2
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29

Request headers

Referer: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Origin: https://thetruedefender.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:19 GMT
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 317
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BD0Af9CYr40kcWGwQ7TMowbdX69BGck1ZRMuB40B7fQUbXTwTUdFenSuVcKZ8Ii7A6%2BRuaGoDZWb%2FdA8%2F%2FmNJAmgD%2BpUfT0yvBKTnW5I4qN%2BbZP42Ciug1jafnhezbSrB4oiwRBPM3iwhijq2m82o9U%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a8096da5ee33746-MXP

GET
H2 200 fa-regular-400.woff2
thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/ 13 KB
14 KB 45ms
42ms Font
font/woff2 2606:4700:20::ac43:4551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-regular-400.woff2
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65

Request headers

Referer: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Origin: https://thetruedefender.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:19 GMT
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 317
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2FUudHt4KBdVCXsTFmAxDihyg%2BZRU4HqG48QEpDpSHjvnxPc%2BQ3D0q8BwHIH6MLstrBWAzHEtw2BZgE0b1pLAN4CvOYTaDteNJBPzVnipAKbBFD4F0M433dFQOS4woafFgXYUgpr2y6abI1PRjAtfqs%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a8096da5ee53746-MXP

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 68ms
28ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-186892928-1

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

114cec4e4207abfdc3fc0fb6505d2ce91d37b2da7d728313d145e2713d2112c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35809
x-xss-protection: 0
last-modified: Tue, 02 Nov 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 02 Nov 2021 21:52:19 GMT

GET
H2 200 frontend.min.css
thetruedefender.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/css/ 7 KB
1 KB 44ms
42ms Stylesheet
text/css 2606:4700:20::ac43:4551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/css/frontend.min.css?ver=6.6.2
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7145e35459692778d48ee4720e0897425811356b8e60ecdf87decaa8db0fdd6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Mar 2021 22:03:52 GMT
server: cloudflare
age: 1582
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=87i3ClzIuGtt9lPERKFy1JyY3ydkqA9ARaNBvuEtjqZi%2FR20oBnp1q86G7jSaWB9JXGbl7tJlKLO26gn8WANeq84vA1H7C4rR4Dty76hVY5n0XJLc5vVCYCVM1I1rn9vhjbqlCalSlo5Im8KWKHLDxQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a8096da5ee63746-MXP

GET
H2 200 base.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 41 KB
9 KB 44ms
41ms Stylesheet
text/css 2606:4700:20::ac43:4551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/css/base.min.css?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae68d7418f7820c7267d6dc0ec4f3f0935d15e965d5dfd0730ee15265cb932e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 1582
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hu536ggGkj8%2Bdsz%2BH%2FL2rlcLS65mQhRwg0nURrmFdjXhJp8m7h%2Ft0L0XqhdqS2RRtpXx0TsLhW%2BSeS3j%2FAGi%2Frk01MJkeNhAnp9lw2JUk7RBjlsh%2Fr%2FDWEMCfsLPa56dSRCGtGqeg1HRgEBgEAAYh5o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a8096da5ee73746-MXP

GET
H2 200 style.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 171 KB
30 KB 45ms
43ms Stylesheet
text/css 2606:4700:20::ac43:4551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/css/style.min.css?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4e54900492e7fa37b1da9dfb701b52ce20eb8709219e48f9db66b9fd547c429

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 1582
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DiBm%2BtZToTjwbeMydJxt8qV2NcTabGkhf%2BXVYZ5%2BWXfV88hIx%2BJ3oixpDmBActUsetaUhBszA2fbI0uaf%2F%2BljlyQVbUkWvwSQwQ3eydH8kO5pcacJjL%2BH59wz25hR%2B5LK9ncKIr6LaV3%2B3BfgbJKNYc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a8096da5eea3746-MXP

GET
H2 200 widgets.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 53 KB
10 KB 46ms
44ms Stylesheet
text/css 2606:4700:20::ac43:4551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/css/widgets.min.css?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 300c2a57d0ed169063b3daaff0550227cf8be6e702a58ab79f40a351df655243

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 1582
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ii%2FZbrEEmJjeGGZSaaO4Q0BCw08FQGymXPDPFMfG94TDNhP41mOv1KV3ZysaIkLrDvboPq3u1ogLxiM0TSL9DXJ9zZKiRFWtfWvm19t36BlFV30fN%2Fjr4lh3LIUiewAOuu2bz%2F57uivVAwoIrfbZRns%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a8096da5eeb3746-MXP

GET
H2 200 helpers.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 15 KB
4 KB 44ms
43ms Stylesheet
text/css 2606:4700:20::ac43:4551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efd5ad608d8f3603b3eb9ca9f2c65ed45d7ca18acd0296fe5fc24b150eb4c4e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 1582
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=is4Li4Pp7inhZZB1kollQJjDdlzRrbg6IAduY5zubsSJq1FqoOzjyfQf%2F0Ix7eXhp9XcZgmGon1bBVDXJa1HaWedb83MhNkVMsTTn05rHkwUtLQOuVL51dThynMqEM3qWsKJCJjfAsHnkj1F664mEdA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a8096da5eed3746-MXP

GET
H2 200 fontawesome.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 57 KB
13 KB 42ms
41ms Stylesheet
text/css 2606:4700:20::ac43:4551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/css/fontawesome.css?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e994c6b869ce31ac6a8997cfcdaca22ac6c47f137ec735b2ac413e466b7ca0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 1582
cf-polished: origSize=58662
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cccqbOEFYBlJtTWncPm9RqxHldNoSnFAZsOf3zPCLbXNCoulFPcbTpaLTcqZYFUw5tk58S6cxHqtgVrgVn43BoMlIiei0tg%2BFi0fQeSor70iczITE70jpOElxUhxnh%2BdhCDawzF040p8pJd8U4rervA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a8096da5ef03746-MXP
cf-bgj: minify

GET
H2 200 skin.css
thetruedefender.com/wp-content/themes/jannah/assets/ilightbox/dark-skin/ 10 KB
2 KB 45ms
43ms Stylesheet
text/css 2606:4700:20::ac43:4551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/ilightbox/dark-skin/skin.css?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff17f08db808e813e0f3270329ce38e06376065502acddb467d39eea8d84d67c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 1582
cf-polished: origSize=12018
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yVv%2BdEJVq1jEtNw0WWtUlvM6KKPw%2Bz05%2FAxmLTt5%2BuyW4j1aTMxBwtEOtzsfkoJBXfP5WlRUjz42Ah1%2BRsJxcPeIdbbWclofvcWQME%2F4yXJE1fuFNGLJkjX%2F95bziJWAEOxCH81dEjyYiHXM3t0jiZ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a8096da6efd3746-MXP
cf-bgj: minify

GET
H2 200 shortcodes.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/plugins/ 11 KB
3 KB 44ms
42ms Stylesheet
text/css 2606:4700:20::ac43:4551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/css/plugins/shortcodes.min.css?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf3b52f874aebd7cfc4c49cc840977ec1fa179df6026c7cbb23794a3ccbde172

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 1582
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CiDMyHPX%2FCOMgVKbrb4U31AoDcYxVGVRtDuYFFOuAEHTXPE94gHlPglqZf0rXpVeyIpleZM31bWM9HUOT%2FKiAChECaUhnHFl7%2FqaB9vxKUDdgqEP5ygGg0sycKVAUqFPOOo63%2BEqua89cCzZbecbny8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a8096da6efe3746-MXP

GET
H2 200 single.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 40 KB
8 KB 44ms
43ms Stylesheet
text/css 2606:4700:20::ac43:4551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/css/single.min.css?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5010764339d94d1fa6a5cc219dd0ab07cfca326a11e866768b80d6081773950

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 1582
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZfYfQJAL0lwHGTvsXJThJNakYke81dL4zHl0Wr9UzeumNGNGjZAF0mY6qTnUZnCHI2rBpQWtN0P7GUO6q5CR5AfxIP4%2BLR076Z564YfqMf6KkuFbdfle6%2Bosv5lKLnaBu9onLcxN%2FjbXwswqPCkSxr8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a8096da6f003746-MXP

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 60ms
18ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-186892928-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 6673
date: Tue, 02 Nov 2021 20:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Tue, 02 Nov 2021 22:01:06 GMT

GET
H2 200 wp-emoji-release.min.js Show response
thetruedefender.com/wp-includes/js/ 18 KB
5 KB 59ms
57ms Script
application/javascript 2606:4700:20::ac43:4551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 12:55:33 GMT
server: cloudflare
age: 1581
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wa492fa5vy49qwiN1sdfJjVdJ2XCFsvtm5ua27py8xqWEacqQ72wRTaORvoyPuWEo5FAYI0P3v5nY%2Bq%2BSHBZ4JGuVdSTUD69IAObENTXhXtkgnovGwXXFwVfw6%2BNoUTPwBgTBuwDolp0d58f8uemQDM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a8096db79ab3746-MXP

GET
H2 200 print.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 2 KB
970 B 53ms
51ms Stylesheet
text/css 2606:4700:20::ac43:4551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/css/print.css?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1672b6adb575ab5321d426ebcca1e8b00217bfb2704fb41797f0dc91f5f5061

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 1581
cf-polished: origSize=2175
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qUAWIXLDYtaqgnriLOjF9otGMtioHn7%2Fvy0w8kkGxiEBRmANNB0VH37FwFyoCw5eAJBeOaCooz9Yaoy8t5thWYZq8qbABz0Lj47YGWz0yz1tkjSxNJ2Ku4dslEkZvxKM3mDxGhHeQ%2BUmJQwzBj5S34k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a8096db79ae3746-MXP
cf-bgj: minify

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/9.5.3/css/ 75 KB
13 KB 29ms
6ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/9.5.3/css/jetpack.css

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

0b721ba64a02eb660eb62d1b6d7558ec8d86490c0e4444262b38ac5a54004e88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: br
last-modified: Tue, 23 Feb 2021 16:08:42 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Wed, 02 Nov 2022 21:52:19 GMT

GET
H2 200 frontend-gtag.min.js Show response
thetruedefender.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/ 9 KB
3 KB 33ms
32ms Script
application/javascript 2606:4700:20::ac43:4551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=6.6.2
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a1fc524469c189ab3ef5bb0fd741d4ca4b9397535b88666e87b412fb78cb4f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Mar 2021 22:03:52 GMT
server: cloudflare
age: 1582
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2B2tAwYRa7YWhZcRblw5xAdWkM75n19R%2BkasiUnETy%2BbaKMjDAejRkRjkH4gKMVdQrYGe0YVTxlDIUAzLl84%2FSYRrN%2BCwp8rjlXG%2BiKcokO2z56dLJjTK59AxS%2BVDupxadmJ%2F119%2FeI4A3tmzmMig%2BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a8096db189c3746-MXP

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/5.8.1/wp-includes/js/jquery/ 87 KB
30 KB 29ms
7ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.1/wp-includes/js/jquery/jquery.min.js

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: br
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Wed, 02 Nov 2022 21:52:19 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/5.8.1/wp-includes/js/jquery/ 11 KB
4 KB 29ms
7ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.1/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Wed, 02 Nov 2022 21:52:19 GMT

GET
H2 200 frontend.js Show response
thetruedefender.com/wp-content/plugins/fullworks-anti-spam-pro/frontend/js/ 439 B
594 B 25ms
25ms Script
application/javascript 2606:4700:20::ac43:4551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/plugins/fullworks-anti-spam-pro/frontend/js/frontend.js?ver=1.2.3
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c84b15475645a583ebcacf9dce3e2ac8ada4feacf3640b2ba60c9139dc9e382

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 07 Jun 2021 12:31:13 GMT
server: cloudflare
age: 1582
cf-polished: origSize=1539
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2BUIjRIAmUDBOVFJy7uf39eVjeZ8eVZ82%2Bu9ypbMxFELwDIP7echZvSy3zb9F3%2F9jyQ4DAHqxBF1yb2Ie0derYQpZyLYA7cMREUNjI7dCqdy5ELGwnFffnIofeB3LxwnEnbZ08usCvuTfMFTa9jMQE0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a8096db189d3746-MXP
cf-bgj: minify

GET
H2 200 jquery.form.min.js Show response
c0.wp.com/c/5.8.1/wp-includes/js/jquery/ 16 KB
6 KB 38ms
16ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.1/wp-includes/js/jquery/jquery.form.min.js

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

7dcbd9ddb813cf06084d60b6158da5289b9e33ba3f9e7c463fd20e7ec8462014

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: br
last-modified: Thu, 18 Mar 2021 17:53:19 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Wed, 02 Nov 2022 21:52:19 GMT

GET
H2 200 just-contact-form-ajax-script.js Show response
thetruedefender.com/wp-content/plugins/just-contact-form/js/ 388 B
503 B 26ms
26ms Script
application/javascript 2606:4700:20::ac43:4551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/plugins/just-contact-form/js/just-contact-form-ajax-script.js?ver=5.8.1
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae5df397c5c0dac0b9a5156343d18306f38b277664010be4121bd082f795131c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 22 Nov 2020 12:53:32 GMT
server: cloudflare
age: 1582
cf-polished: origSize=463
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tdm3mLYomsHLX7hjq6VakwNN3SP1lp99FXvCVEJW3twtmQsA%2B7eIm1PGUwahkC3Vo6km9RlnWZuLVisDyvgVQTH2JcnmlnSo4VkV%2FmZeP%2Fjv2EtrxYDCFj8YRR3h%2Fc0F68NfXEkN%2B9P8M9zgFbUlmgo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a8096db189e3746-MXP
cf-bgj: minify

GET
H2 200 / Show response
users.api.jeeng.com/users/domains/0Lvxx4MBY1/sdk/ 355 KB
118 KB 101ms
49ms Script
text/javascript 2606:4700:10::6816:38ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://users.api.jeeng.com/users/domains/0Lvxx4MBY1/sdk/
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:38ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: cbf109b38f079870b1f9035e2b44e2ea38d2b65b4a900a68c1cae0103285ab33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 2519
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: *
server: cloudflare
etag: W/"58a7e-yyWsOcYbvZyaQUZDAYpUXENT2dg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 4e78864de8e88865aeedd2f9849556b6.cloudfront.net (CloudFront)
x-cloud-trace-context: e98e90f427a1664303df38d815988074
cache-control: max-age=3600
x-amz-cf-pop: MXP63-P3
cf-ray: 6a8096dbcd7ce8fb-MXP
x-amz-cf-id: JfBFru8Mn-MqQnZXvMf8DcyV9RJmwfd6sACCxHqaaHD5h6r2_IyZNg==

GET
H2 200 email-decode.min.js Show response
thetruedefender.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 22ms
21ms Script
application/javascript 2606:4700:20::ac43:4551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetruedefender.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 12:26:29 GMT
server: cloudflare
etag: W/"616eb975-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EPimO3oU0ch9jZp461fvhPf%2FucUe2uWVOlJKeuF4dyJzJLM%2FoqLXkgf5AVdIHsCcanbasvEQJIfwuVP74VJZIChw3pT60HnoFzn0k12ITdvKsOPLms8LcitP78wY7ygODsmiDI57xo2GPYOnDrenuxI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a8096db594a3746-MXP
vary: Accept-Encoding
expires: Thu, 04 Nov 2021 21:52:19 GMT

GET
H2 200 photon.min.js Show response
c0.wp.com/p/jetpack/9.5.3/_inc/build/photon/ 758 B
425 B 9ms
5ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/9.5.3/_inc/build/photon/photon.min.js

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: br
last-modified: Tue, 31 Mar 2020 17:26:38 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Wed, 02 Nov 2022 21:52:19 GMT

GET
H2 200 comment_count.js Show response
thetruedefender.com/wp-content/plugins/disqus-comment-system/public/js/ 708 B
710 B 35ms
31ms Script
application/javascript 2606:4700:20::ac43:4551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 12:35:35 GMT
server: cloudflare
age: 1582
cf-polished: origSize=889
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=72EXu%2B3nELDbT7HNUsg7VYfoYZhsaqQynyf8Z%2Fo5EC6grvlusR7Sa%2Fm8JaSbBvSxpylCjQ2lBlYdVAZDt%2FuZdyQQicbNVLA6d%2FJh7n0SGCZkJEbp14eGPnyrmPnZW0AyuHArTkyIZ0iY%2BZUMtOYwmSM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a8096db79913746-MXP
cf-bgj: minify

GET
H2 200 comment_embed.js Show response
thetruedefender.com/wp-content/plugins/disqus-comment-system/public/js/ 878 B
640 B 41ms
37ms Script
application/javascript 2606:4700:20::ac43:4551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.22
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60631ed8f1dfa6713ff9e30fec41786aadc477c0cac5a75dca66b5a49f76b901

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 12:35:35 GMT
server: cloudflare
age: 1582
cf-polished: origSize=1232
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Lo3Ls19gnXeJnc4KrRBd0TJrDhy8ghYzIwiq9cvJG5IycFZmxqH%2BgkJ8WygvpAfs6zvayQIF8x8Ork0xr7EEVc%2FjCx9OWQMe71o1VRLn0hI%2BM9a%2FNQtAtMG3TqPSlS34mdX4BDnaH1fEAbfCHX3IRo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a8096db79953746-MXP
cf-bgj: minify

GET
H2 200 6aee8e32-15aa-46b8-b94d-8d12cf53c25c.js Show response
clientcdn.pushengage.com/core/ 76 KB
19 KB 43ms
8ms Script
application/javascript 13.35.253.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://clientcdn.pushengage.com/core/6aee8e32-15aa-46b8-b94d-8d12cf53c25c.js?ver=5.8.1
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-117.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: 94fe45377e314459bbf1b01708c6d27fd0f5045a586976a9882535fdebea47c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:50:37 GMT
content-encoding: gzip
server: nginx
age: 102
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=120
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: r-MzOscwppu3nJX02ifkdFkZYGrTx9On7k3LvPdlNX9aJPHGxttj8w==
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)

GET
H2 200 intersectionobserver-polyfill.min.js Show response
thetruedefender.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/ 8 KB
3 KB 36ms
32ms Script
application/javascript 2606:4700:20::ac43:4551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/intersectionobserver-polyfill.min.js?ver=1.1.2
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88264adf3d3193fb56c229f0b92e2a6096770eb76996d1fedc95f5bcb208ccda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 03 Jun 2021 12:23:44 GMT
server: cloudflare
age: 1582
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qEAxUv6naMHbjvSbelemjLTaCF1lCQG%2F8vvKGbl2Go6VsJn4c8ulPpxZnFMq8VXdovDiZGRlMOpwoNJGZ5jFLCHXth6dk%2FwcGTWKbg8awzphAzmWW%2FsAY7Q9uO%2BEKP9JlFwdrJySw7GKifW7jAcGxQ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a8096db79963746-MXP

GET
H2 200 lazy-images.min.js Show response
thetruedefender.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/ 3 KB
2 KB 35ms
31ms Script
application/javascript 2606:4700:20::ac43:4551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/lazy-images.min.js?ver=1.1.2
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51e78e904c795ed5b0154a9995d1ab0b7e3667f5aede719bda86ba38236c5989

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 03 Jun 2021 12:23:44 GMT
server: cloudflare
age: 1582
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7XjQdXYaqLZhjuVCcl9%2Bp%2FF0XndxKWf1YebvfHtFI9RuxBUomA74KNUo4UC1WKsHrsU6i08X6iRdvq2GboGIIqRIARD219GqstLqEDFePg1%2FqP6Ca6YswXj8QoBi5wn%2Fi3Ay%2B0Fi8kwv70ot73A%2FjI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a8096db79973746-MXP

GET
H2 200 scripts.min.js Show response
thetruedefender.com/wp-content/themes/jannah/assets/js/ 22 KB
7 KB 39ms
35ms Script
application/javascript 2606:4700:20::ac43:4551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/js/scripts.min.js?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d90a92a7cfa091e8b08b8a24572b8c67d1aa35d4e2a9b09887cfb412acc3adfc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 1582
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UuDroRnwwY%2FxJxMMOXj3QPgCt5xPduvkwwxCC6sZwNBS8aGsLW2Ng9zPICoZndUl8Y96Q6nw1oYwF9YJlNiOVNN5aemEEYMlDicHPDk3%2BgOQv6ZU9fe9%2BS%2FJSZtdmqMtp9AiVOP5N4WmakqGt2UHPBw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a8096db79993746-MXP

GET
H2 200 lightbox.js Show response
thetruedefender.com/wp-content/themes/jannah/assets/ilightbox/ 79 KB
25 KB 37ms
33ms Script
application/javascript 2606:4700:20::ac43:4551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 545f7284439440fac6a2ce4a53a16cf7e9c7f9f6dc7a6f09877bd2af7c85e3b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 1582
cf-polished: origSize=81423
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mLuEZFEwkSqejtI%2FEvOuoBuLnEyurnxDsoe%2FTj8AhbMP6C8QG9FthFqFcPXT4%2B1ivJZ6mUUkASXQ3JAIKK5XNRSREt3BnnddZm%2B4TPcRH6g7M6oIcaeJFeP5%2Bc3l47skgScIRkIxNx1IAk5mEqeYHZw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a8096db799a3746-MXP
cf-bgj: minify

GET
H2 200 sliders.min.js Show response
thetruedefender.com/wp-content/themes/jannah/assets/js/ 48 KB
12 KB 41ms
38ms Script
application/javascript 2606:4700:20::ac43:4551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/js/sliders.min.js?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4aedd618e5afdcceeaeb82c1d6926175a4bb43dd363e9c64eacfca2ae80c9b60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 1582
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AId%2F0UMjNyu%2FpVoCocV84dqtTL11%2BdM9QNuZ9jCkL8ADH4IxrRq2iV4mx18GM7WdJhLY00n%2FNu99g%2FrqFOulIPN8aTF%2F%2BS3g5f0YcmU0R0hudXx0AsJA7TqZOLTyhxH24u%2BiiaNhyp2Y5hW0rmS0NqA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a8096db799c3746-MXP

GET
H2 200 shortcodes.js Show response
thetruedefender.com/wp-content/themes/jannah/assets/js/ 10 KB
4 KB 40ms
36ms Script
application/javascript 2606:4700:20::ac43:4551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/js/shortcodes.js?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a211890e04f6342daafeab7c7d11cd15419e8a4830f530176b28d872e6a1d9a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 1582
cf-polished: origSize=11181
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pybs76u5la89kKwClEUoDkkSXcbYq2kURQUJFVWP5qEI%2BE%2BzEc6EeJy3Ok39oC73RrgwcQX%2FLOQfPdELn6Hg4fNamsgr5iFaZvu5XOAdNgTQYz2AJLs2dCfRVodUqlEbOzrNuzDrkg4s9C%2Bm6QFPNhE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a8096db799e3746-MXP
cf-bgj: minify

GET
H2 200 desktop.min.js Show response
thetruedefender.com/wp-content/themes/jannah/assets/js/ 16 KB
6 KB 80ms
76ms Script
application/javascript 2606:4700:20::ac43:4551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/js/desktop.min.js?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7462bdf789a89db34e26ce9deeb27e2d532113145d71bb560aad30c67dceaf88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 1432
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PR1rXMSDMnmP8d5HaEdTpfp1C9nqG4cyXb2ifO6rQIxklYTPdqevgT6b24F6RunYKKIlRpBzKbv4wZFoinvMg%2FqN%2BPzAIc%2B9wtgsq3U1dLj%2BJ6sQQsytpsaKk5RVVLTOWASekULT24YRh%2F0qEg4ADDE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a8096db799f3746-MXP

GET
H2 200 live-search.js Show response
thetruedefender.com/wp-content/themes/jannah/assets/js/ 14 KB
5 KB 39ms
36ms Script
application/javascript 2606:4700:20::ac43:4551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/js/live-search.js?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ebe3ff6e3d8d47304ff7bbcb28cc0579ca64c2cd7989015db2fbdb08ec8dd92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 1432
cf-polished: origSize=14601
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pq4z%2BJQ%2BWeqCK49di%2Fjt%2BAaMKM4wJxaBI7YhvarC%2FI%2FKwF94i9%2FCviYAWh80S3mAGB8AWcQpcRd3NXplhV1JapJArVz%2BV6jMGR7jqQUE4Ar6WOA9wx5xgUNdRESzsVRt0G6E%2FA%2B3GRjdSW%2BEaSTpvJM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a8096db79a13746-MXP
cf-bgj: minify

GET
H2 200 single.min.js Show response
thetruedefender.com/wp-content/themes/jannah/assets/js/ 5 KB
2 KB 55ms
52ms Script
application/javascript 2606:4700:20::ac43:4551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/js/single.min.js?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e84a340caf47fb7f52d6d4eef3db512e84c911268acf1c5eb66b44887f343457

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 1582
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gBB8DyRJqRNuDv63QPumGCxh8z9ArhZq%2BnEGU4JOb0tumg1q1%2FAK%2B8wK3nnM0jtc647Sw9WWwwRafydTSrLKsdGBfCh1kt9QGiVRkXJzWWacOsutT957zGMvtwjU9TSJM0ccLvGV4mEcfyi3ftfgiD8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a8096db79a33746-MXP

GET
H2 200 comment-reply.min.js Show response
c0.wp.com/c/5.8.1/wp-includes/js/ 3 KB
1 KB 10ms
7ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.1/wp-includes/js/comment-reply.min.js

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: br
last-modified: Thu, 18 Mar 2021 17:48:23 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Wed, 02 Nov 2022 21:52:19 GMT

GET
H2 200 wp-embed.min.js Show response
c0.wp.com/c/5.8.1/wp-includes/js/ 1 KB
719 B 10ms
8ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.1/wp-includes/js/wp-embed.min.js

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: br
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Wed, 02 Nov 2022 21:52:19 GMT

GET
H2 200 br-news.js Show response
thetruedefender.com/wp-content/themes/jannah/assets/js/ 5 KB
2 KB 59ms
56ms Script
application/javascript 2606:4700:20::ac43:4551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/js/br-news.js?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 360cb757953c12a86e5cab86a14bc19f343fae4b09fa758b1a0535dca3c5f26f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 1582
cf-polished: origSize=5594
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4odDR0ATDq0ODYI0XW8%2F6xHuqxS9%2BTipEPtqIvPcd9unea6E7gFT2Fbx5xRtbTYkzWksGzrcj5OKvOvoRJ05tGqdEMSsjuWOH0XHAPNJOadY%2F3U96Jb%2BECxBI9LLSEZMgFtV63eGQo%2Bw0j9TkhJVsGM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a8096db79a83746-MXP
cf-bgj: minify

GET
H2 200 e-202144.js Show response
stats.wp.com/ 9 KB
3 KB 29ms
7ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202144.js
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn
date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 24 Oct 2022 05:44:33 GMT

GET
H2 200 thetruedefender_thetruedefender_sticky.js Show response
cdn1.lockerdomecdn.com/embeds/ 1020 B
1 KB 213ms
9ms Script
application/javascript 2600:9000:2057:2400:b:6268:b880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.lockerdomecdn.com/embeds/thetruedefender_thetruedefender_sticky.js
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2400:b:6268:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6990ea232bb26e9f419f1c364efc4d46ab62288a58f57aff6f289f4a98459240

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 5SJgwcOSQVDADRfSedXeHumqp.bTbaay
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 16:39:44 GMT
server: AmazonS3
age: 59517
etag: "5bc9056f1e2006913082934b4e7f8720"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 02 Nov 2021 05:20:23 GMT
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 1020
x-amz-cf-id: M1W4yKcNhDd4qKi0LS2lxda9udgjXbpYjZNNEaJ5UeTyaQBMZIdCdA==

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 ajs.js Show response
cdn2.lockerdomecdn.com/_js/ 5 KB
3 KB 108ms
7ms Script
application/javascript 2600:9000:206f:a000:a:cbb7:a940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:a000:a:cbb7:a940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 02:03:30 GMT
content-encoding: gzip
last-modified: Fri, 29 Oct 2021 19:55:37 GMT
age: 71329
etag: W/"14f4-17ccd9f3bff"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: Z_Qmji2eJCpfhLOp0H9-Yo2XxvWrttgSxzXYOarHtvQWk1F1z3zkfA==

GET
H/1.1 200
OK TheTrueDefender Show response
xn--r1a.website/s/ Frame 0D6B 106 KB
17 KB 216ms
50ms Document
text/html 95.216.186.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://xn--r1a.website/s/TheTrueDefender

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.40.186.216.95.clients.your-server.de

Software

nginx /

Resource Hash

2112007d6e205ff60a7967796907853e3129f1f7cb6eab9f6b023da7ec1e9534

Security Headers

Name	Value
Strict-Transport-Security	max-age=35768000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

Server: nginx
Date: Tue, 02 Nov 2021 21:52:19 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Pragma: no-cache
Cache-control: no-store
Strict-Transport-Security: max-age=35768000
Access-Control-Allow-Origin: *
Content-Encoding: gzip

GET
H2 200 Untitled-15.png
i2.wp.com/thetruedefender.com/wp-content/uploads/2021/11/ 63 KB
63 KB 25ms
24ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/thetruedefender.com/wp-content/uploads/2021/11/Untitled-15.png?resize=390%2C220&ssl=1

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

36d290f9d96e9e54061a31c2a9efc26e0fbab8ed60861393f9554cd509003a4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Tue, 02 Nov 2021 21:52:19 GMT
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 16:39:41 GMT
server: nginx
etag: "ef3b37ae310c949b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://thetruedefender.com/wp-content/uploads/2021/11/Untitled-15.png>; rel="canonical"
content-length: 64186
expires: Fri, 03 Nov 2023 04:39:41 GMT

GET
H2 200 Untitled-17.png
i0.wp.com/thetruedefender.com/wp-content/uploads/2021/11/ 97 KB
97 KB 43ms
35ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/thetruedefender.com/wp-content/uploads/2021/11/Untitled-17.png?resize=390%2C220&ssl=1

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

841fc3b8f3bfa44fe3cde19cb624fa583e340a2674d1c665be8550aa673ed98c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Tue, 02 Nov 2021 21:52:19 GMT
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:24:51 GMT
server: nginx
etag: "2790275cb60ff7ac"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://thetruedefender.com/wp-content/uploads/2021/11/Untitled-17.png>; rel="canonical"
content-length: 99334
expires: Fri, 03 Nov 2023 05:24:51 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 65ms
21ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/ab4db02e-f004-4923-8d56-ed722ad49704/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

b83d88fa2b75020875f387fa0f894d4d37cd995aca9144b6a824ff11e3c8ff31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1032 / 589 of 1000 / last-modified: 1635851101"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27198
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 02 Nov 2021 21:52:19 GMT

GET
H2 200 prebid5.14.0.js Show response
get.optad360.io/sf/ 460 KB
142 KB 9ms
9ms Script
application/javascript 2600:9000:206f:ec00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid5.14.0.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/ab4db02e-f004-4923-8d56-ed722ad49704/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ec00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 15:15:22 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 07:59:54 GMT
server: AmazonS3
age: 628618
etag: W/"6dd0a13bde35d2daa452bba998871016"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
cache-control: public, max-age=360000000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: VNBqqtN1eKSCaylgI65wYRKEGKkwEVQVNEVhk19mWObTWwOm4YJXQw==

GET
H/1.1 200
OK count.js Show response
thetruedefender-com.disqus.com/ 1 KB
2 KB 58ms
17ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://thetruedefender-com.disqus.com/count.js

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 21:52:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 252
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 01 Nov 2021 21:23:57 GMT
Server: nginx
ETag: "61805aed-367"
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: DFW3-C1
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: ymhepL14CTrb9LcL9_GFCN193h8VVTxBS0KUKRIVBRV8QrvCUEBHSg==

GET
H/1.1 200
OK embed.js Show response
thetruedefender-com.disqus.com/ 74 KB
24 KB 56ms
19ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://thetruedefender-com.disqus.com/embed.js

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.22

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

e79d7844bd5daf0cb750f029d8e088938c60ebd784878c9cc41cbd1481d5563c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 21:52:19 GMT
Content-Encoding: gzip
Server: openresty
Age: 73
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 24534
Cross-Origin-Resource-Policy: cross-origin

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:36:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 971
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 02 Nov 2021 22:36:08 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
208 B 21ms
21ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=42117010&t=pageview&_s=1&dl=https%3A%2F%2Fthetruedefender.com%2Fthousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots%2F&ul=en-us&de=UTF-8&dt=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots%20-%20The%20True%20Defender%20!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUIhAAAAAC~&jid=397239257&gjid=1243654846&cid=1031479285.1635889940&tid=UA-186892928-1&_gid=1998227999.1635889940&_r=1&gtm=2ouar0&did=dNDMyYj&z=815277417

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 13997836195017830 Show response
lockerdome.com/lad/ Frame 15F2 1 KB
2 KB 491ms
138ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/13997836195017830?pubid=ld-5318-880&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Requested by: Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Tue, 02 Nov 2021 21:52:20 GMT

GET
H/1.1 200
OK 14009642120598886 Show response
lockerdome.com/lad/ Frame 8277 1 KB
2 KB 490ms
138ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/14009642120598886?pubid=ld-7836-312&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Requested by: Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Tue, 02 Nov 2021 21:52:20 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 14ms
7ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A9.5.3&blog=189343063&post=34670&tz=0&srv=thetruedefender.com&host=thetruedefender.com&ref=&fcp=1203&rand=0.3023858275352642
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 02 Nov 2021 21:52:19 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 entities Show response
users.api.jeeng.com/ 184 B
659 B 55ms
38ms XHR
application/json 2606:4700:10::6816:38ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://users.api.jeeng.com/entities?description_md5=&domain_id=0Lvxx4MBY1&image_url_encoded_md5=&image_url_md5=&published_at_md5=&read_only=false&sdk_version=4.8&title_md5=&url=https%3A%2F%2Fthetruedefender.com%2Fthousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots%2F
Requested by: Host: users.api.jeeng.com
URL: https://users.api.jeeng.com/users/domains/0Lvxx4MBY1/sdk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:38ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a1e1bbde95c25364baea8f86c18729bbdcc9ea26cbebef777b7ecea9987e3109

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:20 GMT
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
age: 2177
x-powered-by: Express
x-cache: Hit from cloudfront
content-encoding: gzip
server: cloudflare
etag: W/"b8-tvV4WtnxRaNhUN9tDMhSAYuzHr4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: bd36456f43c85ddc4ca7fc5b3e8fa9a4
cache-control: max-age=3600
x-amz-cf-pop: FRA2-C2
cf-ray: 6a8096dcdb564309-FRA
x-amz-cf-id: YgSW_kJRNv0CFknIJRuUayYRvdSvfKYRs2ggyi5ba0pauevqJJqeAA==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 73ms
29ms XHR
application/json 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211102

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

015964ab01e4bd0a7384e8ac665f75be9388c6810a696c443051a6395d7c36fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Nov 2021 21:52:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 24680
x-jsd-version: 1.0.1149
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19179-FRA, cache-mxp6983-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"6a6-SzBe9d+ve5MAE8Zyq8jWujkfGBY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6a8096dd4fe1e8f7-MXP

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
936 B 86ms
40ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1345794
x-amz-request-id: txa9f7a43a20cf4c4c9390f-00616d2a11
x-amz-id-2: txa9f7a43a20cf4c4c9390f-00616d2a11
last-modified: Mon, 18 Oct 2021 08:01:51 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t9CFT9AMSj3rd0q7U7OBDTebJVfOBEQjsB%2FO0m4vvxaU7oyqx0Qx3oX9Ag1ftjxzngqBtFQdeXFmvuzmeOZxvTciXknL8ssAU6doQUWg3Dw0nB487DU4pz71E0bNts8TWAgGfmhcUVTumdAu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1634544111259554
cf-ray: 6a8096dd68930e1e-MXP

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
275 B 136ms
36ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Nov 2021 21:52:20 GMT
server: nginx
access-control-allow-methods: POST, GET
access-control-allow-origin: https://thetruedefender.com
access-control-allow-credentials: true
accept-ch-lifetime: 604800
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
access-control-allow-headers: authorization, origin, x-requested-with, cookie, content-type, accept-ch

POST
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
915 B 217ms
74ms XHR
application/json 88.212.252.2
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.212.252.2 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 59ms
15ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.14.0&cb=62306640382
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
date: Tue, 02 Nov 2021 21:52:19 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
181 B 55ms
18ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
date: Tue, 02 Nov 2021 21:52:20 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 v2 Show response
i.connectad.io/api/ 0
368 B 107ms
58ms XHR
text/plain 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Nov 2021 21:52:20 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 6a8096dd8b7a3753-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST prebid-request
onetag-sys.com/ 0
0

POST
H2 204 apacdex Show response
useast.quantumdex.io/auction/ 0
133 B 230ms
180ms XHR
text/plain 2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/apacdex
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Nov 2021 21:52:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://thetruedefender.com
access-control-allow-credentials: true
cf-ray: 6a8096dd8b4a0e06-MXP

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
379 B 288ms
94ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
date: Tue, 02 Nov 2021 21:52:19 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 2
vary: origin, Accept-Encoding

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
822 B 45ms
14ms XHR
application/json 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

cb61f98d1b5d2dfe91e815a3547dd241effe77301932cf6a5ba9d1542846221b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:20 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 6856cfc2-8cb8-47c4-9588-97fe5a4e427d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://thetruedefender.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 930 B
2 KB 183ms
71ms XHR
application/json 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 93322181e26ce5f07c801f8bdd8bc3c21dd91f756be0992e50ffe476d415cc95

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 6%3b12%3b68
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
821 B 51ms
14ms XHR
application/json 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

5d674ccfc99275643e24088b4c1ed8930f67c24ee5481fcab84efde40879ca67

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:20 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 1f589de2-73cd-486f-b577-1ffd3ddfe871
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://thetruedefender.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 50ms
15ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.14.0&cb=38329474410
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
date: Tue, 02 Nov 2021 21:52:19 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST prebid-request
onetag-sys.com/ 0
0

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
236 B 286ms
98ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
date: Tue, 02 Nov 2021 21:52:19 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 1
vary: origin, Accept-Encoding

POST
H2 204 v2 Show response
i.connectad.io/api/ 0
38 B 101ms
62ms XHR
text/plain 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Nov 2021 21:52:20 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 6a8096dd8b7c3753-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
181 B 41ms
15ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
date: Tue, 02 Nov 2021 21:52:20 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
18 B 120ms
37ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Nov 2021 21:52:20 GMT
server: nginx
access-control-allow-methods: POST, GET
access-control-allow-origin: https://thetruedefender.com
access-control-allow-credentials: true
accept-ch-lifetime: 604800
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
access-control-allow-headers: authorization, origin, x-requested-with, cookie, content-type, accept-ch

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 746 B
2 KB 199ms
91ms XHR
application/json 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: eb8d75b932aff4e0cbd76c871c9acc03add1319ae596ee3c0f8750d20269e2ec

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 6%3b11%3b70
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
822 B 113ms
83ms XHR
application/json 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

211a8253beb9326658353bdc98946d139c1a9f5c50a3da0dca69738c7855182d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:20 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d738ea0b-f1b9-4841-8eb9-4065753ceedb
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://thetruedefender.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
821 B 50ms
16ms XHR
application/json 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

8d00f836b8651b83404dbf59e5a0a8bdfccde3654beb779a8d388495379a3395

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:20 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: eddadbd3-0c24-44a9-b80f-e0e946b20888
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://thetruedefender.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
915 B 203ms
78ms XHR
application/json 88.212.252.2
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.212.252.2 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2 204 apacdex Show response
useast.quantumdex.io/auction/ 0
339 B 214ms
176ms XHR
text/plain 2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/apacdex
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Nov 2021 21:52:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://thetruedefender.com
access-control-allow-credentials: true
cf-ray: 6a8096dd8b4e0e06-MXP

GET
H2 200 e72a8036daedc055e34e45e4989680b2
secure.gravatar.com/avatar/ 36 KB
36 KB 185ms
65ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/e72a8036daedc055e34e45e4989680b2?s=140&d=mm&r=g
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f41cc4fab403de9d228f97f48da9d1985a2a00307ec22f09cd7f7b1e98470c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT mxp 4
date: Tue, 02 Nov 2021 21:52:20 GMT
last-modified: Sun, 14 Feb 2021 20:09:30 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="e72a8036daedc055e34e45e4989680b2.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/e72a8036daedc055e34e45e4989680b2?s=140&d=mm&r=g>; rel="canonical"
content-length: 36776
expires: Tue, 02 Nov 2021 21:57:20 GMT

GET
H2 200 Untitled-21.png
i2.wp.com/thetruedefender.com/wp-content/uploads/2021/11/ 37 KB
37 KB 81ms
80ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/thetruedefender.com/wp-content/uploads/2021/11/Untitled-21.png?resize=220%2C150&ssl=1

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

71525986010b69cd30e5a0e238de2e04e942b4c1765725116cd107150fe9bbc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: MISS hhn 3
date: Tue, 02 Nov 2021 21:52:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 21:52:20 GMT
server: nginx
etag: "d4e8b726fa905dd9"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://thetruedefender.com/wp-content/uploads/2021/11/Untitled-21.png>; rel="canonical"
content-length: 38062
expires: Fri, 03 Nov 2023 09:52:20 GMT

GET
H2 200 lounge.45ce3ab7627dd20241bfd7e5b01d3737.css
c.disquscdn.com/next/embed/styles/ 0
26 KB 147ms
11ms Other
text/css 2600:9000:2057:ee00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.45ce3ab7627dd20241bfd7e5b01d3737.css

Requested by

Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:ee00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 19:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10032
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 26057
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 02 Nov 2021 18:16:01 GMT
server: nginx
etag: "61818061-65c9"
content-type: text/css; charset=utf-8
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
expires: Wed, 02 Nov 2022 19:05:08 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: qNQpMGvQxPm7anFUiJbYRy1QAxDrz1eMJsOlLpEVdUqeVpE5enzbfw==
x-cache-hits: 0

GET
H2 200 common.bundle.2f2f40d40785c9541a90e9086c8770a3.js
c.disquscdn.com/next/embed/ 0
93 KB 150ms
16ms Other
application/javascript 2600:9000:2057:ee00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Requested by

Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:ee00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 14:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 716810
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94779
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Fri, 22 Oct 2021 00:26:02 GMT
server: nginx
etag: "6172051a-1723b"
content-type: application/javascript; charset=utf-8
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
expires: Tue, 25 Oct 2022 14:45:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: XZ2Nv5OCZlzgSVFD99xEDcgFJK4NC84PnWGwrLV-NXcU2Hmy8ILlHw==
x-cache-hits: 0

GET
H2 200 lounge.bundle.ace98c1ec418cae085455f6914352928.js
c.disquscdn.com/next/embed/ 0
119 KB 162ms
28ms Other
application/javascript 2600:9000:2057:ee00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.ace98c1ec418cae085455f6914352928.js

Requested by

Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:ee00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 19:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10032
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 120848
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 02 Nov 2021 18:16:01 GMT
server: nginx
etag: "61818061-1d810"
content-type: application/javascript; charset=utf-8
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
expires: Wed, 02 Nov 2022 19:05:08 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: ddqv5Ztc4nISMsktgiaFqgo2fGrDEesDYw5u5xt0q4DV0hfFE_8mOw==
x-cache-hits: 0

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
14 KB 65ms
20ms Other
application/javascript 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 21:52:20 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 13
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 13582
X-XSS-Protection: 1; mode=block

GET
H2 200 pubads_impl_2021102801.js Show response
securepubads.g.doubleclick.net/gpt/ 350 KB
118 KB 22ms
21ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

d5b83174b14c8fb07a6cfc17abbc860e726a23b84f724c468049c73e1e8d7cba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120786
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 08:34:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 02 Nov 2021 21:52:20 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 150 B
128 B 32ms
16ms XHR
application/json 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=thetruedefender.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

b9b119103a6c75308bbc9ba8dc606a095dd200104de1398912c0ba8ad33ac305

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 02 Nov 2021 21:52:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103
x-xss-protection: 0
expires: Tue, 02 Nov 2021 21:52:20 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
181 B 16ms
16ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
date: Tue, 02 Nov 2021 21:52:20 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 apacdex Show response
useast.quantumdex.io/auction/ 0
133 B 182ms
182ms XHR
text/plain 2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/apacdex
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Nov 2021 21:52:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://thetruedefender.com
access-control-allow-credentials: true
cf-ray: 6a8096ddaba80e06-MXP

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
232 B 217ms
95ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
date: Tue, 02 Nov 2021 21:52:19 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 2
vary: origin, Accept-Encoding

POST
H2 204 v2 Show response
i.connectad.io/api/ 0
39 B 64ms
64ms XHR
text/plain 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Nov 2021 21:52:20 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 6a8096ddabd43753-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
915 B 140ms
78ms XHR
application/json 88.212.252.2
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.212.252.2 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
822 B 38ms
38ms XHR
application/json 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

6f9a673b1873e1e9a5a0d36241a93bdcb1ad11375d26c93fa0fcd65ed2ed45e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:20 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 92d3a4e5-e636-4da5-9c48-9b47274de6c2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://thetruedefender.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
822 B 14ms
14ms XHR
application/json 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

6f7760e57750d49f911bf96dc7bb3e3d09a706b0bbbf1d84828fa9e18de96e06

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:20 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b5e2454e-04f7-47a1-8c5f-b4bdd55c1551
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://thetruedefender.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 995 B
2 KB 137ms
96ms XHR
application/json 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 632b66c5318d24aeb3304d1de2b6530ecbaa80d11e6d8654e04ed73dd6283e57

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 6%3b4%3b110
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
18 B 57ms
42ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Nov 2021 21:52:20 GMT
server: nginx
access-control-allow-methods: POST, GET
access-control-allow-origin: https://thetruedefender.com
access-control-allow-credentials: true
accept-ch-lifetime: 604800
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
access-control-allow-headers: authorization, origin, x-requested-with, cookie, content-type, accept-ch

POST prebid-request
onetag-sys.com/ 0
0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 14ms
14ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.14.0&cb=9383273736
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
date: Tue, 02 Nov 2021 21:52:19 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 apacdex Show response
useast.quantumdex.io/auction/ 0
133 B 310ms
309ms XHR
text/plain 2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/apacdex
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Nov 2021 21:52:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://thetruedefender.com
access-control-allow-credentials: true
cf-ray: 6a8096ddbbd90e06-MXP

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
821 B 19ms
18ms XHR
application/json 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

50c80b7f0573b4a9b5ed8b5444d74e55e8c6aa575f098a911ddf03a6b490154d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:20 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 22435228-e4ac-48f6-abf9-ccb346ec52fa
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://thetruedefender.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v2 Show response
i.connectad.io/api/ 0
38 B 60ms
59ms XHR
text/plain 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Nov 2021 21:52:20 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 6a8096ddcc253753-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 15 KB
7 KB 107ms
66ms XHR
application/json 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 831d25b7dd675bc9bd915177eefeb353bac5b1af2240669c603cf7f28967da43

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:19 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 6%3b3%3b120
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 18ms
17ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.14.0&cb=23818278090
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
date: Tue, 02 Nov 2021 21:52:19 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
181 B 18ms
18ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
date: Tue, 02 Nov 2021 21:52:20 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
18 B 41ms
37ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Nov 2021 21:52:20 GMT
server: nginx
access-control-allow-methods: POST, GET
access-control-allow-origin: https://thetruedefender.com
access-control-allow-credentials: true
accept-ch-lifetime: 604800
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
access-control-allow-headers: authorization, origin, x-requested-with, cookie, content-type, accept-ch

POST
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
915 B 126ms
77ms XHR
application/json 88.212.252.2
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.212.252.2 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
821 B 17ms
15ms XHR
application/json 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

3d52d83e861aa3a1407b96ecc89c8175eb866405606c1d4f3372d5f42f585b4b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:20 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 1acd0d7c-a5e1-4e82-9f19-73c42cf8d05a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://thetruedefender.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST bid-request
rtb.adpone.com/ 0
0

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
255 B 199ms
95ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
date: Tue, 02 Nov 2021 21:52:20 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 2
vary: origin, Accept-Encoding

POST prebid-request
onetag-sys.com/ 0
0

GET
H2 200 sjs.js Show response
cdn1.lockerdomecdn.com/embeds/ 17 KB
18 KB 8ms
7ms Script
application/javascript 2600:9000:2057:2400:b:6268:b880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.lockerdomecdn.com/embeds/sjs.js
Requested by: Host: cdn1.lockerdomecdn.com
URL: https://cdn1.lockerdomecdn.com/embeds/thetruedefender_thetruedefender_sticky.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2400:b:6268:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e2ff4dda6510591e0123ec9153d0dd7f35a566566df7095694625e6c654e527

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: .wYtctBP_XBnIa5iny.dScquLAjeZQyF
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
last-modified: Mon, 24 May 2021 16:45:53 GMT
server: AmazonS3
age: 72532
etag: "4b1238444af4e820876b6750a0d87dbf"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 02 Nov 2021 02:05:21 GMT
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 17533
x-amz-cf-id: 9aOxD-xo_vWfyDjDR523ZM7YQSMWJ2zWLXv8i8MKnUP2kKh_pBClsw==

GET
H2 200 css
fonts.googleapis.com/ Frame 0D6B 4 KB
1 KB 63ms
24ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 02 Nov 2021 20:31:42 GMT
server: ESF
date: Tue, 02 Nov 2021 21:52:20 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Tue, 02 Nov 2021 21:52:20 GMT

GET
H/1.1 200
OK widget-frame.css
tlgr.org/css/ Frame 0D6B 67 KB
15 KB 313ms
194ms Stylesheet
text/css 95.216.186.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tlgr.org/css/widget-frame.css?47

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.40.186.216.95.clients.your-server.de

Software

nginx /

Resource Hash

23695860a414cbbe4eb223a9ef31f944a10eb43953b59b5eca3e069ebf3db31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 21:52:20 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type: text/css
Cache-Control: max-age=345600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 06 Nov 2021 21:52:20 GMT

GET
H/1.1 200
OK telegram-web.css
tlgr.org/css/ Frame 0D6B 21 KB
5 KB 266ms
148ms Stylesheet
text/css 95.216.186.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tlgr.org/css/telegram-web.css?19

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.40.186.216.95.clients.your-server.de

Software

nginx /

Resource Hash

2892a779cee25c3a681f6c8d4c779f0e8632741aec6485a87da48000d84b96c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 21:52:20 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type: text/css
Cache-Control: max-age=345600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 06 Nov 2021 21:52:20 GMT

GET
H/1.1 200
OK k3N5UoakZgg-3AwvyGFEFb5NtFPK0LGF7n8k-0cfFExIAR1lCThoDCKfQlh727VkR-oA_ZpER2AQcUobMwd6rRMyzn1AY2qa-q8L_kxDLgN9vBj7b2iPeNLQjCgA7m53FuHZkR3NqLb7XxJXju6LUzHY5WJ96wNCCDZwx53VHX1g1uFZSt27QN85-7A2vOkNTdo0Q...
cdn4.telesco.pe/file/ Frame 0D6B 14 KB
15 KB 108ms
49ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/k3N5UoakZgg-3AwvyGFEFb5NtFPK0LGF7n8k-0cfFExIAR1lCThoDCKfQlh727VkR-oA_ZpER2AQcUobMwd6rRMyzn1AY2qa-q8L_kxDLgN9vBj7b2iPeNLQjCgA7m53FuHZkR3NqLb7XxJXju6LUzHY5WJ96wNCCDZwx53VHX1g1uFZSt27QN85-7A2vOkNTdo0QIUzoECjtCR7O2gfgKGRsXgI60RPEiS587lSdpwReaCHj1maQYAcW57VFhcOO06P9IBr7fb8D_QEN4mtIEmXObyUD8ptXMogYHokxuPuyq3S45Q_xFyzzQMR8a2YK8CwYO9z3aWo5zn6qXXrVQ.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

d712796d188539ac294a0dd7a2d0b2770cbaca32d836863fd2565e6b39ae5f52

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 14470
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 02 Nov 2021 21:52:20 GMT
Server: nginx/1.18.0
Date: Tue, 02 Nov 2021 21:52:20 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-14470, bytes
Expires: Thu, 02 Dec 2021 21:52:20 GMT

GET
H/1.1 200
OK jquery.min.js Show response
tlgr.org/js/ Frame 0D6B 94 KB
34 KB 202ms
202ms Script
application/javascript 95.216.186.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tlgr.org/js/jquery.min.js

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.40.186.216.95.clients.your-server.de

Software

nginx /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 21:52:20 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=345600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 06 Nov 2021 21:52:20 GMT

GET
H/1.1 200
OK jquery-ui.min.js Show response
tlgr.org/js/ Frame 0D6B 96 KB
28 KB 176ms
175ms Script
application/javascript 95.216.186.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tlgr.org/js/jquery-ui.min.js

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.40.186.216.95.clients.your-server.de

Software

nginx /

Resource Hash

eb46d82ef6f86859f18e379660e0f45b85c6f69fa97111905f0c125a08506376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 21:52:20 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=345600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 06 Nov 2021 21:52:20 GMT

GET
H/1.1 200
OK tgsticker.js Show response
tlgr.org/js/ Frame 0D6B 14 KB
4 KB 163ms
109ms Script
application/javascript 95.216.186.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tlgr.org/js/tgsticker.js?24

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.40.186.216.95.clients.your-server.de

Software

nginx /

Resource Hash

7af53d7077c16f6ad9efd63a975749c4835ce6e495c337fa4176f15ed385f80b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 21:52:20 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=345600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 06 Nov 2021 21:52:20 GMT

GET
H/1.1 200
OK widget-frame.js Show response
tlgr.org/js/ Frame 0D6B 82 KB
20 KB 304ms
249ms Script
application/javascript 95.216.186.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tlgr.org/js/widget-frame.js?51

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.40.186.216.95.clients.your-server.de

Software

nginx /

Resource Hash

09255fc220032ea7ecb474d0b0b6daffccade6134caae15332892691465788f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 21:52:20 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=345600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 06 Nov 2021 21:52:20 GMT

GET
H/1.1 200
OK telegram-web.js Show response
tlgr.org/js/ Frame 0D6B 11 KB
3 KB 164ms
110ms Script
application/javascript 95.216.186.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tlgr.org/js/telegram-web.js?10

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.40.186.216.95.clients.your-server.de

Software

nginx /

Resource Hash

0f661b180cb5ec06a2458d8be5c013a37abe06a0d446945709010132ca813d15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 21:52:20 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=345600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 06 Nov 2021 21:52:20 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ 71 KB
22 KB 73ms
33ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 071ae33974e54b0b7586b5ecc94a40ab118f7df9a387f351231095b51aafe93e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1345523
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: txc3a8552075a2425d94848-00616d2a21
x-amz-id-2: txc3a8552075a2425d94848-00616d2a21
last-modified: Mon, 18 Oct 2021 08:01:50 GMT
server: cloudflare
etag: W/"cae476c264f28e37aca638d685ba55b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wbb5UrEtxC7jmawBS2O0j2gXsLr%2B8HedtOW1Rm4L7bR%2Fb9cHjT0jF06Y%2FEk5GW%2FA2N66A2ZngZ50UutY8Spu5ul3PI46%2BSHkiK%2FdLPqN1fUPeuY9iQX8rM5u1T3NXYy%2BzX3gpjeoNE1stucr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1634544110326910
cf-ray: 6a8096de2a183760-MXP
access-control-allow-headers: Authorization

GET
H/1.1 200
OK 14447308783736934 Show response
lockerdome.com/lad/ Frame 0122 1 KB
2 KB 327ms
116ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/14447308783736934?pubid=ld-14447308783736934&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=1560
Requested by: Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash: ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Tue, 02 Nov 2021 21:52:20 GMT

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame 156F 9 KB
5 KB 112ms
112ms Document
text/html 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34670%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34670&t_u=https%3A%2F%2Fthetruedefender.com%2Fthousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots%2F&t_e=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&t_d=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&t_t=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&s_o=default

Requested by

Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

ddfd24c995c2e6a2f5820919d0bc7b0b33d221203f10c9bec4d6199a7efdab40

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

Connection: keep-alive
Content-Length: 3729
Server: nginx
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Type: text/html; charset=utf-8
Last-Modified: Tue, 02 Nov 2021 19:23:57 GMT
ETag: W/"lounge:view:8858752931.53d6b0cdb7c623a25e856cb4383e8a98.2"
Referrer-Policy: no-referrer-when-downgrade
Content-Encoding: gzip
Date: Tue, 02 Nov 2021 21:52:20 GMT
Age: 0
Vary: Accept-Encoding
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H2 200 lounge.load.b8cc22d9c3be6916b2ef7fe9e57839bc.js Show response
c.disquscdn.com/next/embed/ Frame 156F 958 B
1 KB 25ms
8ms Script
application/javascript 2600:9000:2057:ee00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.b8cc22d9c3be6916b2ef7fe9e57839bc.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34670%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34670&t_u=https%3A%2F%2Fthetruedefender.com%2Fthousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots%2F&t_e=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&t_d=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&t_t=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:ee00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f8374fd41dba00c2db7d80888b361ff3cb0291093144ba8387e9ebaf38e7cefd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34670%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34670&t_u=https%3A%2F%2Fthetruedefender.com%2Fthousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots%2F&t_e=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&t_d=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&t_t=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&s_o=default
Origin: https://disqus.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 19:05:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10033
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 496
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 02 Nov 2021 18:16:01 GMT
server: nginx
etag: "61818061-1f0"
content-type: application/javascript; charset=utf-8
via: 1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
expires: Wed, 02 Nov 2022 19:05:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: PbQOAVKw4-GpQFH9ats9ecD0xoWgUxY0WzASTiTrQ1yiqdfcbmHMUQ==
x-cache-hits: 0

GET
H2 200 common.bundle.2f2f40d40785c9541a90e9086c8770a3.js Show response
c.disquscdn.com/next/embed/ Frame 156F 282 KB
93 KB 10ms
10ms Script
application/javascript 2600:9000:2057:ee00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.b8cc22d9c3be6916b2ef7fe9e57839bc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:ee00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4d958aa0fe56b2c9ef407522721c72a3f0ac4f0ae063a2e2d05c134b7a79fa85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34670%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34670&t_u=https%3A%2F%2Fthetruedefender.com%2Fthousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots%2F&t_e=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&t_d=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&t_t=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 14:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 716810
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94779
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Fri, 22 Oct 2021 00:26:02 GMT
server: nginx
etag: "6172051a-1723b"
content-type: application/javascript; charset=utf-8
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
expires: Tue, 25 Oct 2022 14:45:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: 6_EGZ7EB7--n76BhMWXifASeJ-pakspldvQj6ctrjY1cxam3_P1i7Q==
x-cache-hits: 0

GET
H2 200 lounge.45ce3ab7627dd20241bfd7e5b01d3737.css
c.disquscdn.com/next/embed/styles/ Frame 156F 165 KB
26 KB 8ms
8ms Stylesheet
text/css 2600:9000:2057:ee00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.45ce3ab7627dd20241bfd7e5b01d3737.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:ee00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

60c6565dc4af986490c60907f5c62642b3435afee9b6ee2af562becfe62f32aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34670%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34670&t_u=https%3A%2F%2Fthetruedefender.com%2Fthousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots%2F&t_e=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&t_d=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&t_t=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 19:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10032
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 26057
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 02 Nov 2021 18:16:01 GMT
server: nginx
etag: "61818061-65c9"
content-type: text/css; charset=utf-8
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
expires: Wed, 02 Nov 2022 19:05:08 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: bCR9ZDXFevClfMMIHDEW2V_OgBSthq44bwrfDJJevg2TerIok4NGFw==
x-cache-hits: 0

GET
H2 200 lounge.bundle.ace98c1ec418cae085455f6914352928.js Show response
c.disquscdn.com/next/embed/ Frame 156F 469 KB
119 KB 8ms
8ms Script
application/javascript 2600:9000:2057:ee00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.ace98c1ec418cae085455f6914352928.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:ee00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ba3e3f22592ee6f8bb60554a0ab8f93d5295790ed1bdb457ccd280aeea784c19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34670%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34670&t_u=https%3A%2F%2Fthetruedefender.com%2Fthousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots%2F&t_e=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&t_d=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&t_t=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 19:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10032
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 120848
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 02 Nov 2021 18:16:01 GMT
server: nginx
etag: "61818061-1d810"
content-type: application/javascript; charset=utf-8
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
expires: Wed, 02 Nov 2022 19:05:08 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: TVAvRHXpGgnt2rNY7IaUZViysF77zjXdt_URMTXPJANd3mn843vUrw==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 156F 13 KB
14 KB 16ms
16ms Script
application/javascript 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

bf7cf40cac4303c84fe1f2023fd8905b9b6e91fc6d37d1b50d12acd3e418ad5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34670%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34670&t_u=https%3A%2F%2Fthetruedefender.com%2Fthousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots%2F&t_e=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&t_d=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&t_t=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 21:52:20 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 13
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 13582
X-XSS-Protection: 1; mode=block

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ Frame 15F2 45 KB
17 KB 67ms
21ms Script
text/javascript 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: lockerdome.com
URL: https://lockerdome.com/lad/13997836195017830?pubid=ld-5318-880&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lockerdome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 459
date: Tue, 02 Nov 2021 21:44:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Tue, 02 Nov 2021 23:44:41 GMT

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ Frame 8277 45 KB
17 KB 81ms
36ms Script
text/javascript 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: lockerdome.com
URL: https://lockerdome.com/lad/14009642120598886?pubid=ld-7836-312&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lockerdome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 459
date: Tue, 02 Nov 2021 21:44:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Tue, 02 Nov 2021 23:44:41 GMT

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 156F 3 KB
4 KB 17ms
16ms XHR
application/json 151.101.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=thetruedefender-com&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

94b0dd7a061f80bc838b0095bff0280e06b1eef839dc2d5fcd1b0b91c20d5386

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34670%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34670&t_u=https%3A%2F%2Fthetruedefender.com%2Fthousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots%2F&t_e=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&t_d=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&t_t=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&s_o=default
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 21:52:20 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 73
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3392
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK event.js Show response
referrer.disqus.com/juggler/ Frame 156F 40 B
278 B 121ms
101ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://referrer.disqus.com/juggler/event.js?experiment=default&variant=control&page_referrer=https%3A%2F%2Fthetruedefender.com%2F&product=embed&thread=8858752931&thread_id=8858752931&forum=thetruedefender-com&forum_id=7253923&zone=thread&verb=load&object_type=section&object_id=email_subscriptions&section=email_subscriptions&extra_data=%7B%22user_verified%22%3Afalse%2C%22email_subscription_prompt%22%3A%7B%22title%22%3A%22Like+this+article%3F%22%2C%22description_copy%22%3A%22Subscribe+to+thetruedefender.com+to+receive+daily+updates+of+the+latest+articles+delivered+straight+to+your+inbox.%22%2C%22confirmation_copy%22%3A%22Thanks+for+subscribing+to+email+updates+from+thetruedefender.com!+If+you%27d+like+to+unsubscribe%2C+there+will+be+a+link+in+emails+you+receive+from+thetruedefender.com.%22%7D%7D&event=activity&imp=5e39t7esa5rng&area=n%2Fa

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

f5627ea74eac809576ae16667ed7522b8dff46df48c38d9452dbe2eb208d2eef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34670%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34670&t_u=https%3A%2F%2Fthetruedefender.com%2Fthousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots%2F&t_e=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&t_d=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&t_t=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 21:52:20 GMT
X-Content-Type-Options: nosniff
Server: nginx
Connection: keep-alive
X-XSS-Protection: 1; mode=block
transfer-encoding: chunked
Content-Type: application/javascript

GET
H2 200 noavatar92.png
a.disquscdn.com/1635434082/images/ Frame 156F 2 KB
2 KB 42ms
9ms Image
image/png 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1635434082/images/noavatar92.png

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34670%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34670&t_u=https%3A%2F%2Fthetruedefender.com%2Fthousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots%2F&t_e=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&t_d=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&t_t=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:20 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 439331
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P4
content-length: 1644
x-amz-cf-id: JAimdhUnYjnVVcT6V9h727eM_4Yy66fsDFaFXAg7oGjBck5C68qElg==
expires: Sat, 27 Nov 2021 19:50:10 GMT

GET
DATA 200
OK truncated
/ Frame 156F 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 156F 13 KB
13 KB 8ms
8ms Image
image/svg+xml 2600:9000:2057:ee00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.45ce3ab7627dd20241bfd7e5b01d3737.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:ee00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.45ce3ab7627dd20241bfd7e5b01d3737.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 16269279
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: l7cu6x2B5gcgMAbVhc94myjHVMBpqGD1E7lH5QwQLLAemUwIoYJnSQ==
x-cache-hits: 0

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame 156F 3 KB
3 KB 7ms
7ms Image
image/gif 2600:9000:2057:ee00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.45ce3ab7627dd20241bfd7e5b01d3737.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:ee00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.45ce3ab7627dd20241bfd7e5b01d3737.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 04:58:07 GMT
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 23561653
x-cache: Hit from cloudfront
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 27 Jan 2021 17:23:07 GMT
server: nginx
etag: "6011a17b-b9b"
content-type: image/gif
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 04:58:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 41dOQSOW07aLo649MDdTRrkR5NBDrInrpPgoQhz3LD9_VwulC4h4Ag==
x-cache-hits: 0

GET
H2 200 sprite.ad630a07080a45451f139a7487853ff8.png
c.disquscdn.com/next/embed/assets/img/ Frame 156F 2 KB
2 KB 7ms
7ms Image
image/png 2600:9000:2057:ee00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.45ce3ab7627dd20241bfd7e5b01d3737.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:ee00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.45ce3ab7627dd20241bfd7e5b01d3737.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 19:47:48 GMT
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 3549872
x-cache: Hit from cloudfront
content-length: 1763
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 22 Sep 2021 19:30:27 GMT
server: nginx
etag: "614b8453-6e3"
content-type: image/png
access-control-allow-origin: *
expires: Thu, 22 Sep 2022 19:47:48 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: JbUMr0Nfj25Z3DXuJxp-cWSpdHKiVfeUKZNXCkCe9c0RWsCwBTiVzw==
x-cache-hits: 0

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame 156F 8 KB
8 KB 8ms
8ms Font
application/octet-stream 2600:9000:2057:ee00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.45ce3ab7627dd20241bfd7e5b01d3737.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:ee00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.45ce3ab7627dd20241bfd7e5b01d3737.css
Origin: https://disqus.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 09:58:18 GMT
via: 1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 5399642
x-cache: Hit from cloudfront
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Tue, 24 Aug 2021 21:06:44 GMT
server: nginx
etag: "61255f64-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
expires: Thu, 01 Sep 2022 09:58:18 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 9O0gwjF9YHBO2hgOup472eIdxVSqubRLFZAVKHstV39Qq5mVJWNGow==
x-cache-hits: 0

GET
DATA 200
OK truncated
/ Frame 0D6B 683 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5c639313a20041c6986df07dae08542d6e26be05464cadce13a51141b8a8886

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK gRYBcBy-iX11EftaM7Dj_cm9GkbH2np2gbebt_oqtYrgYMx5I9JiMPvgzaL4cSX2t6aud9woypcluuLk83odXUN9xFtA7uqlDESTiBmjRqT0JsKNOhWXEP1Xsi3BUS35HNlCvx9YnqGK4hE-1xX1Yllm82-ZId1aE9Jenhl8jb_9gbgkgt7WPSSYtn6AjCfs6fT7r...
cdn4.telesco.pe/file/ Frame 0D6B 20 KB
20 KB 59ms
30ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/gRYBcBy-iX11EftaM7Dj_cm9GkbH2np2gbebt_oqtYrgYMx5I9JiMPvgzaL4cSX2t6aud9woypcluuLk83odXUN9xFtA7uqlDESTiBmjRqT0JsKNOhWXEP1Xsi3BUS35HNlCvx9YnqGK4hE-1xX1Yllm82-ZId1aE9Jenhl8jb_9gbgkgt7WPSSYtn6AjCfs6fT7r1T0_r-YLFoXesjh2bvo-YEfFW1JWe9FxTVQXaXs8eT5OY6GgJQM036lvPPZB7ygk_NRJeEcECXX7HsPcVgXyMXy8Dosv2RbKyHM2Z_fXKZzzXpm9RcQ-7fAVu9ZCFJTk4VsHZCGnD4Yy5BzIA

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

ba6b37372f51bb80758ae18bb5477d2971f6acbd6c58ae91b1ce958a2efb49d3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 20202
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 02 Nov 2021 21:52:20 GMT
Server: nginx/1.18.0
Date: Tue, 02 Nov 2021 21:52:20 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-20202, bytes
Expires: Thu, 02 Dec 2021 21:52:20 GMT

GET
DATA 200
OK truncated
/ Frame 0D6B 496 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f48401d810df54d8c06bd7a85a69b65e5403bab8dcb8d7e919f3d31247e5460

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK K4KkkH_j6z6ItS7nuhVZkL-IKU-HQ5uWMmYa8_e-BDKQc2IGATIKNYgZ_VuSOZaG01kaEGEmUy56iowT0sZ8LtYZa9K6-xgM_-SNAP1hIxDcjkygmlDc0xkJ-0Yys3SqkSucPhnWzOZ02DkBG9SysgjvubGcExeZcI7cSjUq0-soq5x9cKa1WsB6ZmURti57r_40-...
cdn4.telesco.pe/file/ Frame 0D6B 9 KB
10 KB 82ms
30ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/K4KkkH_j6z6ItS7nuhVZkL-IKU-HQ5uWMmYa8_e-BDKQc2IGATIKNYgZ_VuSOZaG01kaEGEmUy56iowT0sZ8LtYZa9K6-xgM_-SNAP1hIxDcjkygmlDc0xkJ-0Yys3SqkSucPhnWzOZ02DkBG9SysgjvubGcExeZcI7cSjUq0-soq5x9cKa1WsB6ZmURti57r_40-A3Vsg10nKacfX3BfGN7GcqatlnaTOFy7yXy_ICOaAquYoQqmBYPKV8IPQTzWMEDPrRyNz7Ch6WFXu0vDoLvmtGfC3UJg6vG5_-Ec8hKyZ03htDUiRvH6DFyuwi6Ow63j_T2vEvkQWTiJCNmCA

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

5332ecf2132e7019c78a8149053b05458f0869c73ae8a3e2f18dd1121d0b386a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 9374
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 02 Nov 2021 21:52:20 GMT
Server: nginx/1.20.1
Date: Tue, 02 Nov 2021 21:52:20 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
Expires: Thu, 02 Dec 2021 21:52:20 GMT

GET
H/1.1 200
OK E5I6jneWk1qL1NITzMefjZkjIJD6R9Fs0ax6IXWyw_8yKLWFMfQO4tasEHtqj59WEeCLCmRFskaiS8A1m6oOQ5wEIOKf4Wm0A6Oe7RWT6kk5ZSY4ha67A7S292vb0zebYShZkkts_LOJJhAwHvX63isPnWx6FW2Oc6y4SiC2_JU2d93-ptJyoJYt5rtTkv8xE_HJm...
cdn4.telesco.pe/file/ Frame 0D6B 13 KB
14 KB 90ms
30ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/E5I6jneWk1qL1NITzMefjZkjIJD6R9Fs0ax6IXWyw_8yKLWFMfQO4tasEHtqj59WEeCLCmRFskaiS8A1m6oOQ5wEIOKf4Wm0A6Oe7RWT6kk5ZSY4ha67A7S292vb0zebYShZkkts_LOJJhAwHvX63isPnWx6FW2Oc6y4SiC2_JU2d93-ptJyoJYt5rtTkv8xE_HJmzYKni4HKu67sNJk30FW_gpx_eaCnw0yOKT-05Rzd1VP2zRI3lGu-NMQL_80i6WvWD8aK2zG2DLB2sTz-gjSnMZL5OxAUWdXnjUra5WIXR01R9miC49LPywsKG8PNOp2bpfSm3TY5rOgbY68pg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

668dee0c0f533e0709f09953340469952e5368b86628622f6b19f7f6bf03bda3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 13416
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 02 Nov 2021 21:52:20 GMT
Server: nginx/1.18.0
Date: Tue, 02 Nov 2021 21:52:20 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-13416, bytes
Expires: Thu, 02 Dec 2021 21:52:20 GMT

GET
H/1.1 200
OK Wr8dn4w4Qi56lYaSXHSPjE50pjnWNYa4U_7kg13uvpI8dxeTNxQzPwPS7xJlU4-VOPS87To_bnsEHkMJ2HyXpzziKZLz_OhuFs71g4Y2za3PqbB_KOrpGPvyLZl8ApvGpZPk2qq3KagGA3CmyXPpV7zrXfWa5mViGPIkqoOlBYreDjNrJJB-i_FHHvCz5xStge1aq...
cdn4.telesco.pe/file/ Frame 0D6B 56 KB
57 KB 105ms
46ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/Wr8dn4w4Qi56lYaSXHSPjE50pjnWNYa4U_7kg13uvpI8dxeTNxQzPwPS7xJlU4-VOPS87To_bnsEHkMJ2HyXpzziKZLz_OhuFs71g4Y2za3PqbB_KOrpGPvyLZl8ApvGpZPk2qq3KagGA3CmyXPpV7zrXfWa5mViGPIkqoOlBYreDjNrJJB-i_FHHvCz5xStge1aqPPZ9kokTSA3b_LHpVPGMdj6GJZ7jm9XhUxAe0ID4lTBg7URO_tt9DgjJpFJ0pnQ2KIlMzAmgqZUiq1dDSxQM780vpuXuYZFYOA_H6Vk0p1HI5U1vmfwO42_hQHFcUYIwrJ1-VhlFn4B6_0aXw.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

93d20b25f386b7f7bc5fd17cb10ee67dcc084284d4a845ee3131356503490388

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 57588
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 02 Nov 2021 21:52:20 GMT
Server: nginx/1.18.0
Date: Tue, 02 Nov 2021 21:52:20 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-57588, bytes
Expires: Thu, 02 Dec 2021 21:52:20 GMT

GET
H/1.1 200
OK hP_CE9sTSm8C3qn38dQaJ_l8YdpNCCYdnlG7GTBWLo2dDXEYsXGzkaRnh9JyFGn4G6g53uOIfTcMZ8nlZApDT3ZUfoLV9J2K8ZSf_q-1Ro4aAGo5M_timEjDVl6QHE7t6FXMaW6awyx4uNc4ik0kqyKl5HWWt_ElCJsZfZc-bg96QlOgqbjYmZfG3pHdvfpryZvtO...
cdn4.telesco.pe/file/ Frame 0D6B 56 KB
56 KB 84ms
46ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/hP_CE9sTSm8C3qn38dQaJ_l8YdpNCCYdnlG7GTBWLo2dDXEYsXGzkaRnh9JyFGn4G6g53uOIfTcMZ8nlZApDT3ZUfoLV9J2K8ZSf_q-1Ro4aAGo5M_timEjDVl6QHE7t6FXMaW6awyx4uNc4ik0kqyKl5HWWt_ElCJsZfZc-bg96QlOgqbjYmZfG3pHdvfpryZvtOoVMxUAqJHuWP2VjOmfOpc9v1D1rgR8cTgiMf4X72wCY39St_0pom3JVB7q4-XQjlm1wxNNP63t7koGb5gifJwYTNjkYucD7XpzEPlYLgSKdmTKo9Jg6On7RPfsiGWwnKT6ehbgf24-LAufBxA.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

3024802e662d69d407cfe352d09bc3ca34925d63f7b8eec4058cbcc392253328

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 56886
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 02 Nov 2021 21:52:20 GMT
Server: nginx/1.18.0
Date: Tue, 02 Nov 2021 21:52:20 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-56886, bytes
Expires: Thu, 02 Dec 2021 21:52:20 GMT

GET
H/1.1 200
OK XBHkYXiY4z6iHb5A1j9X1vlCLStvUj83XGp5J3dvYVr_04CHv2nfbtQFC-U72PkbC85uMEtcKYC9IM6dqpcOfUPlnUQcu2AzT0vWfRRBt_QPvWNilt8pd_pKcmPdwbA8bv80lFJyJvH0-X9sywJfQimjuz7vAMA_L6ddRXeNN8fKojfWaMZqmYkgLy2-vk07FqsKJ...
cdn4.telesco.pe/file/ Frame 0D6B 47 KB
48 KB 84ms
46ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/XBHkYXiY4z6iHb5A1j9X1vlCLStvUj83XGp5J3dvYVr_04CHv2nfbtQFC-U72PkbC85uMEtcKYC9IM6dqpcOfUPlnUQcu2AzT0vWfRRBt_QPvWNilt8pd_pKcmPdwbA8bv80lFJyJvH0-X9sywJfQimjuz7vAMA_L6ddRXeNN8fKojfWaMZqmYkgLy2-vk07FqsKJtZNko_4KR3tSSf_T2PlKnCTQdWo3fxBH795fApF2RDUBe0JOXv5XflfaTHVhDfKBmapEzDPQoj8buvC6x0qptrTi7wApTBaUdg7RjynYlfpvt7dotNDbNjqafPp3s8kR0w1J5qB48CiXsoTuw.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

b95a8992de21a2bcde6b7312e53c3c67774fa7bd087f22df319e7232a4c4dd97

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 48510
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 02 Nov 2021 21:52:20 GMT
Server: nginx/1.18.0
Date: Tue, 02 Nov 2021 21:52:20 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-48510, bytes
Expires: Thu, 02 Dec 2021 21:52:20 GMT

GET
H/1.1 200
OK RVzPcEWjOO8XQYsrNB-oOWE25mLH_YVtogilw2TAEPZVkl7Wjf6-yIIOADjlGB_PfQ1zap5NykLYiCk8-iNAeiFBQ9WKLSjU1D0cdwkDa0mG52RVsPzhJzieGK3iq48dYry2YyldfUxx5GY1QcEKMGhDGQ-tXKuo3Em29tYjEKYEuJyW7UqxJAgg6lgk2_ZFMAnYe...
cdn4.telesco.pe/file/ Frame 0D6B 54 KB
54 KB 65ms
49ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/RVzPcEWjOO8XQYsrNB-oOWE25mLH_YVtogilw2TAEPZVkl7Wjf6-yIIOADjlGB_PfQ1zap5NykLYiCk8-iNAeiFBQ9WKLSjU1D0cdwkDa0mG52RVsPzhJzieGK3iq48dYry2YyldfUxx5GY1QcEKMGhDGQ-tXKuo3Em29tYjEKYEuJyW7UqxJAgg6lgk2_ZFMAnYeEN03FcQvwfDXih3F_BUv2LqG-Qe61QOrFT-289n4Mau_jzJY-4G2TQk1uczm1ub-8j4UfSpfR7TIJ4mDHKD_P9jx3lEIgyteZvcdKXh0_OiqRgx54IxcqgqQRmh81zG9lUjc6nqDtB55RiUBg.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

bc799480da1c273f1b5aa31734cf43da465e5276d572fab15b653acc9d310f32

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 54839
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 02 Nov 2021 21:52:20 GMT
Server: nginx/1.18.0
Date: Tue, 02 Nov 2021 21:52:20 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-54839, bytes
Expires: Thu, 02 Dec 2021 21:52:20 GMT

GET
H/1.1 200
OK Q7QpJB36Pi4vRX8GJY9eTzB7tcOcnO_FzgJkG9GbR5OBQUjCYgzm-y_MkWXNeT3Ssd3Br78Il51E3cDhpjw9Vb5fTB-joD5e1rLt-CA90ZtAZxTmsObd1JIolhbzFeYOa0zikvOH0-C0-PQmwPeUGTxrMUWC8zyLXBlwmg-uoydIaP0i4c4uSHsdqgcQodAA5_ohn...
cdn4.telesco.pe/file/ Frame 0D6B 63 KB
64 KB 35ms
34ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/Q7QpJB36Pi4vRX8GJY9eTzB7tcOcnO_FzgJkG9GbR5OBQUjCYgzm-y_MkWXNeT3Ssd3Br78Il51E3cDhpjw9Vb5fTB-joD5e1rLt-CA90ZtAZxTmsObd1JIolhbzFeYOa0zikvOH0-C0-PQmwPeUGTxrMUWC8zyLXBlwmg-uoydIaP0i4c4uSHsdqgcQodAA5_ohn-_0vjtsQwWP9vs7qaW7Cq0KH2ZHbSCV1Lhzs7ilDo_YbeOJ0SKtbUVOqRN8reFX0lFLX4AXFuq0qoVxZyilalas7bziijrqO5GFY6nh6244v-y6BhMXS8ot9st3VAl7_ILGHWgMabJZtNlgZw.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

d0ec5d16c94170a36390acc16f5d01af93b195dcf7adea68d6456002d6618168

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 64944
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 02 Nov 2021 21:52:20 GMT
Server: nginx/1.20.1
Date: Tue, 02 Nov 2021 21:52:20 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
Expires: Thu, 02 Dec 2021 21:52:20 GMT

GET
H/1.1 200
OK BpXcwKsO39xZ2p_BJ60_5SHfuvdR5u-nD6B5qijuW9lpbgcg4odmic9BcseC05s2yPNl5zCn7hC3Cso1sIiH4IEn9QaY46GgDX2L4iP45zl1Qr3du5o3rm8fazyQ-eLinzAvZaUkwx7evT2E10hthyscrZ619b8RPnDPYmblUiaxNIjq4sF1j01H19YK10IpoU0sJ...
cdn4.telesco.pe/file/ Frame 0D6B 41 KB
41 KB 37ms
36ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/BpXcwKsO39xZ2p_BJ60_5SHfuvdR5u-nD6B5qijuW9lpbgcg4odmic9BcseC05s2yPNl5zCn7hC3Cso1sIiH4IEn9QaY46GgDX2L4iP45zl1Qr3du5o3rm8fazyQ-eLinzAvZaUkwx7evT2E10hthyscrZ619b8RPnDPYmblUiaxNIjq4sF1j01H19YK10IpoU0sJS9PRdd0F3ZaYytvuKFKOWo5m3cE90WRq-RjY-8Q2iW6hKjD18C2iCLG021pD-vNt4_rIsCLBinyRq7DVvMlNgHcj3cAPGOjVPyOWl4H5zF4ciG3EzH_Pc2p7EwKpNWgEiOu0LPs0rCfERQyJg.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

7465754e4a333d4ee5b0bd64ee1214d9629ea0fe3622c96b597ae017c9da2293

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 41610
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 02 Nov 2021 21:52:20 GMT
Server: nginx/1.18.0
Date: Tue, 02 Nov 2021 21:52:20 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-41610, bytes
Expires: Thu, 02 Dec 2021 21:52:20 GMT

GET
H/1.1 200
OK fka-Ixp6eNzfHzuxKifubcr0FNwUbEV7MLBaLLXsN8rkGQdAbWcQkoy0KENStauK-g8wJb9O1AO2Naw4RGQ6KVXCQ0QfPVH3SHyAzGLHxiijnFeOHujcu1Pd4WJi7XI8S0k-LkkRVicyRKLmGo6GexOiqVYZmkNnMAyU2zGLdOY2KJ_ysOybjaTFNoYtpBDU7Q_am...
cdn4.telesco.pe/file/ Frame 0D6B 70 KB
71 KB 30ms
30ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/fka-Ixp6eNzfHzuxKifubcr0FNwUbEV7MLBaLLXsN8rkGQdAbWcQkoy0KENStauK-g8wJb9O1AO2Naw4RGQ6KVXCQ0QfPVH3SHyAzGLHxiijnFeOHujcu1Pd4WJi7XI8S0k-LkkRVicyRKLmGo6GexOiqVYZmkNnMAyU2zGLdOY2KJ_ysOybjaTFNoYtpBDU7Q_amYZ28jRq-rckWicfHbZyVGws8l4WFRA68v4d3e4bHYLVJf_AWn6pqbEk9fFstqxjeRysnt0xoTSlC0g4dJiiCb5VSf7fBjepfcyDb068Iumcsw14W125Ud0F3sBigMI877myoY5RP_eNvnGi0g.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

3149deb1b9b8bae2a4c322f8342d3fcbfae583459d5554eec43ed1c06e010d11

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 71976
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 02 Nov 2021 21:52:20 GMT
Server: nginx/1.18.0
Date: Tue, 02 Nov 2021 21:52:20 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-71976, bytes
Expires: Thu, 02 Dec 2021 21:52:20 GMT

GET
H/1.1 200
OK Q98T2YBX2H988ykhTAD0TLzioKuAjkrj_PGLTDJ54hiIIofL662NYeMc0ASQ-ozkwRt2km-kZJSuoJdRyRaQbG_pIK4_c-d1rIPBcbLIgRL060Z9ZUfzNzBda1aTLq39YCnWBwjAY_YjTur9lhpGsiCsh5Vmam-l9dXvzU5MXt2Onu2t7snt75oSR6L7isX8KMQxE...
cdn4.telesco.pe/file/ Frame 0D6B 69 KB
70 KB 32ms
31ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/Q98T2YBX2H988ykhTAD0TLzioKuAjkrj_PGLTDJ54hiIIofL662NYeMc0ASQ-ozkwRt2km-kZJSuoJdRyRaQbG_pIK4_c-d1rIPBcbLIgRL060Z9ZUfzNzBda1aTLq39YCnWBwjAY_YjTur9lhpGsiCsh5Vmam-l9dXvzU5MXt2Onu2t7snt75oSR6L7isX8KMQxE5rK3ix0UAeG7GQdt1Qj6DWyzBBdAiJo7qaNCK6UWPvRcq2kLel0kyWNm9Lhp3LJ2wGp6MiPrUhI5mkSDJ2ShSLUH22zSCimzIFcqAcXwddU7i8Liudaa2dnDgyxRV94tVoibtx-fOHStI-V_Q.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

bfc0c68a68647a1fca6bca193f1ae4287ceb3839bd16538e6fde83bf50aff37d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 71023
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 02 Nov 2021 21:52:20 GMT
Server: nginx/1.18.0
Date: Tue, 02 Nov 2021 21:52:20 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-71023, bytes
Expires: Thu, 02 Dec 2021 21:52:20 GMT

GET
H/1.1 200
OK NqY7JGVKDbzMfaGSKAF9PP1GWmQ3KZDxifw3n1JfIeW6L91qfdiRiYsbAYec2ca9UIVNW_iWSU3JrRZORVb4f2fudE-CUvt44g4yMzovzgMydCLYiq0uXM89vub_IErE1zMjB68Q0GKvntB7c_sgU4DFuY1wSYUqsl3Lro8somI37bozerPEFvwMoBB_LLiEtdrCG...
cdn4.telesco.pe/file/ Frame 0D6B 98 KB
99 KB 33ms
33ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/NqY7JGVKDbzMfaGSKAF9PP1GWmQ3KZDxifw3n1JfIeW6L91qfdiRiYsbAYec2ca9UIVNW_iWSU3JrRZORVb4f2fudE-CUvt44g4yMzovzgMydCLYiq0uXM89vub_IErE1zMjB68Q0GKvntB7c_sgU4DFuY1wSYUqsl3Lro8somI37bozerPEFvwMoBB_LLiEtdrCGBq8pBimnC_ZrotY_3oCp0JHqtYchPJ1qbCxTWk72om_d3Sm9v62EXKQYJ4uo62DM0rJuE5TB9yJzkXojRZYwsFkH--SaQbLQe2zHY-o4AzaZT3pRyCIkDJgs8AcYRRM9WjSp6arRn5_-PdU2w.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

3e32dd5f51c877408019caff9857888020ce7779f99bda59d10d113f7604c0b4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 100841
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 02 Nov 2021 21:52:20 GMT
Server: nginx/1.18.0
Date: Tue, 02 Nov 2021 21:52:20 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-100841, bytes
Expires: Thu, 02 Dec 2021 21:52:20 GMT

GET
H/1.1 200
OK VUT23VqSmEUeEFc-4kW7LlIxo1gamX9HqaVpBwfiMpQVxq4FtjF1Me0fqu_sfMKj-zuMz0lYY3UUyPoyCsYFbzj2F_iCpEoObEkT_LH5hXv5bvHMKrnibAeXhKsGdhfASNpma-FKNH-xoK66MG-hNofrIaLNnfiy-nLaQL0OkA0fne8tpls1PxD1Ek9kBhZFuvU6K...
cdn4.telesco.pe/file/ Frame 0D6B 56 KB
57 KB 36ms
36ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/VUT23VqSmEUeEFc-4kW7LlIxo1gamX9HqaVpBwfiMpQVxq4FtjF1Me0fqu_sfMKj-zuMz0lYY3UUyPoyCsYFbzj2F_iCpEoObEkT_LH5hXv5bvHMKrnibAeXhKsGdhfASNpma-FKNH-xoK66MG-hNofrIaLNnfiy-nLaQL0OkA0fne8tpls1PxD1Ek9kBhZFuvU6KAvMrLvnjRMAaPStrbx9JejUyF_aPhKNUbeRHVlf6RR6A88AZHUK7RpY5fpOA7OggP14JEXhKhuCdExFVFLlDxHVTKredNyZMnrzNbTLddKCkfeCL-dtBiJFgV3Iw4Q3hetVfVIpZs_knzF_Lg.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

3ba2c590c10398cdd1488c24d30220c44e4faa04eeaa2d874a14da5d550b7b18

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 57801
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 02 Nov 2021 21:52:20 GMT
Server: nginx/1.18.0
Date: Tue, 02 Nov 2021 21:52:20 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-57801, bytes
Expires: Thu, 02 Dec 2021 21:52:20 GMT

GET
H/1.1 200
OK Z6mj_aHC1Gj0ezuSnOJPcp6Wn3kx__ZUFH8u760lM4Y0nBuKfiTa_JwHNM90nXcXTzxhjzAK-U1SSCtNHdr0RCINjT4STuDYgS5F72Y2cI4AoUcH6Ktwv-VP_nyZG_0PuO9u0uC1yu2nF7kz4Y5UC9-634B1zJ8EgrVFBgzqFVEKSgQtSdzj_UuIvDT-AZ_zfbxaO...
cdn4.telesco.pe/file/ Frame 0D6B 73 KB
74 KB 40ms
39ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/Z6mj_aHC1Gj0ezuSnOJPcp6Wn3kx__ZUFH8u760lM4Y0nBuKfiTa_JwHNM90nXcXTzxhjzAK-U1SSCtNHdr0RCINjT4STuDYgS5F72Y2cI4AoUcH6Ktwv-VP_nyZG_0PuO9u0uC1yu2nF7kz4Y5UC9-634B1zJ8EgrVFBgzqFVEKSgQtSdzj_UuIvDT-AZ_zfbxaOK_GQKbcUkD_P0mLoVBV14K7--SkxFwuNUDaqnQuCHbj9_-8ZfG0kUEcPd4mCLvsZX66eKTBC0x5zTMPJNx8i0umrHeyGwJjdlJwSNqYPMdda8lUuJkx4TFd3y3KZ86e5DpaC2xv004kY4opTg.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

5ba4f5a677d6ea902838fd0129ecf4bf43b6b9f81b266b250e932ae49f1d9564

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 74825
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 02 Nov 2021 21:52:20 GMT
Server: nginx/1.20.1
Date: Tue, 02 Nov 2021 21:52:20 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
Expires: Thu, 02 Dec 2021 21:52:20 GMT

GET
H/1.1 200
OK htjE0Gj3p2um8FdjZCh7OwQae3wf2IL0_X-qE2pP395QreozDqrZWsRj4GPVOjDD-5Dp1_9X0V4wjP8zvzjhvzFiFtwr_j1UtoeTeFMTQp6rh_3qvEPL9kOVGTysJQqp4gDSW-skV9I0TbBK8KHUuRI2Y7oW6uHb8dYSX24j1SCUh6J_TArPdj4c8X6nqu4df5jzq...
cdn4.telesco.pe/file/ Frame 0D6B 47 KB
48 KB 48ms
48ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/htjE0Gj3p2um8FdjZCh7OwQae3wf2IL0_X-qE2pP395QreozDqrZWsRj4GPVOjDD-5Dp1_9X0V4wjP8zvzjhvzFiFtwr_j1UtoeTeFMTQp6rh_3qvEPL9kOVGTysJQqp4gDSW-skV9I0TbBK8KHUuRI2Y7oW6uHb8dYSX24j1SCUh6J_TArPdj4c8X6nqu4df5jzqI_YrDZBs8O30AYc0xqled5yBjq3MaSsveIUW935rARFKGoFtuTijgph66Vt6Dv7mtDAnbrC4bku-wmHS-x2f-IzfzpmnuOS3V0GkhPlwYhcNUNMFrkju_bkYFCbvNinA3RdY6fw5Dywb0ABow.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

5269b569fa0528a8a3b2ab46ab09447408391e7287f03c6a8523fcbf7239f3b8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 48634
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 02 Nov 2021 21:52:20 GMT
Server: nginx/1.18.0
Date: Tue, 02 Nov 2021 21:52:20 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-48634, bytes
Expires: Thu, 02 Dec 2021 21:52:20 GMT

GET
H/1.1 200
OK qSrQVDBBm0A9CL_9FLCXmO7X90VV7QW9xEAdIx25nUzDLWLxAweLZuXX-PzVwwob_lbshWzBl-elxQcl68P8C1fRdypMpn3vthx6GZMfx_5RvpyWMSCkNCXels4ZZBbHHt-bzuD0r0T7JK77yU4T51kWrgI8gigodyBykJQZ6FJo3kiMMQztmKVDOidIq1QK2sIJw...
cdn4.telesco.pe/file/ Frame 0D6B 81 KB
82 KB 32ms
31ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/qSrQVDBBm0A9CL_9FLCXmO7X90VV7QW9xEAdIx25nUzDLWLxAweLZuXX-PzVwwob_lbshWzBl-elxQcl68P8C1fRdypMpn3vthx6GZMfx_5RvpyWMSCkNCXels4ZZBbHHt-bzuD0r0T7JK77yU4T51kWrgI8gigodyBykJQZ6FJo3kiMMQztmKVDOidIq1QK2sIJwQZrrzmoEu8k7wYYlPwtrrT31OiM7A2HChmo9bUqGGeqDFdxtDG7TdhTf_XXI52n0WFV7SmfH4F1WF_ezWd3e-ZrKvxgyV3yj3J2iM3X_Lg1OTYYU0EheTsa9tRwDQUkZW76HO_AG7we-D9mnA.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

d859402073416136cd706c883ae28bb041a61c6f6ff181e0ae9c06ed9631d82e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 83343
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 02 Nov 2021 21:52:20 GMT
Server: nginx/1.18.0
Date: Tue, 02 Nov 2021 21:52:20 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-83343, bytes
Expires: Thu, 02 Dec 2021 21:52:20 GMT

GET
H/1.1 200
OK ZBLloER_lXiJ0GA-KxGg6CD8YTByb2L_4i7N7rQvRtK9B6OwzoFtdU373eY4kSpIIFwYZHuZKHHJY4w10Q3axvZX3btzVMIZcXPUjOQFBHxxmFQ-3TfeBoCj-Fd2bIz425rjDnJvNMt_8l_EFw3Abo3j_ULaPbapuD2veQjkLkpTtGbj_8GLjsLNtdCgv1byQVxW2...
cdn4.telesco.pe/file/ Frame 0D6B 26 KB
26 KB 49ms
48ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/ZBLloER_lXiJ0GA-KxGg6CD8YTByb2L_4i7N7rQvRtK9B6OwzoFtdU373eY4kSpIIFwYZHuZKHHJY4w10Q3axvZX3btzVMIZcXPUjOQFBHxxmFQ-3TfeBoCj-Fd2bIz425rjDnJvNMt_8l_EFw3Abo3j_ULaPbapuD2veQjkLkpTtGbj_8GLjsLNtdCgv1byQVxW25TSXS3xMV_sm1ffQOgmoKXym3XhRdC0idGzHbuFWoKKrcNO8DkkvzqoKPHlOj8rjlRZYYawoFmWjKcpX3xtCV8kdU1JvYjL-Cu7hiWlkkVNKRErCC3d3DjCZ-KnKD7ykJz4Q6mCd1E2Cuu9Xg.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

c74e03c5f06c7a777111870687ac13741bbe623067bec980374ba3d668904311

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 26255
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 02 Nov 2021 21:52:20 GMT
Server: nginx/1.18.0
Date: Tue, 02 Nov 2021 21:52:20 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-26255, bytes
Expires: Thu, 02 Dec 2021 21:52:20 GMT

GET
H/1.1 200
OK jf0jOlTlBbJyDu61OrEpWEm8bF3aYFFUPytChfJsiJxCpa9N0dkeSAQimu-9yr5Wj0usFik8mcESNnt51lBv5mYc9axrhzKbD28mk9eabCSIWu7-INDsogH86zCf--NrW_-JbzGoqupCx905wsqUROs4TaUOxYlkp7n9VkMV1A4PRd9CFEqcm3Z_HPt72_NasEnYa...
cdn4.telesco.pe/file/ Frame 0D6B 36 KB
36 KB 48ms
47ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/jf0jOlTlBbJyDu61OrEpWEm8bF3aYFFUPytChfJsiJxCpa9N0dkeSAQimu-9yr5Wj0usFik8mcESNnt51lBv5mYc9axrhzKbD28mk9eabCSIWu7-INDsogH86zCf--NrW_-JbzGoqupCx905wsqUROs4TaUOxYlkp7n9VkMV1A4PRd9CFEqcm3Z_HPt72_NasEnYaD-E8M74J3lRNeKEMertdinamm5XhuEJ16W6VLuiqx8qLgWJWkPGtZlKJBruHFT-ou_JB1mcGG1CHPbrzzgeheafDtUYeTJDik-PjjX-0q7DnQ2GTdWGYnQgFsZE_v120GJJYLs5EQSfVl_ftA.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

7ed7991567af566628cbb8a721f6a4eac1d43220eba83867a6b4360b0cb490f1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 36598
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 02 Nov 2021 21:52:20 GMT
Server: nginx/1.18.0
Date: Tue, 02 Nov 2021 21:52:20 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-36598, bytes
Expires: Thu, 02 Dec 2021 21:52:20 GMT

GET
H/1.1 200
OK s0NjyLBQjUC3CzLxVFkVeA0ocvWMxCnBclyWrHr4q1p2b3xj3glfaxVi0NpsrKy_0arC2Sm2NQ5bOI6cDOa8orIFhk9AKMXmdgscLwNdmws772p4sdfaezBQsBKanp_URgFZonCt7iVJFNo-aPtrIcqZ80PBl_VP1weoLrAW-oLEOeBfVCOkETYKXFmNieABoCmG4...
cdn4.telesco.pe/file/ Frame 0D6B 48 KB
49 KB 44ms
43ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/s0NjyLBQjUC3CzLxVFkVeA0ocvWMxCnBclyWrHr4q1p2b3xj3glfaxVi0NpsrKy_0arC2Sm2NQ5bOI6cDOa8orIFhk9AKMXmdgscLwNdmws772p4sdfaezBQsBKanp_URgFZonCt7iVJFNo-aPtrIcqZ80PBl_VP1weoLrAW-oLEOeBfVCOkETYKXFmNieABoCmG4gYF-c3JEQWRfin54M-TV6IUzVqGsQ26gRnJRaPI7sv741ILkqoC9_uW-wwWHIM57Ltr9VAGxmM6cTcvcvYy0P_Pzgb4s2DgoNeD8xA3B1WPEQQrPjgArMEJBv67mNmMEjfNFpeiAlx9eIaUTg.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

50b8c8186c42f2c359478833bd354794e1025cfe16665c6348d7a9256b5280c2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 49582
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 02 Nov 2021 21:52:20 GMT
Server: nginx/1.20.1
Date: Tue, 02 Nov 2021 21:52:20 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
Expires: Thu, 02 Dec 2021 21:52:20 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 0D6B 15 KB
16 KB 61ms
18ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xn--r1a.website
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 21:11:56 GMT
x-content-type-options: nosniff
age: 88824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 01 Nov 2022 21:11:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 0D6B 16 KB
16 KB 67ms
24ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xn--r1a.website
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 02:46:35 GMT
x-content-type-options: nosniff
age: 414345
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 29 Oct 2022 02:46:35 GMT

GET
H/1.1 206
Partial Content 7dd0175d4a.mp4
cdn4.telesco.pe/file/ Frame 0D6B 47 KB
0 57ms
57ms Media
video/mp4 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn4.telesco.pe/file/7dd0175d4a.mp4?token=p07cHwDqwH0upUqpfzfEeSMtnu0LqwxWFIdaH_vULZ9mds42bpSdiR3cdX7Q1ZqpOGacmWJK032b2A03Vg5noBrGPY4K329A_M6JyY4L65nbv8wmxl137p8Hh5n6pWC0nfklPuO6lEoyTsLuhQwaDT-yQjGerGnWwmkfrmDEAy4BCX2WdXbPOoW76_3G-6Ee3lLHjYqnX3MUNZordqHK0Wsj_6h2BMsf4Ph5TUf9GviBGRmZozqxFJmbIXlL-R8SeOef7CHT_k8PfENk6RP3s1Ubez8eCIYwWWkWKW0RxaR39LLWXOTjakmZP8rIq94-bCFm7gwqw_JL1JFhufGEBw

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xn--r1a.website/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 02 Nov 2021 21:52:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Range: bytes 0-9675013/9675014
Connection: keep-alive
Content-Length: 9675014
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 02 Nov 2021 21:52:20 GMT
Server: nginx/1.18.0
X-Frame-Options: DENY
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Content-Security-Policy: default-src 'none'; sandbox
Accept-Ranges: 0-9675014
Expires: Thu, 02 Dec 2021 21:52:20 GMT

GET
H/1.1 206
Partial Content e147b27a2d.mp4
cdn4.telesco.pe/file/ Frame 0D6B 47 KB
0 43ms
43ms Media
video/mp4 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn4.telesco.pe/file/e147b27a2d.mp4?token=J5djHX0VAxEZcL8wjTBkkF7c3z2G0fl19C5-ueo4j5LoQJK2ml4cFnoGud5gKSbtnMcJhD2kzHHdff9GUpHYxNEgLbyJaFa9pLAxuQlmNtE88tQaSzFsOauNoiacG5UIkUwCzcO4ftn7xmG1Yu164fvVfSuS0gTEC1W5Gg56cEKKrb-KHK1Y-SQFtmw40VuZsq-YRS71ohnbweVe2y_6r_YYxocSya3hO5KNsA0qcTZVb3_JOS3_QnAkG-RkYybN6sYMyoq8xzumLLvA8zNSbJ7pWhMHLDaQTmRiyBgZDZNLH-F7xcASuUq7ZhH3q3eeMtksBm-K_OWFSKnh9lYRPQ

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xn--r1a.website/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 02 Nov 2021 21:52:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Range: bytes 0-1934703/1934704
Connection: keep-alive
Content-Length: 1934704
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 02 Nov 2021 21:52:20 GMT
Server: nginx/1.18.0
X-Frame-Options: DENY
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Content-Security-Policy: default-src 'none'; sandbox
Accept-Ranges: 0-1934704
Expires: Thu, 02 Dec 2021 21:52:20 GMT

GET
H/1.1 206
Partial Content cb97b02095.mp4
cdn4.telesco.pe/file/ Frame 0D6B 47 KB
0 52ms
52ms Media
video/mp4 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn4.telesco.pe/file/cb97b02095.mp4?token=VEq0LGCEG8LIrl8-e_7YwHHhORvRp8gR1vqf3qHYmof7p4beVdOi4TpixPkcfBanRq8kiki9JuDhQ4oXucMfonYGuaninRkC-rSOfkw2ACTGqpyZ3KHEZDd59iujRfHyA3r5PR-XOu_1NcIDiUS3WDmzRb4LilSBlYH764iMvFyxUn1R_jNxUX2wpMKuv9LllMt2-LMxSDZoJXvrjS5essO6W3UB8hgAQlb8GxDapwrMAAjeOWxg0VamBJN_x3EusrsLMwm7IDSh15zi1PgFTnoj-iJunrfDYAaA4I_GTZzQqYOeQ99QjVDDhywtaSk7tppqjNc5U6GjtdYx39135A

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xn--r1a.website/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 02 Nov 2021 21:52:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Range: bytes 0-1524796/1524797
Connection: keep-alive
Content-Length: 1524797
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 02 Nov 2021 21:52:20 GMT
Server: nginx/1.18.0
X-Frame-Options: DENY
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Content-Security-Policy: default-src 'none'; sandbox
Accept-Ranges: 0-1524797
Expires: Thu, 02 Dec 2021 21:52:20 GMT

GET
H2 200 alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js Show response
c.disquscdn.com/next/embed/ 78 KB
27 KB 9ms
9ms Script
application/javascript 2600:9000:2057:ee00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js

Requested by

Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:ee00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 05 May 2021 15:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15661610
x-cache: Hit from cloudfront
content-length: 26578
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-67d2"
content-type: application/javascript; charset=utf-8
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
expires: Thu, 05 May 2022 15:25:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: Glb0aGxsf78h0qtY_j_8fpbqT7Z799gXKAf7fasW0TQn815Gn8VhDw==
x-cache-hits: 0

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 156F 43 B
295 B 120ms
120ms Image
image/gif 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&integration=wordpress%203.0.22&load_time=159&event=init_embed&thread=8858752931&forum=thetruedefender-com&forum_id=7253923&imp=5e39t7esa5rng&thread_slug=thousand_reports_confirmed_the_abnormal_tumor_development_after_taking_the_covid_shots&user_type=anon&referrer=https%3A%2F%2Fthetruedefender.com%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default&variant=fallthrough&service=dynamic&promoted_enabled=true&max_enabled=true

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34670%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34670&t_u=https%3A%2F%2Fthetruedefender.com%2Fthousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots%2F&t_e=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&t_d=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&t_t=Thousand%20Reports%20Confirmed%20The%20Abnormal%20Tumor%20Development%20After%20Taking%20The%20COVID%20Shots&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 21:52:20 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 realtime.b23ff3c36dd0169627f8e54ca1621eca.css
c.disquscdn.com/next/embed/styles/ Frame CB7D 337 B
835 B 7ms
7ms Stylesheet
text/css 2600:9000:2057:ee00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css

Requested by

Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:ee00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 19:05:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10031
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 244
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 02 Nov 2021 18:16:01 GMT
server: nginx
etag: "61818061-f4"
content-type: text/css; charset=utf-8
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
expires: Wed, 02 Nov 2022 19:05:09 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: 0NpEZdcWcO1tm_amDnAy7w6lwalVKFKkOptmcOsbhpIIjEyARi1yLA==
x-cache-hits: 0

GET
H2 200 realtime.b23ff3c36dd0169627f8e54ca1621eca.css
c.disquscdn.com/next/embed/styles/ Frame 01EF 337 B
835 B 7ms
6ms Stylesheet
text/css 2600:9000:2057:ee00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css

Requested by

Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:ee00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 19:05:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10031
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 244
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 02 Nov 2021 18:16:01 GMT
server: nginx
etag: "61818061-f4"
content-type: text/css; charset=utf-8
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
expires: Wed, 02 Nov 2022 19:05:09 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: gd1y4SS3cfnBY7RRlk90cDsl6_AsggbsrGPtlyL52UvZlfZaTiV-eg==
x-cache-hits: 0

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 156F 13 KB
13 KB 13ms
13ms Image
image/svg+xml 2600:9000:2057:ee00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.45ce3ab7627dd20241bfd7e5b01d3737.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:ee00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.45ce3ab7627dd20241bfd7e5b01d3737.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 16269279
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Cqy9OOqhTVh5wJxvovEO116by7k1h0LGDM1mk6hqrL_Qdiz4OrRmSQ==
x-cache-hits: 0

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ Frame 0122 45 KB
17 KB 31ms
30ms Script
text/javascript 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: lockerdome.com
URL: https://lockerdome.com/lad/14447308783736934?pubid=ld-14447308783736934&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=1560

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lockerdome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 459
date: Tue, 02 Nov 2021 21:44:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Tue, 02 Nov 2021 23:44:41 GMT

GET
H2 200 pixel.gif
cdn.viglink.com/images/ 43 B
429 B 143ms
42ms Image
image/gif 2606:4700::6810:a00d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viglink.com/images/pixel.gif?ch=1&rn=3.944006922505712
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a00d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:20 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
server: cloudflare
age: 7
etag: "221d8352905f2c38b3cb2bd191d630b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=15, must-revalidate
content-length: 43
accept-ranges: bytes
cf-ray: 6a8096e24ad40e26-MXP
x-amz-request-id: KQNTCKCPP92YSV5A
x-amz-id-2: IdoW0psypTkVJ8IiRS7Mc3H3VKs5+CY1Sq/19lajSNXcx3UQgZTET2z1z5/0BVlKelITSCSZlxg=

GET
H2 200 pixel.gif
cdn.viglink.com/images/ 43 B
102 B 143ms
43ms Image
image/gif 2606:4700::6810:a00d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viglink.com/images/pixel.gif?ch=2&rn=3.944006922505712
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a00d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:20 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
server: cloudflare
age: 7
etag: "221d8352905f2c38b3cb2bd191d630b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=15, must-revalidate
content-length: 43
accept-ranges: bytes
cf-ray: 6a8096e24ad90e26-MXP
x-amz-request-id: KQNTCKCPP92YSV5A
x-amz-id-2: IdoW0psypTkVJ8IiRS7Mc3H3VKs5+CY1Sq/19lajSNXcx3UQgZTET2z1z5/0BVlKelITSCSZlxg=

POST
H/1.1 200
OK / Show response
xn--r1a.website/v/ Frame 0D6B 4 B
491 B 204ms
204ms XHR
application/json 95.216.186.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://xn--r1a.website/v/

Requested by

Host: tlgr.org
URL: https://tlgr.org/js/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.40.186.216.95.clients.your-server.de

Software

nginx /

Resource Hash

b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Security Headers

Name	Value
Strict-Transport-Security	max-age=35768000

Request headers

Accept: */*
Referer: https://xn--r1a.website/s/TheTrueDefender
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:20 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=35768000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-control: no-store
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 206
Partial Content e147b27a2d.mp4
cdn4.telesco.pe/file/ Frame 0D6B 65 KB
66 KB 37ms
36ms Media
video/mp4 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

7fb0d6eef52ad36c85847fc0b0a93bd0748190aa0b58b1e7ddf95b8f106f1dea

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xn--r1a.website/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=1867776-

Response headers

Date: Tue, 02 Nov 2021 21:52:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Range: bytes 1867776-1934703/1934704
Connection: keep-alive
Content-Length: 66928
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 02 Nov 2021 21:52:20 GMT
Server: nginx/1.20.1
X-Frame-Options: DENY
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Content-Security-Policy: default-src 'none'; sandbox
Expires: Thu, 02 Dec 2021 21:52:20 GMT

GET
H/1.1 206
Partial Content 7dd0175d4a.mp4
cdn4.telesco.pe/file/ Frame 0D6B 104 KB
105 KB 67ms
67ms Media
video/mp4 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

ebf628237fab3f0d9615ebe814b9c639a3d8aa71d61e700a985560532fd0ea56

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xn--r1a.website/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=9568256-

Response headers

Date: Tue, 02 Nov 2021 21:52:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Range: bytes 9568256-9675013/9675014
Connection: keep-alive
Content-Length: 106758
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 02 Nov 2021 21:52:20 GMT
Server: nginx/1.18.0
X-Frame-Options: DENY
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Content-Security-Policy: default-src 'none'; sandbox
Accept-Ranges: 0-9675014
Expires: Thu, 02 Dec 2021 21:52:20 GMT

GET
H/1.1 206
Partial Content cb97b02095.mp4
cdn4.telesco.pe/file/ Frame 0D6B 113 KB
114 KB 55ms
54ms Media
video/mp4 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

2f86b3f504c6dee16b7afdb28a4af802c0ea8fc39fb67dc3180dcd9fabe9f0c6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xn--r1a.website/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=1409024-

Response headers

Date: Tue, 02 Nov 2021 21:52:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Range: bytes 1409024-1524796/1524797
Connection: keep-alive
Content-Length: 115773
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 02 Nov 2021 21:52:20 GMT
Server: nginx/1.18.0
X-Frame-Options: DENY
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Content-Security-Policy: default-src 'none'; sandbox
Accept-Ranges: 0-1524797
Expires: Thu, 02 Dec 2021 21:52:20 GMT

GET
H/1.1 206
Partial Content e147b27a2d.mp4
cdn4.telesco.pe/file/ Frame 0D6B 95 KB
0 38ms
38ms Media
video/mp4 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xn--r1a.website/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=32768-

Response headers

Date: Tue, 02 Nov 2021 21:52:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Range: bytes 32768-1934703/1934704
Connection: keep-alive
Content-Length: 1901936
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 02 Nov 2021 21:52:20 GMT
Server: nginx/1.20.1
X-Frame-Options: DENY
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Content-Security-Policy: default-src 'none'; sandbox
Expires: Thu, 02 Dec 2021 21:52:20 GMT

GET
H/1.1 206
Partial Content 7dd0175d4a.mp4
cdn4.telesco.pe/file/ Frame 0D6B 143 KB
0 79ms
79ms Media
video/mp4 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xn--r1a.website/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=32768-

Response headers

Date: Tue, 02 Nov 2021 21:52:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Range: bytes 32768-9675013/9675014
Connection: keep-alive
Content-Length: 9642246
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 02 Nov 2021 21:52:20 GMT
Server: nginx/1.18.0
X-Frame-Options: DENY
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Content-Security-Policy: default-src 'none'; sandbox
Accept-Ranges: 0-9675014
Expires: Thu, 02 Dec 2021 21:52:20 GMT

GET
H/1.1 206
Partial Content cb97b02095.mp4
cdn4.telesco.pe/file/ Frame 0D6B 95 KB
0 70ms
70ms Media
video/mp4 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 London, United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xn--r1a.website/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=32768-

Response headers

Date: Tue, 02 Nov 2021 21:52:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Range: bytes 32768-1524796/1524797
Connection: keep-alive
Content-Length: 1492029
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 02 Nov 2021 21:52:20 GMT
Server: nginx/1.18.0
X-Frame-Options: DENY
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Content-Security-Policy: default-src 'none'; sandbox
Accept-Ranges: 0-1524797
Expires: Thu, 02 Dec 2021 21:52:20 GMT

GET
H2 200 publishertag.prebid.113.js Show response
static.criteo.net/js/ld/ 85 KB
27 KB 226ms
36ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:21 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 12:50:31 GMT
server: nginx
etag: W/"6138b197-1532d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 03 Nov 2021 21:52:21 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
114 B 132ms
132ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
date: Tue, 02 Nov 2021 21:52:20 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 1
vary: origin, Accept-Encoding

POST
H2 204 v2 Show response
i.connectad.io/api/ 0
62 B 380ms
79ms XHR
text/plain 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Nov 2021 21:52:21 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 6a8096e558833753-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
41 B 61ms
61ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Nov 2021 21:52:21 GMT
server: nginx
access-control-allow-methods: POST, GET
access-control-allow-origin: https://thetruedefender.com
access-control-allow-credentials: true
accept-ch-lifetime: 604800
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
access-control-allow-headers: authorization, origin, x-requested-with, cookie, content-type, accept-ch

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 27ms
26ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.14.0&cb=52544613088
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
date: Tue, 02 Nov 2021 21:52:20 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
309 B 106ms
105ms XHR
application/json 88.212.252.2
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.212.252.2 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 140 B
823 B 27ms
27ms XHR
application/json 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

eae1ffdb6fdd7704a8f58a0ae137925f5bfae61739d73de00c62cd423494578f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:21 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 06e97875-0f2b-43e5-9fe6-692a74235fc2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://thetruedefender.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 140
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST prebid-request
onetag-sys.com/ 0
0

POST
H2 204 apacdex Show response
useast.quantumdex.io/auction/ 0
156 B 189ms
188ms XHR
text/plain 2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/apacdex
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Nov 2021 21:52:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://thetruedefender.com
access-control-allow-credentials: true
cf-ray: 6a8096e3883e0e06-MXP

POST
H2 200 bid-request Show response
rtb.adpone.com/ 770 B
988 B 639ms
638ms XHR
application/json 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adpone.com/bid-request?pid=1217251311622&gdpr_applies=false&consentString=undefined
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8344a6a51143c26b02ba22367c0f7d3bfcff7951cc590f753e09aeba755cea7

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Nov 2021 21:52:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VhJv0oMNBeNx%2FUqJD58DFh5zgWr5uTmvhNn9kBpqPFlgGqnDQ4CqIe15q5MEnPnA0o1wOeuPBGQMUGuVkNPa27%2BH9iYLKBliv5x7StivOGq172g0xIG7a2S2hbiN5%2F02Q8tB9QJpRmbJs%2Bwo"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://thetruedefender.com
access-control-allow-credentials: true
cf-ray: 6a8096e38ce5e8fb-MXP

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 1016 B
2 KB 114ms
114ms XHR
application/json 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 7723cbd4284fa4de9d098c53e0b0710e67f186370322d984913375c8aa45e4cc

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:20 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 6%3b5%3b77
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
181 B 42ms
42ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
date: Tue, 02 Nov 2021 21:52:21 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 146 B
1 KB 88ms
88ms XHR
application/json 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

d60f68c7b443a27ae8476859eb623b9b46a2d97e892cb317c317c07e77b8b2c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:21 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b17315fa-eda2-4088-9f7a-aa23b652e936
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://thetruedefender.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 146
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame B983
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

281 B
554 B

41ms
8ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 02 Nov 2021 21:52:21 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Date: Tue, 02 Nov 2021 21:52:21 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK sas-banner-1.2.js Show response
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame 5DCC 31 KB
11 KB 214ms
32ms Script
application/x-javascript 2.16.186.104
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.104 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-104.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 62ebdd655eb7d82324ded1127e184b1f4a65132a2b4f5ba0e113d3b65cc47b61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 21:52:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Oct 2021 08:07:40 GMT
Server: AkamaiNetStorage
ETag: "0d7189fa1121540662ae60c7b7896c2f:1634717897.994352"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10406

POST ping
links.services.disqus.com/api/ 0
0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame B353 11 KB
5 KB 91ms
17ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=thetruedefender.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2019
date: Tue, 02 Nov 2021 21:52:21 GMT
content-length: 4685

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
26 KB 65ms
18ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 023d2dda72814a8b932eaa0e1d2c7c1c4bd5f493d9c018e3345d8bc3f9bc6d69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:21 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 03:25:58 GMT
server: nginx
etag: W/"6178c6c6-14b2b"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 03 Nov 2021 21:52:21 GMT

GET
H/1.1 200
OK st.min.html Show response
apps.sascdn.com/rtb/transparency/handler/ Frame F6F4 531 B
811 B 57ms
13ms Document
text/html 2a02:26f0:6c00::210:ba0b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22466229771115954545%22%2c%22adomain%22%3a%22johnreed.fitness%22%2c%22page%22%3a%221366485%22%2c%22format%22%3a%2289189%22%2c%22crid%22%3a%229558186%22%2c%22dsp%22%3a%2225%22%2c%22buyer%22%3a%2267013%22%2c%22cid%22%3a%221010206%22%2c%22adid%22%3a%229558186%22%2c%22hash%22%3a%22-6598830072001205560%22%7d
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

Accept-Ranges: bytes
Content-Type: text/html
ETag: "cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Last-Modified: Thu, 18 Feb 2021 14:12:04 GMT
Server: AkamaiNetStorage
Content-Length: 531
Date: Tue, 02 Nov 2021 21:52:21 GMT
Connection: keep-alive

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame B941 2 KB
1 KB 111ms
66ms Script
application/x-javascript 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=sas&s_exch=sas&id=5aW95q2jLzIzLyAvTjJJMk1EazROV1l0WmpNeE9TMDNaR1JsTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1MjIwNjg0MjI3NDQ5MDkzMDAvOTU1ODE4Ni85NDY0NjAyLzM5LzV2T0ZURm1NVEJpUUYxN1ZwVTRCb2lQTjdXLWpWMHlsa0ZnamxXYjdRT3cvMS8xMDAwLzAvMC8xNjkwMDgzLzMyNTcxNjY4NjgvMjI2NTg5LzEwMTAyMDYvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMTA0LzQyMDg0OS8wLzAvODUyMjA2ODQyMjc0NDkwOTMwMC96cmgvMC85OTk1Lzg3Lzk5OS8zMjIvMTk0LjM2LjEwOC4wLzAuMDAwLzE2MzU4ODk5NDAvMTYzNTkwMjU0MC8xMDAwLzIwNzkv/a6aQD_lExwp1eoDE5K6fv5P3KnA&nodeid=2629&group=zrh&auctionid=8522068422744909300&shardkey=8522068422744909300&sid=9464602&cid=9558186&price=0.236258&bp=a_cdgcfi&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.135.143
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.207.1 /
Resource Hash: 5e95edacefbf5579eb92a9299cae71cee87410fd4681b7108f1cddb5964074f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 21:52:21 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1635889940
Last-Modified: Tue, 02 Nov 2021 21:52:20 GMT
Server: MMBD/3.207.1
x-mm-latency: 47 (4)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: cdg-router-x81, zrh-bidder-x143
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Tue, 02 Nov 2021 21:52:20 GMT

GET
H/1.1 200
OK aip
itx4.smartadserver.com/h/ Frame B941 43 B
436 B 55ms
19ms Image
image/gif 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itx4.smartadserver.com/h/aip?uii=466229771115956364&tmstp=6368387391&ckid=9042791116394692608&pubid=3&systgt=%24qc%3d1311284246%3b%24ql%3dUnknown%3b%24qpc%3d60311%3b%24qt%3d25_1045_42811t%3b%24dma%3d0%3b%24b%3d16950%3b%24o%3d11100&acd=1635889940166&envtype=0&opid=57daa2be-4897-474e-bf4f-dcf9f8789f86&opdt=1635889940166&siteid=402008&tgt=%24dt%3d1t&gdpr=0&visit=S&statid=3&imptype=0&pgDomain=https%3a%2f%2fthetruedefender.com%2fthousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots%2f&cappid=9042791116394692608&capp=1&mcrdbt=1&insid=10104881&imgid=0&pgid=1366485&fmtid=89189&isLazy=0&rtb=1&rtbnid=2079&rtbbid=466229771115954545&rtbh=8103409e85103f4cb0c79d6dda5a7da0976f6bbc&rtblt=637714867401698629&rtbet=0&rtbptnid=25&cftgid=5cea8b1dab2b
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:20 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

200

sid Show response
mug.criteo.com/ Frame B353
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=thetruedefender.com&sn=ChromeSyncframe&so=0&topUrl=thetruedefender.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=y5HXgHxtLzh5amdZRUE5WWo5S2FvY0QreE1VbzNWYWVkT3BaNy9rV2t1Z1EzeFpOdEJNQjlZMHcxU0RCTGMxamc2L2JKQlZleHFzTGNFZmdPbTZwWGd1WjVHZVNiRHZ2b3AvbkJ3MDAyeDYxYXZzM0lYNDMzTStFRVZpaG...

449 B
634 B

68ms
18ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=y5HXgHxtLzh5amdZRUE5WWo5S2FvY0QreE1VbzNWYWVkT3BaNy9rV2t1Z1EzeFpOdEJNQjlZMHcxU0RCTGMxamc2L2JKQlZleHFzTGNFZmdPbTZwWGd1WjVHZVNiRHZ2b3AvbkJ3MDAyeDYxYXZzM0lYNDMzTStFRVZpaG9mT05GRXBJcHlLVDJTajlyZXhmcDIra29aNmtLUjN2YWVBOEpnckpuZ1krTkpubUR4bU9vVFZkSzljbHdpbDZPY01YdG1QQTFxenc1RFppcWVYUFdBbGNabUhNbVVKV3NsaDFjc0dRd0VwNjZBc1VjWXR6RmJzN0w0MXVyWUVZZlpTOFFhR2dJZ2ZkdXpINFVwNHI0eUUxK1liK3VnZz09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

071f953e4deef698c9a6c8540e2c4b311932137e5f5b2d3a219503c03f67d233

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 02 Nov 2021 21:52:20 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2095
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 02 Nov 2021 21:52:20 GMT
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=y5HXgHxtLzh5amdZRUE5WWo5S2FvY0QreE1VbzNWYWVkT3BaNy9rV2t1Z1EzeFpOdEJNQjlZMHcxU0RCTGMxamc2L2JKQlZleHFzTGNFZmdPbTZwWGd1WjVHZVNiRHZ2b3AvbkJ3MDAyeDYxYXZzM0lYNDMzTStFRVZpaG9mT05GRXBJcHlLVDJTajlyZXhmcDIra29aNmtLUjN2YWVBOEpnckpuZ1krTkpubUR4bU9vVFZkSzljbHdpbDZPY01YdG1QQTFxenc1RFppcWVYUFdBbGNabUhNbVVKV3NsaDFjc0dRd0VwNjZBc1VjWXR6RmJzN0w0MXVyWUVZZlpTOFFhR2dJZ2ZkdXpINFVwNHI0eUUxK1liK3VnZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1897
content-length: 541
expires: 0

GET
H/1.1 200
OK 7vw59adviql2 Show response
hal9000.redintelligence.net/zone/ Frame B941 10 KB
3 KB 46ms
12ms Script
text/html 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/7vw59adviql2?subid=&gdpr=0&gdpr_consent=&rnd=8522068422744909300&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:sas&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8522068422744909300%26mt_id%3D9558186%26mt_adid%3D226589%26mt_sid%3D9464602%26mt_exid%3D39%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D37cd6181-b315-4a01-9dc4-5b657bf75408%26mt_cid%3D37cd6181-b315-4a01-9dc4-5b657bf75408%26redirect%3D
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 8727353028ec84a1d143d12d2e7f3db41228182be2abf4e03b27b642125a67c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 21:52:21 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 2852
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame B941 49 B
330 B 75ms
36ms Image
image/gif 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=8522068422744909300&node_id=2629&exch_id=39
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=sas&s_exch=sas&id=5aW95q2jLzIzLyAvTjJJMk1EazROV1l0WmpNeE9TMDNaR1JsTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1MjIwNjg0MjI3NDQ5MDkzMDAvOTU1ODE4Ni85NDY0NjAyLzM5LzV2T0ZURm1NVEJpUUYxN1ZwVTRCb2lQTjdXLWpWMHlsa0ZnamxXYjdRT3cvMS8xMDAwLzAvMC8xNjkwMDgzLzMyNTcxNjY4NjgvMjI2NTg5LzEwMTAyMDYvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMTA0LzQyMDg0OS8wLzAvODUyMjA2ODQyMjc0NDkwOTMwMC96cmgvMC85OTk1Lzg3Lzk5OS8zMjIvMTk0LjM2LjEwOC4wLzAuMDAwLzE2MzU4ODk5NDAvMTYzNTkwMjU0MC8xMDAwLzIwNzkv/a6aQD_lExwp1eoDE5K6fv5P3KnA&nodeid=2629&group=zrh&auctionid=8522068422744909300&shardkey=8522068422744909300&sid=9464602&cid=9558186&price=0.236258&bp=a_cdgcfi&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.135.143
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.207.1 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 21:52:21 GMT
Server: MMBD/3.207.1
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x94, zrh-bidder-x143
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Tue, 02 Nov 2021 21:52:20 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame B941 43 B
372 B 116ms
48ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=39&v2=8522068422744909300&v3=1010206&v4=9464602&v5=9558186&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=sas&s_exch=sas&id=5aW95q2jLzIzLyAvTjJJMk1EazROV1l0WmpNeE9TMDNaR1JsTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1MjIwNjg0MjI3NDQ5MDkzMDAvOTU1ODE4Ni85NDY0NjAyLzM5LzV2T0ZURm1NVEJpUUYxN1ZwVTRCb2lQTjdXLWpWMHlsa0ZnamxXYjdRT3cvMS8xMDAwLzAvMC8xNjkwMDgzLzMyNTcxNjY4NjgvMjI2NTg5LzEwMTAyMDYvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMTA0LzQyMDg0OS8wLzAvODUyMjA2ODQyMjc0NDkwOTMwMC96cmgvMC85OTk1Lzg3Lzk5OS8zMjIvMTk0LjM2LjEwOC4wLzAuMDAwLzE2MzU4ODk5NDAvMTYzNTkwMjU0MC8xMDAwLzIwNzkv/a6aQD_lExwp1eoDE5K6fv5P3KnA&nodeid=2629&group=zrh&auctionid=8522068422744909300&shardkey=8522068422744909300&sid=9464602&cid=9558186&price=0.236258&bp=a_cdgcfi&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.135.143
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4067 88cc6bf master cdg-pixel-x2 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 21:52:21 GMT
Server: MT3 4067 88cc6bf master cdg-pixel-x2 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 02 Nov 2021 21:52:20 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame B941 49 B
330 B 69ms
30ms Image
image/gif 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=sas&bid=8522068422744909300&st=9464602&time=1635889941&nodeid=2629
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=sas&s_exch=sas&id=5aW95q2jLzIzLyAvTjJJMk1EazROV1l0WmpNeE9TMDNaR1JsTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1MjIwNjg0MjI3NDQ5MDkzMDAvOTU1ODE4Ni85NDY0NjAyLzM5LzV2T0ZURm1NVEJpUUYxN1ZwVTRCb2lQTjdXLWpWMHlsa0ZnamxXYjdRT3cvMS8xMDAwLzAvMC8xNjkwMDgzLzMyNTcxNjY4NjgvMjI2NTg5LzEwMTAyMDYvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMTA0LzQyMDg0OS8wLzAvODUyMjA2ODQyMjc0NDkwOTMwMC96cmgvMC85OTk1Lzg3Lzk5OS8zMjIvMTk0LjM2LjEwOC4wLzAuMDAwLzE2MzU4ODk5NDAvMTYzNTkwMjU0MC8xMDAwLzIwNzkv/a6aQD_lExwp1eoDE5K6fv5P3KnA&nodeid=2629&group=zrh&auctionid=8522068422744909300&shardkey=8522068422744909300&sid=9464602&cid=9558186&price=0.236258&bp=a_cdgcfi&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.135.143
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.207.1 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 21:52:21 GMT
Server: MMBD/3.207.1
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x42, zrh-bidder-x143
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Tue, 02 Nov 2021 21:52:20 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame B983 31 KB
10 KB 10ms
9ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 934ae5d93b0fa3d644fb2582defb5eef59982cc5c72dc338d58656c2e44de14b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 21:52:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Nov 2021 17:32:20 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=73953
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9395
Expires: Wed, 03 Nov 2021 18:24:54 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame B983 284 B
536 B 66ms
8ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/jpg

GET
H/1.1

200
OK

request.php Show response
hal900016.redintelligence.net/ Frame B941
Redirect Chain

https://hal900016.redintelligence.net/request.php?zone=7vw59adviql2&nw=20&renderingType=javascript&namespace=3755b04aae&subid=&uid=83f09655ef0a7330&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900016.redintelligence.net/request.php?zone=7vw59adviql2&nw=20&renderingType=javascript&namespace=3755b04aae&subid=&uid=83f09655ef0a7330&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

613 B
935 B

71ms
49ms

Script
application/x-javascript

138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900016.redintelligence.net/request.php?zone=7vw59adviql2&nw=20&renderingType=javascript&namespace=3755b04aae&subid=&uid=83f09655ef0a7330&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Asas&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8522068422744909300%26mt_id%3D9558186%26mt_adid%3D226589%26mt_sid%3D9464602%26mt_exid%3D39%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D37cd6181-b315-4a01-9dc4-5b657bf75408%26mt_cid%3D37cd6181-b315-4a01-9dc4-5b657bf75408%26redirect%3D&documentReferer=https%3A%2F%2Fthetruedefender.com%2Fthousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots%2F&ancestorOrigins=https%3A%2F%2Fthetruedefender.com%2Chttps%3A%2F%2Fthetruedefender.com&random=6398875256767&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/
Protocol: HTTP/1.1
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e62414ffb988b8ff08ae3b877d3fec3f38f3773ec63f726e9352769951fa6053

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:21 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 58733500250797203500432011766016
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 329
Expires: Tue, 02 Nov 2021 21:52:21 +0100

Redirect headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:21 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=7vw59adviql2&nw=20&renderingType=javascript&namespace=3755b04aae&subid=&uid=83f09655ef0a7330&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Asas&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8522068422744909300%26mt_id%3D9558186%26mt_adid%3D226589%26mt_sid%3D9464602%26mt_exid%3D39%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D37cd6181-b315-4a01-9dc4-5b657bf75408%26mt_cid%3D37cd6181-b315-4a01-9dc4-5b657bf75408%26redirect%3D&documentReferer=https%3A%2F%2Fthetruedefender.com%2Fthousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots%2F&ancestorOrigins=https%3A%2F%2Fthetruedefender.com%2Chttps%3A%2F%2Fthetruedefender.com&random=6398875256767&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Tue, 02 Nov 2021 21:52:21 +0100

GET
H/1.1 200
OK request_content.php Show response
hal900016.redintelligence.net/ Frame E739 4 KB
2 KB 35ms
13ms Document
text/html 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900016.redintelligence.net/request_content.php?s=58733500250797203500432011766016&a=2ed0d314
Requested by: Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request.php?zone=7vw59adviql2&nw=20&renderingType=javascript&namespace=3755b04aae&subid=&uid=83f09655ef0a7330&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Asas&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8522068422744909300%26mt_id%3D9558186%26mt_adid%3D226589%26mt_sid%3D9464602%26mt_exid%3D39%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D37cd6181-b315-4a01-9dc4-5b657bf75408%26mt_cid%3D37cd6181-b315-4a01-9dc4-5b657bf75408%26redirect%3D&documentReferer=https%3A%2F%2Fthetruedefender.com%2Fthousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots%2F&ancestorOrigins=https%3A%2F%2Fthetruedefender.com%2Chttps%3A%2F%2Fthetruedefender.com&random=6398875256767&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e79482f5d457ca4e23fd2200b4dbc9ad872e24f20e7d9d7b188e2bc778d7bef3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

Date: Tue, 02 Nov 2021 21:52:21 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 02 Nov 2021 21:52:21 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1523
Connection: close
Content-Type: text/html; charset=utf-8

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame E739 747 B
941 B 103ms
22ms Script
text/javascript 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=50457257;click=https%3A%2F%2Fhal900016.redintelligence.net%2Fc%2Fpmd8nhncy2dmmvp%3Ftprde%3D

Requested by

Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=58733500250797203500432011766016&a=2ed0d314

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

91b66b071069f848a73997d924408d7f88dcebaeb3921a472cd388b0c9036a30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:21 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 548
expires: -1

GET
H/1.1 200
OK viewability Show response
hal900016.redintelligence.net/ Frame E739 0
150 B 37ms
13ms Script
text/html 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900016.redintelligence.net/viewability?s=58733500250797203500432011766016&a=484abb88&vb=m
Requested by: Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=58733500250797203500432011766016&a=2ed0d314
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/request_content.php?s=58733500250797203500432011766016&a=2ed0d314
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 21:52:21 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame E739 33 KB
16 KB 122ms
22ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=50457257;click=https%3A%2F%2Fhal900016.redintelligence.net%2Fc%2Fpmd8nhncy2dmmvp%3Ftprde%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:21 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 04 Nov 2021 01:18:17 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame E739 4 KB
2 KB 22ms
22ms Script
text/javascript 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=50457257;click=https%3A%2F%2Fhal900016.redintelligence.net%2Fc%2Fpmd8nhncy2dmmvp%3Ftprde%3D;js=1;adfxid=1x;2385;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fthetruedefender.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6c5c8e0b5e2e8acb7cec79788140b4c7b27268b6fe17a5587c51add17fa67eaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:21 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2026
expires: -1

GET
DATA 200
OK truncated
/ Frame E739 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/24i/tools/js/ Frame E739 851 B
1 KB 121ms
9ms Script
application/javascript 85.114.131.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/24i/tools/js/addDoubleBorder.js
Requested by: Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=58733500250797203500432011766016&a=2ed0d314
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21037.dus4.fastwebserver.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 21:52:22 GMT
Last-Modified: Tue, 03 May 2016 20:54:50 GMT
Server: nginx
ETag: "5729101a-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame E739 90 KB
39 KB 29ms
29ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bb2e8a68e96ef3d9e906cdd9a4e168f516930e8a5ebaf78993d0a084106ead88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:22 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 04 Nov 2021 01:18:22 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame E739 35 B
478 B 22ms
21ms Ping
image/gif 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=50457257&csi=cXr-w60xEotuCKKLHQ7mylnjbIKNc61ep0tSJ5z2zVfrygPkIxxfk46MHdbf6wf4KN_FQcm2Z7E9UW3esWxHXt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal900016.redintelligence.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:22 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://hal900016.redintelligence.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 10431995.js Show response
s1.adform.net/Banners/Elements/Files/169192/10431995/ Frame F116 6 KB
2 KB 21ms
21ms Script
application/x-javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10431995/10431995.js?ADFassetID=10431995&bv=515

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

3b6dabc25c6f2284c68ffa1a0a016d6d8eac85d2244675ee2c94d910255b010e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:22 GMT
content-encoding: gzip
last-modified: Sun, 24 Oct 2021 16:11:17 GMT
server: nginx
etag: W/"617585a5-191a"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame F116 30 KB
13 KB 26ms
25ms Script
application/x-javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:22 GMT
content-encoding: gzip
last-modified: Fri, 14 May 2021 12:35:29 GMT
server: nginx
etag: W/"609e6e91-76d9"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 logo1_linie.png
s1.adform.net/Banners/Elements/Files/169192/10431995/bvpath_515/images/ Frame F116 374 B
671 B 27ms
25ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10431995/bvpath_515/images/logo1_linie.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

4fb7da1e767138bdd223778786f7b3a48072fd689f029940600fcc5678efcbe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:22 GMT
last-modified: Sun, 24 Oct 2021 16:11:17 GMT
server: nginx
etag: "617585a5-176"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 374

GET
H2 200 logo1.png
s1.adform.net/Banners/Elements/Files/169192/10431995/bvpath_515/images/ Frame F116 11 KB
11 KB 29ms
27ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10431995/bvpath_515/images/logo1.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

5f2f18aec7345dd5c5af496b485f07156f039b3fbd091e52418ee993885175ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:22 GMT
last-modified: Sun, 24 Oct 2021 16:11:17 GMT
server: nginx
etag: "617585a5-2afd"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 11005

GET
H2 200 logo2.png
s1.adform.net/Banners/Elements/Files/169192/10431995/bvpath_515/images/ Frame F116 6 KB
6 KB 30ms
29ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10431995/bvpath_515/images/logo2.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b4bd66d27bcd179af78cc5596a6ebb04457528cd7d4344760c9119ce7b26e233

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:22 GMT
last-modified: Sun, 24 Oct 2021 16:11:17 GMT
server: nginx
etag: "617585a5-175b"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 5979

GET
H2 200 motiv1.jpg
s1.adform.net/Banners/Elements/Files/169192/10431995/bvpath_515/images/ Frame F116 18 KB
18 KB 34ms
32ms Image
image/jpeg 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10431995/bvpath_515/images/motiv1.jpg

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

7c3486c8d6b8a89a785cd2bd20bd64487a6518900720d85999ecefffc246c076

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:22 GMT
last-modified: Sun, 24 Oct 2021 16:11:17 GMT
server: nginx
etag: "617585a5-4731"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 18225

GET
H2 200 txt1.png
s1.adform.net/Banners/Elements/Files/169192/10431995/bvpath_515/images/ Frame F116 7 KB
7 KB 36ms
35ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10431995/bvpath_515/images/txt1.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

cf19b50b61fcb709cac17f29d02dddb82a9711227585e2607dd5ef42b613fa28

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:22 GMT
last-modified: Sun, 24 Oct 2021 16:11:17 GMT
server: nginx
etag: "617585a5-1bcb"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 7115

GET
H2 200 txt12.png
s1.adform.net/Banners/Elements/Files/169192/10431995/bvpath_515/images/ Frame F116 1 KB
2 KB 37ms
36ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10431995/bvpath_515/images/txt12.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

323f9384b04de16655cc1378fd2655ff02e512ff2c2536d5ab8e0d7ac9a1037c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:22 GMT
last-modified: Sun, 24 Oct 2021 16:11:17 GMT
server: nginx
etag: "617585a5-536"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 1334

GET
H2 200 txt2.png
s1.adform.net/Banners/Elements/Files/169192/10431995/bvpath_515/images/ Frame F116 3 KB
4 KB 37ms
36ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10431995/bvpath_515/images/txt2.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a1eb43d3b2628d370e2446a492808c177f039292f007b984a851a70812753b3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:22 GMT
last-modified: Sun, 24 Oct 2021 16:11:17 GMT
server: nginx
etag: "617585a5-d65"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 3429

GET
H2 200 motiv2.jpg
s1.adform.net/Banners/Elements/Files/169192/10431995/bvpath_515/images/ Frame F116 34 KB
34 KB 41ms
40ms Image
image/jpeg 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10431995/bvpath_515/images/motiv2.jpg

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

257aa0fe09b3bf4b6c1869211fdbd95f9e56d739dabb3be9808764270a00e410

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:22 GMT
last-modified: Sun, 24 Oct 2021 16:11:17 GMT
server: nginx
etag: "617585a5-87cf"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 34767

GET
H2 200 unten.png
s1.adform.net/Banners/Elements/Files/169192/10431995/bvpath_515/images/ Frame F116 852 B
1 KB 46ms
45ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10431995/bvpath_515/images/unten.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8a3444042157f7809f0fab7cad136bf9b3a383c2d2b3b3b87311e55c85ee0837

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:22 GMT
last-modified: Sun, 24 Oct 2021 16:11:17 GMT
server: nginx
etag: "617585a5-354"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 852

GET
H2 200 txt4.png
s1.adform.net/Banners/Elements/Files/169192/10431995/bvpath_515/images/ Frame F116 816 B
1 KB 47ms
46ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10431995/bvpath_515/images/txt4.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

7df1f509c76a628ef5d5ad7786b00a73603a4fdb7cdb104d4ec2e69a59e89275

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:22 GMT
last-modified: Sun, 24 Oct 2021 16:11:17 GMT
server: nginx
etag: "617585a5-330"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 816

GET
H2 200 motiv3.jpg
s1.adform.net/Banners/Elements/Files/169192/10431995/bvpath_515/images/ Frame F116 34 KB
34 KB 49ms
48ms Image
image/jpeg 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10431995/bvpath_515/images/motiv3.jpg

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6577a7f099bb2427321e33527186d259d4b6e248497fdc97a6600d51d6a8484a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:22 GMT
last-modified: Sun, 24 Oct 2021 16:11:17 GMT
server: nginx
etag: "617585a5-883a"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 34874

GET
H2 200 cta.png
s1.adform.net/Banners/Elements/Files/169192/10431995/bvpath_515/images/ Frame F116 3 KB
4 KB 53ms
53ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/169192/10431995/bvpath_515/images/cta.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

9bd22f7705467d07c0f399042993aa71ff4fc0d708a6e5d654d2d8b06e7cf287

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:22 GMT
last-modified: Sun, 24 Oct 2021 16:11:17 GMT
server: nginx
etag: "617585a5-da5"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 3493

GET
H/1.1 200
OK action
www8.smartadserver.com/track/ Frame 5DCC 43 B
163 B 91ms
20ms Image
image/gif 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www8.smartadserver.com/track/action?sid=1635889941121&pid=1366485&iid=10104881&cid=0&key=viewcount&rtb=1&rtbbid=466229771115954545&rtbet=0&rtblt=637714867401698629&rtbnid=2079&rtbh=8103409e85103f4cb0c79d6dda5a7da0976f6bbc&ts=1635889941121
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:21 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1 200
OK viewability Show response
hal900016.redintelligence.net/ Frame E739 0
150 B 34ms
12ms Script
text/html 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900016.redintelligence.net/viewability?s=58733500250797203500432011766016&a=484abb88&vb=v
Requested by: Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=58733500250797203500432011766016&a=2ed0d314
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/request_content.php?s=58733500250797203500432011766016&a=2ed0d314
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 21:52:22 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H2 200 /
track.adform.net/serving/unload/ Frame E739 35 B
478 B 21ms
21ms Ping
image/gif 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=102534494300021785@@50457257,2180956389242426510,100|1200|0|0|0|0|0|0|0||47|1|||||1|0|0|UDIayQXHERZcPlakbYq96RZf4KTsCaLNsosmjXY3fzQ-6N9HS3kS4Im3nyX34Xgm0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal900016.redintelligence.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:23 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://hal900016.redintelligence.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthetruedefender.com%2F&domain=thetruedefender.com&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=CfSqJ3xmQ2cyalNDVWVxaTB6WmsyRVhyaUdrZ0VReDBncHF2Zk11bjc5dXJ2RURrR1ZDMWo0a1F1UEl5TEV0MWhGVmZyb2toM3gwOU9GU1hzeDFTZVMzOW5IYWlYU0FBdFozVkR6Tk9JUlNheU53UFdIQXNYWDFBa3E2eT...

465 B
692 B

19ms
18ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=CfSqJ3xmQ2cyalNDVWVxaTB6WmsyRVhyaUdrZ0VReDBncHF2Zk11bjc5dXJ2RURrR1ZDMWo0a1F1UEl5TEV0MWhGVmZyb2toM3gwOU9GU1hzeDFTZVMzOW5IYWlYU0FBdFozVkR6Tk9JUlNheU53UFdIQXNYWDFBa3E2eTNyaFIwbEhaMEV4emVzZmVHRks3cnkxM3ZsNkRFUXZ6c0tKZ0ZEcWYzcU91a3pIU2VoSjF2RUd0VzJDaWlGdXdLQnY1SUVqb1hnbXNGaEo3R24wbVZSd3dPTWhESzk1c21Ud1l1ZWYvTktsWVo2RjgzK2JleERHTlNWbXh3a3BoTWc2WFd4am1CRVA4NXUxbXFIcS9CL2FjUmhLVEk0Smw4Q1Q1OGQ2d2Q3WjVBaVQrRlR2ST18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

166947202db131a556e24bba1116e1a2c11532a1db3487b3b0984388bff9bc14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 02 Nov 2021 21:52:24 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2115
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 02 Nov 2021 21:52:23 GMT
location: https://mug.criteo.com/sid?cpp=CfSqJ3xmQ2cyalNDVWVxaTB6WmsyRVhyaUdrZ0VReDBncHF2Zk11bjc5dXJ2RURrR1ZDMWo0a1F1UEl5TEV0MWhGVmZyb2toM3gwOU9GU1hzeDFTZVMzOW5IYWlYU0FBdFozVkR6Tk9JUlNheU53UFdIQXNYWDFBa3E2eTNyaFIwbEhaMEV4emVzZmVHRks3cnkxM3ZsNkRFUXZ6c0tKZ0ZEcWYzcU91a3pIU2VoSjF2RUd0VzJDaWlGdXdLQnY1SUVqb1hnbXNGaEo3R24wbVZSd3dPTWhESzk1c21Ud1l1ZWYvTktsWVo2RjgzK2JleERHTlNWbXh3a3BoTWc2WFd4am1CRVA4NXUxbXFIcS9CL2FjUmhLVEk0Smw4Q1Q1OGQ2d2Q3WjVBaVQrRlR2ST18&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2213
content-length: 567
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 56ms
22ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthetruedefender.com%2F&domain=thetruedefender.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://thetruedefender.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://thetruedefender.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1417
date: Tue, 02 Nov 2021 21:52:23 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 3972 52 KB
17 KB 83ms
26ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Wed, 03 Nov 2021 21:52:26 GMT
Date: Tue, 02 Nov 2021 21:52:24 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame E65D 658 B
837 B 65ms
65ms Document
text/html 88.212.252.2
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.212.252.2 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: a3cfff1f84f089837e93a0d14f52efcf01560750ab9fff5c3a0fcaa705d9b34b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 658

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame 7340 658 B
837 B 65ms
64ms Document
text/html 88.212.252.2
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.212.252.2 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 0527ce5b5792f6d9b63ea01a0ceab6ba6603c441f35be4fbba6823f88ace6f75

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 658

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 6418 52 KB
17 KB 79ms
26ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Wed, 03 Nov 2021 21:52:26 GMT
Date: Tue, 02 Nov 2021 21:52:24 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 apacdex Show response
sync.quantumdex.io/usersync/ Frame 0953 3 KB
802 B 170ms
160ms Document
text/html 2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/apacdex
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93f93bb11d7fad6a56886d7f4c335e43c924d046744b285ce6a04f16030f63fb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
content-type: text/html
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a8096f64e230e06-MXP
content-encoding: gzip

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 0CAB 52 KB
17 KB 80ms
28ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Wed, 03 Nov 2021 21:52:26 GMT
Date: Tue, 02 Nov 2021 21:52:24 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame 8020 1 KB
749 B 76ms
66ms Document
text/html 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a8096f64fca3753-MXP
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 0BB5 2 KB
823 B 3967ms
3967ms Document
text/html 51.75.86.98

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1635889941104

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame D0D6 1 KB
703 B 83ms
77ms Document
text/html 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a8096f64fc13753-MXP
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame 7EBC 1 KB
704 B 81ms
75ms Document
text/html 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a8096f64fc53753-MXP
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame BE41 1 KB
704 B 72ms
67ms Document
text/html 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a8096f64fcd3753-MXP
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame C71C 442 B
439 B 34ms
33ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

server: nginx
date: Tue, 02 Nov 2021 21:52:24 GMT
content-type: text/html; charset=utf-8
content-length: 306
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
accept-ch-lifetime: 604800
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization, origin, x-requested-with, cookie, content-type, accept-ch
access-control-allow-methods: POST, GET
access-control-allow-origin
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 08:16:03 GMT
vary: Accept-Encoding

GET
H2 200 apacdex Show response
sync.quantumdex.io/usersync/ Frame FEED 3 KB
833 B 172ms
170ms Document
text/html 2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/apacdex
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1ec47f2cdbe72cfa78eea0aa8630c75a0b146d36473ac659fecaf00475fc098

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
content-type: text/html
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a8096f64e270e06-MXP
content-encoding: gzip

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame 18BF 442 B
348 B 33ms
33ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

server: nginx
date: Tue, 02 Nov 2021 21:52:24 GMT
content-type: text/html; charset=utf-8
content-length: 306
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
accept-ch-lifetime: 604800
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization, origin, x-requested-with, cookie, content-type, accept-ch
access-control-allow-methods: POST, GET
access-control-allow-origin
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 08:16:03 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame C071 52 KB
17 KB 71ms
27ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Wed, 03 Nov 2021 21:52:26 GMT
Date: Tue, 02 Nov 2021 21:52:24 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame 6917 0
159 B 70ms
69ms Document
text/html 88.212.252.2
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.212.252.2 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame FC42 442 B
348 B 33ms
33ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

server: nginx
date: Tue, 02 Nov 2021 21:52:24 GMT
content-type: text/html; charset=utf-8
content-length: 306
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
accept-ch-lifetime: 604800
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization, origin, x-requested-with, cookie, content-type, accept-ch
access-control-allow-methods: POST, GET
access-control-allow-origin
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 08:16:03 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 064B 52 KB
17 KB 78ms
29ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Wed, 03 Nov 2021 21:52:26 GMT
Date: Tue, 02 Nov 2021 21:52:24 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame B50A 0
159 B 69ms
69ms Document
text/html 88.212.252.2
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.212.252.2 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame 0EC6 442 B
348 B 33ms
33ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

server: nginx
date: Tue, 02 Nov 2021 21:52:24 GMT
content-type: text/html; charset=utf-8
content-length: 306
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
accept-ch-lifetime: 604800
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization, origin, x-requested-with, cookie, content-type, accept-ch
access-control-allow-methods: POST, GET
access-control-allow-origin
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 08:16:03 GMT
vary: Accept-Encoding

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame FF78 0
159 B 68ms
67ms Document
text/html 88.212.252.2
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.212.252.2 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame DC33 442 B
348 B 32ms
32ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

server: nginx
date: Tue, 02 Nov 2021 21:52:24 GMT
content-type: text/html; charset=utf-8
content-length: 306
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
accept-ch-lifetime: 604800
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization, origin, x-requested-with, cookie, content-type, accept-ch
access-control-allow-methods: POST, GET
access-control-allow-origin
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 08:16:03 GMT
vary: Accept-Encoding

GET
H2 200 apacdex Show response
sync.quantumdex.io/usersync/ Frame C5CE 3 KB
798 B 158ms
157ms Document
text/html 2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/apacdex
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94e8d8f83302bda3ed4be6f5137a76a8f5643327be490f4ac1598a54231d146c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
content-type: text/html
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a8096f64e3b0e06-MXP
content-encoding: gzip

GET
H2 200 apacdex Show response
sync.quantumdex.io/usersync/ Frame B1F8 3 KB
795 B 152ms
150ms Document
text/html 2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/apacdex
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 135204107165e54331e24daab6240378ec324d61d93457685ac665efd401ea08

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
content-type: text/html
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a8096f64e450e06-MXP
content-encoding: gzip

GET
H2 200 apacdex Show response
sync.quantumdex.io/usersync/ Frame 9688 3 KB
933 B 149ms
148ms Document
text/html 2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/apacdex
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 260ef93bb89130614a4d3ff6448bac862f17fdafcb435e1c0973ab8aaa711356

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
content-type: text/html
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a8096f65e480e06-MXP
content-encoding: gzip

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame 3112 1 KB
704 B 73ms
73ms Document
text/html 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a8096f658053753-MXP
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 68B9 2 KB
823 B 3949ms
3948ms Document
text/html 51.75.86.98

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1635889941038

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame E48D 2 KB
823 B 3949ms
3949ms Document
text/html 51.75.86.98

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1635889941035

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 204 /
onetag-sys.com/usync/ 0
52 B 3952ms
3949ms Image
text/plain 51.75.86.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7026093813632268437&gdpr=0&gdpr_consent=

43 B
448 B

18ms
18ms

Image
image/gif

185.86.139.115
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7026093813632268437&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:24 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location: https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7026093813632268437&gdpr=0&gdpr_consent=
Date: Tue, 02 Nov 2021 21:52:25 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=37cd6181-b315-4a01-9dc4-5b657bf75408&gdpr=0&gdpr_consent=

43 B
425 B

94ms
18ms

Image
image/gif

185.86.139.115
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=37cd6181-b315-4a01-9dc4-5b657bf75408&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:23 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: MT3 4067 88cc6bf master zrh-pixel-x12 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=37cd6181-b315-4a01-9dc4-5b657bf75408&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 02 Nov 2021 21:52:23 GMT

GET
H2 204 get_user_agent_id
cookie-matching.mediarithmics.com/v1/ 0
85 B 65ms
16ms Image
text/plain 164.132.158.126
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=smart17&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

164.132.158.126 , France, ASN16276 (OVH, FR),

Reverse DNS

ip126.ip-164-132-158.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
strict-transport-security: max-age=63072000;includeSubDomains;preload

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=cf40501b-bda5-419d-aa55-d5c5593146ff&gdpr=0&gdpr_consent=

43 B
425 B

53ms
17ms

Image
image/gif

185.86.139.115
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=cf40501b-bda5-419d-aa55-d5c5593146ff&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:23 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:23 GMT
server: Kestrel
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=cf40501b-bda5-419d-aa55-d5c5593146ff&gdpr=0&gdpr_consent=
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 13120321
content-length: 0
expires: Tue, 02 Nov 2021 00:00:00 GMT

GET
H/1.1 204
No Content /
b1sync.zemanta.com/usersync/smart/ 0
64 B 451ms
109ms Image
text/plain 50.31.142.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.31.142.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 21:52:24 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 44ms
15ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1217
date: Tue, 02 Nov 2021 21:52:23 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib/ Frame C71C 103 KB
27 KB 112ms
44ms Script
application/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wifi32.ras.wp.pl
Software: nginx /
Resource Hash: af835718d2bbc006f11104cbd1258b00c59804cbcfda40488707a58c672b2e94

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
content-encoding: br
last-modified: Wed, 27 Oct 2021 14:07:23 GMT
server: nginx
etag: W/"962d07016767b8ecfd9e5a6f757b7c4f"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, stale-while-revalidate=86400
x-rgw-object-type: Normal
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib/ Frame 18BF 103 KB
27 KB 124ms
57ms Script
application/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wifi32.ras.wp.pl
Software: nginx /
Resource Hash: af835718d2bbc006f11104cbd1258b00c59804cbcfda40488707a58c672b2e94

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
content-encoding: br
last-modified: Wed, 27 Oct 2021 14:07:23 GMT
server: nginx
etag: W/"962d07016767b8ecfd9e5a6f757b7c4f"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, stale-while-revalidate=86400
x-rgw-object-type: Normal
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib/ Frame FC42 103 KB
27 KB 137ms
69ms Script
application/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wifi32.ras.wp.pl
Software: nginx /
Resource Hash: af835718d2bbc006f11104cbd1258b00c59804cbcfda40488707a58c672b2e94

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
content-encoding: br
last-modified: Wed, 27 Oct 2021 14:07:23 GMT
server: nginx
etag: W/"962d07016767b8ecfd9e5a6f757b7c4f"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, stale-while-revalidate=86400
x-rgw-object-type: Normal
timing-allow-origin: *
access-control-allow-headers: *

GET
H2

200

match
ads.betweendigital.com/ Frame E65D
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://x.bidswitch.net/ul_cb/sync?ssp=between
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=b3b0198e-6501-408d-b08a-a55ff055dce3
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=b3b0198e-6501-408d-b08a-a55ff055dce3
https://x.bidswitch.net/sync?dsp_id=4&user_id=c2f1760c-f2fd-48c2-aaba-8eac511ce7ce&ssp=between&expires=30&user_group=5&bsw_param=b3b0198e-6501-408d-b08a-a55ff055dce3
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b3b0198e-6501-408d-b08a-a55ff055dce3

68 B
607 B

98ms
97ms

Image
image/png

88.212.252.2
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b3b0198e-6501-408d-b08a-a55ff055dce3
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 88.212.252.2 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=b3b0198e-6501-408d-b08a-a55ff055dce3
Date: Tue, 02 Nov 2021 21:52:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
ads.betweendigital.com/ Frame E65D
Redirect Chain

https://px.adhigh.net/p/cm/btw
https://px.adhigh.net/p/cm/btw?bounced=1
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=8eZzOFdEKI4.AikABlF84qOWug

68 B
607 B

65ms
64ms

Image
image/png

88.212.252.2
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=8eZzOFdEKI4.AikABlF84qOWug
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 88.212.252.2 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:24 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f4-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=8eZzOFdEKI4.AikABlF84qOWug
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame E65D
Redirect Chain

https://sync.bumlam.com/?src=bw1&uid=6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiY5oaMBlIFvp7KygpiJDZmMmNmZWYwLThmOWYtNTEzMy04MjZhLTU0ZTVlM2ViZTdmMQ**
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiY5oaMBlIFvp7KygpiJDZmMmNmZWYwLThmOWYtNTEzMy04MjZhLTU0ZTVlM2ViZTdmMaIBECm358w8JxHspukAJZDIJDc*
https://sync.bumlam.com/?src=bw1&s_data=CAIQABiY5oaMBmIkNmYyY2ZlZjAtOGY5Zi01MTMzLTgyNmEtNTRlNWUzZWJlN2YxogEQKbfnzDwnEeym6QAlkMgkNw**
https://sync.bumlam.com/?src=bw1&s_data=CAIQARiY5oaMBmIkNmYyY2ZlZjAtOGY5Zi01MTMzLTgyNmEtNTRlNWUzZWJlN2YxogEQKbfnzDwnEeym6QAlkMgkNw**
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=29b7e7cc-3c27-11ec-a6e9-002590c82437

68 B
607 B

153ms
153ms

Image
image/png

88.212.252.2
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=18&external_user_id=29b7e7cc-3c27-11ec-a6e9-002590c82437
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 88.212.252.2 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: nginx
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://ads.betweendigital.com/match?bidder_id=18&external_user_id=29b7e7cc-3c27-11ec-a6e9-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0

GET
H2

200

match
ads.betweendigital.com/ Frame E65D
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=4f681b0473f12007d534bb6d

68 B
607 B

64ms
64ms

Image
image/png

88.212.252.2
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=114&external_user_id=4f681b0473f12007d534bb6d
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 88.212.252.2 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Date: Tue, 02 Nov 2021 21:52:24 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ads.betweendigital.com/match?bidder_id=114&external_user_id=4f681b0473f12007d534bb6d
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib/ Frame 0EC6 103 KB
27 KB 131ms
70ms Script
application/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wifi32.ras.wp.pl
Software: nginx /
Resource Hash: af835718d2bbc006f11104cbd1258b00c59804cbcfda40488707a58c672b2e94

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
content-encoding: br
last-modified: Wed, 27 Oct 2021 14:07:23 GMT
server: nginx
etag: W/"962d07016767b8ecfd9e5a6f757b7c4f"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, stale-while-revalidate=86400
x-rgw-object-type: Normal
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib/ Frame DC33 103 KB
27 KB 84ms
70ms Script
application/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wifi32.ras.wp.pl
Software: nginx /
Resource Hash: af835718d2bbc006f11104cbd1258b00c59804cbcfda40488707a58c672b2e94

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
content-encoding: br
last-modified: Wed, 27 Oct 2021 14:07:23 GMT
server: nginx
etag: W/"962d07016767b8ecfd9e5a6f757b7c4f"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, stale-while-revalidate=86400
x-rgw-object-type: Normal
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 bidder_18.html Show response
cache.betweendigital.com/code/ Frame 0877 4 KB
1 KB 142ms
6ms Document
text/html 151.236.71.82
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1&CACHEBUSTER=556578
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.82 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/

Response headers

server: nginx
date: Tue, 02 Nov 2021 21:52:24 GMT
content-type: text/html
last-modified: Tue, 08 Jun 2021 15:45:03 GMT
etag: W/"60bf907f-ee9"
content-encoding: gzip

GET
H2

200

match
ads.betweendigital.com/ Frame 7340
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://px.adhigh.net/p/cm/bsw?u=b3b0198e-6501-408d-b08a-a55ff055dce3&bidswitch_ssp_id=between
https://px.adhigh.net/p/cm/bsw?u=b3b0198e-6501-408d-b08a-a55ff055dce3&bidswitch_ssp_id=between&bounced=1
https://x.bidswitch.net/sync?dsp_id=9&user_id=8eZzOFdEKI4.AikABlF84qOWug&expires=30&ssp=between
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b3b0198e-6501-408d-b08a-a55ff055dce3

68 B
607 B

153ms
153ms

Image
image/png

88.212.252.2
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b3b0198e-6501-408d-b08a-a55ff055dce3
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 88.212.252.2 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=b3b0198e-6501-408d-b08a-a55ff055dce3
Date: Tue, 02 Nov 2021 21:52:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
ads.betweendigital.com/ Frame 7340
Redirect Chain

https://px.adhigh.net/p/cm/btw
https://px.adhigh.net/p/cm/btw?bounced=1
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=8eZzOFdEKI4.AikABlF84qOWug

68 B
607 B

66ms
65ms

Image
image/png

88.212.252.2
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=8eZzOFdEKI4.AikABlF84qOWug
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 88.212.252.2 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:24 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f4-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=8eZzOFdEKI4.AikABlF84qOWug
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame 7340
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=4f681b0473f12007d534bb6d

68 B
607 B

66ms
65ms

Image
image/png

88.212.252.2
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=114&external_user_id=4f681b0473f12007d534bb6d
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 88.212.252.2 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Date: Tue, 02 Nov 2021 21:52:24 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ads.betweendigital.com/match?bidder_id=114&external_user_id=4f681b0473f12007d534bb6d
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2

200

match
ads.betweendigital.com/ Frame 7340
Redirect Chain

https://sync.bumlam.com/?src=bw1&uid=6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiY5oaMBlIFvp7KygpiJDZmMmNmZWYwLThmOWYtNTEzMy04MjZhLTU0ZTVlM2ViZTdmMQ**
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiY5oaMBlIFvp7KygpiJDZmMmNmZWYwLThmOWYtNTEzMy04MjZhLTU0ZTVlM2ViZTdmMaIBECm36248JxHshuAAJZDAZHw*
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQAhiY5oaMBlIFvp7KygpiJDZmMmNmZWYwLThmOWYtNTEzMy04MjZhLTU0ZTVlM2ViZTdmMaIBECm358w8JxHspukAJZDIJDc*
https://sync.bumlam.com/?src=bw1&s_data=CAIQABiY5oaMBmIkNmYyY2ZlZjAtOGY5Zi01MTMzLTgyNmEtNTRlNWUzZWJlN2YxogEQKbfnzDwnEeym6QAlkMgkNw**
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=29b7e7cc-3c27-11ec-a6e9-002590c82437

68 B
607 B

154ms
154ms

Image
image/png

88.212.252.2
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=18&external_user_id=29b7e7cc-3c27-11ec-a6e9-002590c82437
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 88.212.252.2 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: nginx
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://ads.betweendigital.com/match?bidder_id=18&external_user_id=29b7e7cc-3c27-11ec-a6e9-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0

GET
H2 200 bidder_18.html Show response
cache.betweendigital.com/code/ Frame 3742 4 KB
1 KB 128ms
7ms Document
text/html 151.236.71.82
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1&CACHEBUSTER=539532
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.82 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/

Response headers

server: nginx
date: Tue, 02 Nov 2021 21:52:24 GMT
content-type: text/html
last-modified: Tue, 08 Jun 2021 15:45:03 GMT
etag: W/"60bf907f-ee9"
content-encoding: gzip

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 6418 0
731 B 15ms
14ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 79eeeb99-fbe2-4e35-8e23-0a013585a6cf
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3972 0
731 B 18ms
18ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 4480cf3f-1869-4c6a-b0cf-542955ccb2db
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame C071 0
731 B 35ms
33ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5fee7cb6-e1f8-46de-88ee-5c8132b7c10e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0CAB 0
731 B 40ms
40ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 352f0890-2945-4569-a900-f703580ab95a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 064B 0
731 B 55ms
55ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f2dfadb5-bb76-4fe5-ab52-7152bb83b03d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 1
sync-eu.connectad.io/syncer/ Frame A7A6 0
0 55ms
45ms Document
text/plain 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-eu.connectad.io/syncer/1
Requested by: Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.connectad.io/

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cache-control: no-cache, private
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a8096f7ab7f3753-MXP

GET
H2

200

setuid
sync.quantumdex.io/ Frame 9688
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-M_.U.AZE2uFHkmQJuod5kRwAMXedCJmxHbhGPY0-~A

43 B
95 B

277ms
275ms

Image
image/gif

2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-M_.U.AZE2uFHkmQJuod5kRwAMXedCJmxHbhGPY0-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f82a4a0e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-M_.U.AZE2uFHkmQJuod5kRwAMXedCJmxHbhGPY0-~A
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200

1.gif
id5-sync.com/c/495/0/0/ Frame 9688
Redirect Chain

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

43 B
1 KB

8ms
7ms

Image
image/gif

51.89.21.5
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Server

51.89.21.5 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p38.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 21:52:15 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

Location: https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date: Tue, 02 Nov 2021 21:52:15 GMT
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H2 200 cs
cs.lkqd.net/ Frame 9688 43 B
309 B 280ms
90ms Image
image/gif 146.20.132.120
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=758&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dlkqd-desktop%26uid%3D%24%24userId%24%24
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.120 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

setuid
sync.quantumdex.io/ Frame 9688
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5144825251432877873

43 B
95 B

153ms
148ms

Image
image/gif

2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5144825251432877873
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f7e9d90e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3e7932a6-7428-46b1-8051-e2823335cbdb
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5144825251432877873
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 9688
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=7b6f1b2a-96f2-440d-9c1d-15a0c45be396

43 B
95 B

147ms
146ms

Image
image/gif

2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=7b6f1b2a-96f2-440d-9c1d-15a0c45be396
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f93c9e0e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=7b6f1b2a-96f2-440d-9c1d-15a0c45be396
date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f7c9800e06-MXP
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H2

200

setuid
sync.quantumdex.io/ Frame 9688
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5144825251432877873

43 B
95 B

155ms
151ms

Image
image/gif

2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5144825251432877873
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f7e9da0e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e85bc9ec-d5aa-4b0c-a64b-48b5e3122f23
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5144825251432877873
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 9688
Redirect Chain

https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3896099349
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3896099349
https://sync.1rx.io/usersync/tradedesk/8e1782ca-b848-417c-ad73-a00de8522d67
https://sync.targeting.unrulymedia.com/csync/RX-3c63a55e-01af-4095-8f3e-422e69994212-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-3c63a55e-01af-4095-8f3e-422e699...
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-3c63a55e-01af-4095-8f3e-422e69994212-003

43 B
95 B

164ms
164ms

Image
image/gif

2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-3c63a55e-01af-4095-8f3e-422e69994212-003
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f98d0f0e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-3c63a55e-01af-4095-8f3e-422e69994212-003
date: Tue, 02 Nov 2021 21:52:24 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX3c63a55e01af40958f3e422e69994212003
content-type: text/html

GET
H2

200

setuid
sync.quantumdex.io/ Frame 9688
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP29ba9eb6-3c27-11ec-9925-02b6d90ce87a
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP29ba9eb6-3c27-11ec-9925-02b6d90ce87a

43 B
95 B

151ms
151ms

Image
image/gif

2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP29ba9eb6-3c27-11ec-9925-02b6d90ce87a
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f89b3e0e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP29ba9eb6-3c27-11ec-9925-02b6d90ce87a
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 9688
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4f681b0473f12007d534bb6d

43 B
95 B

150ms
147ms

Image
image/gif

2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4f681b0473f12007d534bb6d
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f80a130e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Tue, 02 Nov 2021 21:52:24 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4f681b0473f12007d534bb6d
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 9688 0
474 B 86ms
14ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 9688
Redirect Chain

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=d35b0059-5249-4829-8009-5a42a0d432e8

43 B
95 B

149ms
149ms

Image
image/gif

2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=d35b0059-5249-4829-8009-5a42a0d432e8
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f82a520e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=d35b0059-5249-4829-8009-5a42a0d432e8
date: Tue, 02 Nov 2021 21:52:24 GMT
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 0953
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4f681b0473f12007d534bb6d

43 B
95 B

150ms
150ms

Image
image/gif

2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4f681b0473f12007d534bb6d
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f81a1e0e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Tue, 02 Nov 2021 21:52:24 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4f681b0473f12007d534bb6d
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2 200 cs
cs.lkqd.net/ Frame 0953 43 B
308 B 287ms
91ms Image
image/gif 146.20.132.120
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=758&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dlkqd-desktop%26uid%3D%24%24userId%24%24
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.120 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 0953 0
474 B 84ms
13ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 0953
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5144825251432877873

43 B
118 B

287ms
284ms

Image
image/gif

2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5144825251432877873
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f82a370e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: cef4caa8-26f2-4371-ad85-99f8dee75290
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5144825251432877873
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 0953
Redirect Chain

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=16b5ddd5-bf55-4400-9fa1-76f739143ba1

43 B
95 B

150ms
148ms

Image
image/gif

2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=16b5ddd5-bf55-4400-9fa1-76f739143ba1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f81a1a0e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=16b5ddd5-bf55-4400-9fa1-76f739143ba1
date: Tue, 02 Nov 2021 21:52:24 GMT
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 0953
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-M_.U.AZE2uFHkmQJuod5kRwAMXedCJmxHbhGPY0-~A

43 B
95 B

154ms
153ms

Image
image/gif

2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-M_.U.AZE2uFHkmQJuod5kRwAMXedCJmxHbhGPY0-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f82a430e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-M_.U.AZE2uFHkmQJuod5kRwAMXedCJmxHbhGPY0-~A
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200

1.gif
id5-sync.com/c/495/0/0/ Frame 0953
Redirect Chain

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

43 B
1 KB

13ms
13ms

Image
image/gif

51.89.21.5
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Server

51.89.21.5 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p38.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 21:52:15 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

Location: https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date: Tue, 02 Nov 2021 21:52:15 GMT
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H2

200

setuid
sync.quantumdex.io/ Frame 0953
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5144825251432877873

43 B
95 B

274ms
273ms

Image
image/gif

2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5144825251432877873
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f82a4f0e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b4ae9936-bded-4217-bf5d-59ed14b9c7ee
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5144825251432877873
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 0953
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=66a89f12-5ab4-4ea4-9d80-ca26f2f8e17c

43 B
95 B

165ms
165ms

Image
image/gif

2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=66a89f12-5ab4-4ea4-9d80-ca26f2f8e17c
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f93c930e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=66a89f12-5ab4-4ea4-9d80-ca26f2f8e17c
date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f7c9830e06-MXP
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H2

200

RX-3c63a55e-01af-4095-8f3e-422e69994212-003
sync.targeting.unrulymedia.com/csync/ Frame 0953
Redirect Chain

https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3763736074
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3763736074
https://sync.1rx.io/usersync/tradedesk/93fd85dc-2c35-4966-93ea-5d3eceb7b5bf
https://sync.targeting.unrulymedia.com/csync/RX-3c63a55e-01af-4095-8f3e-422e69994212-003

43 B
395 B

41ms
14ms

Image
image/gif

213.19.147.45
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-3c63a55e-01af-4095-8f3e-422e69994212-003
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
server: Tengine
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-3c63a55e-01af-4095-8f3e-422e69994212-003
pragma: no-cache
date: Tue, 02 Nov 2021 21:52:24 GMT
cache-control: no-store, no-cache, must-revalidate
server: Tengine
content-type: text/html
expires: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 0953
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP29ba9eb6-3c27-11ec-9925-02b6d90ce87a
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP29ba9eb6-3c27-11ec-9925-02b6d90ce87a

43 B
95 B

291ms
291ms

Image
image/gif

2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP29ba9eb6-3c27-11ec-9925-02b6d90ce87a
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f89b400e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP29ba9eb6-3c27-11ec-9925-02b6d90ce87a
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame B1F8 0
478 B 82ms
13ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame B1F8
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5144825251432877873

43 B
95 B

151ms
148ms

Image
image/gif

2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5144825251432877873
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f7e9bd0e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 64766324-c416-41fc-a2ef-3729b8017530
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5144825251432877873
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame B1F8
Redirect Chain

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=a5ff3dc6-2a08-4586-be02-ea734b6beae7

43 B
95 B

166ms
164ms

Image
image/gif

2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=a5ff3dc6-2a08-4586-be02-ea734b6beae7
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f81a190e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=a5ff3dc6-2a08-4586-be02-ea734b6beae7
date: Tue, 02 Nov 2021 21:52:24 GMT
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame B1F8
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-O3m5wj9E2uHn_FTl_.RYCZ5qlpYLvwjKWVyRXLk-~A

43 B
95 B

271ms
270ms

Image
image/gif

2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-O3m5wj9E2uHn_FTl_.RYCZ5qlpYLvwjKWVyRXLk-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f82a4b0e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-O3m5wj9E2uHn_FTl_.RYCZ5qlpYLvwjKWVyRXLk-~A
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200

1.gif
id5-sync.com/c/495/0/0/ Frame B1F8
Redirect Chain

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

43 B
1 KB

15ms
15ms

Image
image/gif

51.89.21.5
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Server

51.89.21.5 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p38.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 21:52:15 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

Location: https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date: Tue, 02 Nov 2021 21:52:15 GMT
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H2 200 cs
cs.lkqd.net/ Frame B1F8 43 B
308 B 275ms
94ms Image
image/gif 146.20.132.120
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=758&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dlkqd-desktop%26uid%3D%24%24userId%24%24
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.120 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

setuid
sync.quantumdex.io/ Frame B1F8
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5144825251432877873

43 B
95 B

150ms
147ms

Image
image/gif

2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5144825251432877873
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f80a170e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 4eb3baa3-9605-404c-ad30-7db24fb9c59e
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5144825251432877873
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame B1F8
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=a6a8c8f9-fbbb-448a-9767-2fb4e4304e4d

43 B
95 B

155ms
155ms

Image
image/gif

2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=a6a8c8f9-fbbb-448a-9767-2fb4e4304e4d
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f95cc90e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=a6a8c8f9-fbbb-448a-9767-2fb4e4304e4d
date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f7c97e0e06-MXP
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H2

200

setuid
sync.quantumdex.io/ Frame B1F8
Redirect Chain

https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5381084455
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5381084455
https://sync.1rx.io/usersync/tradedesk/8e1782ca-b848-417c-ad73-a00de8522d67
https://sync.targeting.unrulymedia.com/csync/RX-3c63a55e-01af-4095-8f3e-422e69994212-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-3c63a55e-01af-4095-8f3e-422e699...
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-3c63a55e-01af-4095-8f3e-422e69994212-003

43 B
95 B

151ms
150ms

Image
image/gif

2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-3c63a55e-01af-4095-8f3e-422e69994212-003
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f98d0d0e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-3c63a55e-01af-4095-8f3e-422e69994212-003
date: Tue, 02 Nov 2021 21:52:24 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX3c63a55e01af40958f3e422e69994212003
content-type: text/html

GET
H2

200

setuid
sync.quantumdex.io/ Frame B1F8
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP29ba9eb6-3c27-11ec-9925-02b6d90ce87a
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP29ba9eb6-3c27-11ec-9925-02b6d90ce87a

43 B
95 B

272ms
272ms

Image
image/gif

2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP29ba9eb6-3c27-11ec-9925-02b6d90ce87a
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f89b3a0e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP29ba9eb6-3c27-11ec-9925-02b6d90ce87a
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame B1F8
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4f681b0473f12007d534bb6d

43 B
95 B

277ms
277ms

Image
image/gif

2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4f681b0473f12007d534bb6d
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f89b420e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Tue, 02 Nov 2021 21:52:24 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4f681b0473f12007d534bb6d
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2

200

setuid
sync.quantumdex.io/ Frame C5CE
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5144825251432877873

43 B
106 B

152ms
152ms

Image
image/gif

2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5144825251432877873
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f7d9a70e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: aade8137-8ddb-44eb-99c5-3cfd85b6d6ef
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5144825251432877873
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame C5CE
Redirect Chain

https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2471066311
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2471066311
https://sync.1rx.io/usersync/tradedesk/8e1782ca-b848-417c-ad73-a00de8522d67
https://sync.targeting.unrulymedia.com/csync/RX-3c63a55e-01af-4095-8f3e-422e69994212-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-3c63a55e-01af-4095-8f3e-422e699...
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-3c63a55e-01af-4095-8f3e-422e69994212-003

43 B
95 B

151ms
151ms

Image
image/gif

2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-3c63a55e-01af-4095-8f3e-422e69994212-003
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f98d100e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-3c63a55e-01af-4095-8f3e-422e69994212-003
date: Tue, 02 Nov 2021 21:52:24 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX3c63a55e01af40958f3e422e69994212003
content-type: text/html

GET
H2

200

setuid
sync.quantumdex.io/ Frame C5CE
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-O3m5wj9E2uHn_FTl_.RYCZ5qlpYLvwjKWVyRXLk-~A

43 B
95 B

146ms
145ms

Image
image/gif

2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-O3m5wj9E2uHn_FTl_.RYCZ5qlpYLvwjKWVyRXLk-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f85aa70e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-O3m5wj9E2uHn_FTl_.RYCZ5qlpYLvwjKWVyRXLk-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame C5CE
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP29ba9eb6-3c27-11ec-9925-02b6d90ce87a
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP29ba9eb6-3c27-11ec-9925-02b6d90ce87a

43 B
95 B

145ms
145ms

Image
image/gif

2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP29ba9eb6-3c27-11ec-9925-02b6d90ce87a
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f89b3c0e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP29ba9eb6-3c27-11ec-9925-02b6d90ce87a
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame C5CE
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4f681b0473f12007d534bb6d

43 B
95 B

153ms
152ms

Image
image/gif

2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4f681b0473f12007d534bb6d
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f82a510e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Tue, 02 Nov 2021 21:52:24 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4f681b0473f12007d534bb6d
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2 200 cs
cs.lkqd.net/ Frame C5CE 43 B
308 B 257ms
92ms Image
image/gif 146.20.132.120
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=758&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dlkqd-desktop%26uid%3D%24%24userId%24%24
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.120 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame C5CE 0
474 B 63ms
14ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame C5CE
Redirect Chain

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=52a65a48-07dd-4860-aee8-feed68a02d00

43 B
95 B

149ms
147ms

Image
image/gif

2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=52a65a48-07dd-4860-aee8-feed68a02d00
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f81a1c0e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=52a65a48-07dd-4860-aee8-feed68a02d00
date: Tue, 02 Nov 2021 21:52:24 GMT
content-length: 0

GET
H/1.1

200

1.gif
id5-sync.com/c/495/0/0/ Frame C5CE
Redirect Chain

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

43 B
1 KB

12ms
10ms

Image
image/gif

51.89.21.5
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Server

51.89.21.5 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p38.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 21:52:15 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

Location: https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date: Tue, 02 Nov 2021 21:52:15 GMT
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H2

200

setuid
sync.quantumdex.io/ Frame C5CE
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5144825251432877873

43 B
95 B

262ms
262ms

Image
image/gif

2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5144825251432877873
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f87af10e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3e495e61-ed2d-4339-8b1d-5f88339e678a
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5144825251432877873
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame C5CE
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=10fb9827-5f20-41d7-89f8-e79dcddf43f2

43 B
95 B

171ms
171ms

Image
image/gif

2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=10fb9827-5f20-41d7-89f8-e79dcddf43f2
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f9bd810e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=10fb9827-5f20-41d7-89f8-e79dcddf43f2
date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f83a5e0e06-MXP
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H2

200

setuid
sync.quantumdex.io/ Frame FEED
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5144825251432877873

43 B
95 B

159ms
155ms

Image
image/gif

2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5144825251432877873
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f7e9d60e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 1eef6a4f-ee39-4adf-b6a7-b3109b1c60bb
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=5144825251432877873
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame FEED
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=215445d3-723f-49fe-ada4-e2eccd961635

43 B
106 B

287ms
287ms

Image
image/gif

2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=215445d3-723f-49fe-ada4-e2eccd961635
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f8bb8e0e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=215445d3-723f-49fe-ada4-e2eccd961635
date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f7c9820e06-MXP
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H2

200

setuid
sync.quantumdex.io/ Frame FEED
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5144825251432877873

43 B
95 B

279ms
278ms

Image
image/gif

2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5144825251432877873
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f88b340e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 4a362c89-c69b-47d5-812a-c011110a4722
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=5144825251432877873
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame FEED
Redirect Chain

https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6464052314
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6464052314
https://sync.1rx.io/usersync/tradedesk/8e1782ca-b848-417c-ad73-a00de8522d67
https://sync.targeting.unrulymedia.com/csync/RX-3c63a55e-01af-4095-8f3e-422e69994212-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-3c63a55e-01af-4095-8f3e-422e699...
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-3c63a55e-01af-4095-8f3e-422e69994212-003

43 B
95 B

151ms
150ms

Image
image/gif

2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-3c63a55e-01af-4095-8f3e-422e69994212-003
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f98d0e0e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-3c63a55e-01af-4095-8f3e-422e69994212-003
date: Tue, 02 Nov 2021 21:52:24 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX3c63a55e01af40958f3e422e69994212003
content-type: text/html

GET
H2

200

setuid
sync.quantumdex.io/ Frame FEED
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-M_.U.AZE2uFHkmQJuod5kRwAMXedCJmxHbhGPY0-~A

43 B
95 B

150ms
149ms

Image
image/gif

2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-M_.U.AZE2uFHkmQJuod5kRwAMXedCJmxHbhGPY0-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f84a820e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-M_.U.AZE2uFHkmQJuod5kRwAMXedCJmxHbhGPY0-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame FEED
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP29ba9eb6-3c27-11ec-9925-02b6d90ce87a
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP29ba9eb6-3c27-11ec-9925-02b6d90ce87a

43 B
95 B

281ms
281ms

Image
image/gif

2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP29ba9eb6-3c27-11ec-9925-02b6d90ce87a
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f89b390e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP29ba9eb6-3c27-11ec-9925-02b6d90ce87a
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame FEED
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4f681b0473f12007d534bb6d

43 B
193 B

153ms
153ms

Image
image/gif

2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4f681b0473f12007d534bb6d
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f85aab0e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Tue, 02 Nov 2021 21:52:24 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4f681b0473f12007d534bb6d
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2 200 cs
cs.lkqd.net/ Frame FEED 43 B
308 B 253ms
92ms Image
image/gif 146.20.132.120
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=758&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dlkqd-desktop%26uid%3D%24%24userId%24%24
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.120 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame FEED 0
478 B 59ms
14ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame FEED
Redirect Chain

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=d35b0059-5249-4829-8009-5a42a0d432e8

43 B
95 B

148ms
147ms

Image
image/gif

2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=d35b0059-5249-4829-8009-5a42a0d432e8
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f81a1d0e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=d35b0059-5249-4829-8009-5a42a0d432e8
date: Tue, 02 Nov 2021 21:52:24 GMT
content-length: 0

GET
H/1.1 200 0.gif
id5-sync.com/i/495/ Frame FEED 43 B
1 KB 12ms
10ms Image
image/gif 51.89.21.5
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.21.5 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p38.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 21:52:15 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame D4E9 14 KB
5 KB 86ms
16ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=89050
expires: Wed, 03 Nov 2021 22:36:34 GMT
date: Tue, 02 Nov 2021 21:52:24 GMT
vary: Accept-Encoding

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 170D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
3 KB

44ms
44ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94488e121b5b9478a9ee12e927721cb15c185370ff98f60e523016ddee4dfd2c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 39|230|241|45|191|81|3|31
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1757
Expires: Tue, 02 Nov 2021 21:52:24 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Tue, 02 Nov 2021 21:52:24 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Connection: keep-alive

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame CE98 2 KB
823 B 3730ms
3724ms Document
text/html 51.75.86.98

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK uc.html Show response
sync.go.sonobi.com/ Frame 2B47 43 B
551 B 63ms
14ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

Date: Tue, 02 Nov 2021 21:52:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame B551 2 KB
823 B 3724ms
3717ms Document
text/html 51.75.86.98

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 1EF4
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
3 KB

32ms
32ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 480d5b028c764f430abceb5dc43f7bad59001a0bbaa4d71beb7b67846fbd42b5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 39|45|241|230|90|46|51|57
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1618
Expires: Tue, 02 Nov 2021 21:52:24 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Tue, 02 Nov 2021 21:52:24 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Connection: keep-alive

GET
H/1.1 200
OK uc.html Show response
sync.go.sonobi.com/ Frame B685 43 B
551 B 59ms
14ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

Date: Tue, 02 Nov 2021 21:52:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 47A7 14 KB
5 KB 88ms
28ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=89050
expires: Wed, 03 Nov 2021 22:36:34 GMT
date: Tue, 02 Nov 2021 21:52:24 GMT
vary: Accept-Encoding

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame F006
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
3 KB

33ms
32ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5e0780e3675a5f9313cb1f81de033f6a0d8d1b7b70f0f76825d899db6b6510a8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 39|230|241|45|196|8|156|81
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1570
Expires: Tue, 02 Nov 2021 21:52:24 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Tue, 02 Nov 2021 21:52:24 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Connection: keep-alive

GET
H/1.1 200
OK uc.html Show response
sync.go.sonobi.com/ Frame A910 43 B
555 B 54ms
14ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

Date: Tue, 02 Nov 2021 21:52:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 654A 14 KB
5 KB 75ms
20ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=89050
expires: Wed, 03 Nov 2021 22:36:34 GMT
date: Tue, 02 Nov 2021 21:52:24 GMT
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame CE7D 2 KB
823 B 3712ms
3704ms Document
text/html 51.75.86.98

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame F747
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

1 KB
3 KB

34ms
34ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 033a611844f324323caf67b48848e90d87ea61a9577a72d51db985c96620fb0d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 39|241|45|230|5|51|8|130
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1477
Expires: Tue, 02 Nov 2021 21:52:24 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Tue, 02 Nov 2021 21:52:24 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Connection: keep-alive

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame B761 2 KB
823 B 3709ms
3701ms Document
text/html 51.75.86.98

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK uc.html Show response
sync.go.sonobi.com/ Frame 62BB 43 B
555 B 44ms
15ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

Date: Tue, 02 Nov 2021 21:52:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 583A 14 KB
5 KB 68ms
22ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=89050
expires: Wed, 03 Nov 2021 22:36:34 GMT
date: Tue, 02 Nov 2021 21:52:24 GMT
vary: Accept-Encoding

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 5108
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
3 KB

32ms
32ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 36bcddc52d8e87544a4bbf8615f54388da33b1d0df839fe29b3f7af885357284

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 39|230|241|45|31|188|57|13
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1711
Expires: Tue, 02 Nov 2021 21:52:24 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Tue, 02 Nov 2021 21:52:24 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Connection: keep-alive

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 71FC 14 KB
5 KB 64ms
19ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=89050
expires: Wed, 03 Nov 2021 22:36:34 GMT
date: Tue, 02 Nov 2021 21:52:24 GMT
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame FCF1 2 KB
823 B 3705ms
3701ms Document
text/html 51.75.86.98

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK uc.html Show response
sync.go.sonobi.com/ Frame 01B6 43 B
551 B 40ms
14ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

Date: Tue, 02 Nov 2021 21:52:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go

GET
H2

200

match
ads.betweendigital.com/ Frame 0877
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=b3b0198e-6501-408d-b08a-a55ff055dce3
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=b3b0198e-6501-408d-b08a-a55ff055dce3
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=54c7b7f3-56da-40c6-9cf0-efe7264e8a85&user_group=1&ssp=between&bsw_param=b3b0198e-6501-408d-b08a-a55ff055dce3
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b3b0198e-6501-408d-b08a-a55ff055dce3

68 B
607 B

77ms
77ms

Image
image/png

88.212.252.2
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b3b0198e-6501-408d-b08a-a55ff055dce3
Protocol: H2
Server: 88.212.252.2 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=b3b0198e-6501-408d-b08a-a55ff055dce3
Date: Tue, 02 Nov 2021 21:52:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame D4E9 0
42 B 80ms
19ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=93159734&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
content-length: 0

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 1EF4 70 B
264 B 30ms
30ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:24 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1EF4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YYGzGH0WI6VfETmpxXDmIAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENY5djT9SxUk-0M-0wcsZDs&google_cver=1&gdpr=1

43 B
1000 B

65ms
44ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENY5djT9SxUk-0M-0wcsZDs&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 02 Nov 2021 21:52:24 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENY5djT9SxUk-0M-0wcsZDs&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 1EF4
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYGzGH0WI6VfETmpxXDmIAAABGsAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYGzGH0WI6VfETmpxXDmIAAABGsAAAAB&dcc=t

43 B
645 B

113ms
113ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYGzGH0WI6VfETmpxXDmIAAABGsAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: HDASDPRSPZCSADEZGAB9
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 26GJQ3RVZ5K1NEW49AVF
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYGzGH0WI6VfETmpxXDmIAAABGsAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 1EF4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYGzGH0WI6VfETmpxXDmIAAABGsAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YYGzGH0WI6VfETmpxXDmIAAABGsAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEHcetweNtLp9-n28pUyY0PE&google_cver=1

43 B
315 B

26ms
25ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEHcetweNtLp9-n28pUyY0PE&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 02 Nov 2021 21:52:24 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEHcetweNtLp9-n28pUyY0PE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

no_match_opted_out
um.simpli.fi/ Frame 1EF4
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
https://um.simpli.fi/no_match_opted_out

0
272 B

18ms
18ms

Image
text/plain

159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/no_match_opted_out

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 02 Nov 2021 21:52:24 GMT
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS

Redirect headers

date: Tue, 02 Nov 2021 21:52:24 GMT
x-content-type-options: nosniff
server: openresty
location: /no_match_opted_out
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 01 Nov 2021 21:52:24 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame 1EF4 0
0 69ms
32ms Image
text/html 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 1EF4 43 B
220 B 9ms
7ms Image
image/gif 18.156.98.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.156.98.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-98-241.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 21:52:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1EF4
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5133329519424007597

43 B
1007 B

73ms
37ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5133329519424007597
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 02 Nov 2021 21:52:24 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5133329519424007597
Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 setuid
sync.quantumdex.io/ Frame 1EF4 43 B
95 B 173ms
167ms Image
image/gif 2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YYGzGH0WI6VfETmpxXDmIAAABGsAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f8fc000e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame F006 70 B
264 B 30ms
30ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:24 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame F006
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYGzGH0WI6VfETmpxXDmIQAABHQAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YYGzGH0WI6VfETmpxXDmIQAABHQAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJcDqfOvg64traUZd3jRrrE&google_cver=1

43 B
315 B

26ms
25ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJcDqfOvg64traUZd3jRrrE&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 02 Nov 2021 21:52:24 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJcDqfOvg64traUZd3jRrrE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame F006
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYGzGH0WI6VfETmpxXDmIQAABHQAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYGzGH0WI6VfETmpxXDmIQAABHQAAAAB&dcc=t

43 B
645 B

113ms
113ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYGzGH0WI6VfETmpxXDmIQAABHQAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: VDW6FRKAFRAW6CRKRPRK
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: DQW91GWDV1196ADTD5GX
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYGzGH0WI6VfETmpxXDmIQAABHQAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame F006
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YYGzGH0WI6VfETmpxXDmIAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEExllE-QwWxUuQKAbEe-vNw&google_cver=1&gdpr=1

43 B
1000 B

64ms
39ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEExllE-QwWxUuQKAbEe-vNw&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 02 Nov 2021 21:52:24 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEExllE-QwWxUuQKAbEe-vNw&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame F006
Redirect Chain

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

43 B
315 B

46ms
26ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 02 Nov 2021 21:52:24 GMT

Redirect headers

date: Tue, 02 Nov 2021 21:52:24 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame F006
Redirect Chain

https://beacon.lynx.cognitivlabs.com/ix.gif
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=eb1525da-ce4b-4f05-bb20-917f6edff842&expiration=1667425944

43 B
1 KB

25ms
25ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=eb1525da-ce4b-4f05-bb20-917f6edff842&expiration=1667425944
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 02 Nov 2021 21:52:24 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=eb1525da-ce4b-4f05-bb20-917f6edff842&expiration=1667425944
date: Tue, 02 Nov 2021 21:52:24 GMT
server: Kestrel
content-length: 0

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame F006 35 B
380 B 411ms
108ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

X-ServerName: Track003-dc3
Pragma: no-cache
Date: Tue, 02 Nov 2021 21:51:46 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F006
Redirect Chain

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=LjL7vXow8rQ1NPS-fGHu7Swz9b01M_DqLWfEA1i2

43 B
1013 B

67ms
31ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=LjL7vXow8rQ1NPS-fGHu7Swz9b01M_DqLWfEA1i2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 02 Nov 2021 21:52:24 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:24 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=LjL7vXow8rQ1NPS-fGHu7Swz9b01M_DqLWfEA1i2
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 setuid
sync.quantumdex.io/ Frame F006 43 B
95 B 287ms
279ms Image
image/gif 2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YYGzGH0WI6VfETmpxXDmIQAABHQAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f8fc100e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 5108 70 B
264 B 31ms
30ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:24 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 5108
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYGzGAGhWkIV76meDNGawwAABG0AAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YYGzGAGhWkIV76meDNGawwAABG0AAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEHy7tXV_lT_M7G9XwutFroE&google_cver=1

43 B
315 B

24ms
23ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEHy7tXV_lT_M7G9XwutFroE&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 02 Nov 2021 21:52:24 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEHy7tXV_lT_M7G9XwutFroE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 5108
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYGzGAGhWkIV76meDNGawwAABG0AAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYGzGAGhWkIV76meDNGawwAABG0AAAAB&dcc=t

43 B
645 B

107ms
107ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYGzGAGhWkIV76meDNGawwAABG0AAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 3DZSRENABJGNQM47J4S4
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 2S7HVTHGWJRWQ9EFET0K
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYGzGAGhWkIV76meDNGawwAABG0AAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 5108
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YYGzGH0WI6VfETmpxXDmIAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBH0YBgm4VkT0CrOH5b42PM&google_cver=1&gdpr=1

43 B
1000 B

68ms
26ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBH0YBgm4VkT0CrOH5b42PM&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 02 Nov 2021 21:52:24 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEBH0YBgm4VkT0CrOH5b42PM&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame 5108
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6891763441790670284&uid=Q6891763441790670284&ref=%2Feucm%2Fp%2Fcc
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

18ms
18ms

Image
image/gif

104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/5.3.3
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK CookieIndex
rtb.adentifi.com/ Frame 5108 0
88 B 416ms
107ms Image
text/plain 52.3.173.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieIndex
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.173.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-173-52.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 5108
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5123196420304977629

43 B
1007 B

66ms
32ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5123196420304977629
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 02 Nov 2021 21:52:24 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5123196420304977629
Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET indexexchange
sync.adotmob.com/cookie/ Frame 5108 0
0

GET
H2 200 setuid
sync.quantumdex.io/ Frame 5108 43 B
95 B 166ms
156ms Image
image/gif 2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YYGzGAGhWkIV76meDNGawwAABG0AAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f8fc1d0e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame F747 70 B
264 B 31ms
31ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:24 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame F747
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYGzGAGhWkIV76meDNGaxAAABFgAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYGzGAGhWkIV76meDNGaxAAABFgAAAIB&dcc=t

43 B
645 B

113ms
113ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYGzGAGhWkIV76meDNGaxAAABFgAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 2CT7BJ8C15H0XAE3ZJPG
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 06KVTHBMTT8Y837KB02X
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYGzGAGhWkIV76meDNGaxAAABFgAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame F747
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YYGzGH0WI6VfETmpxXDmIAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENUN-zkS_eL_KL_vNyTKWCI&google_cver=1&gdpr=1

43 B
1000 B

64ms
41ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENUN-zkS_eL_KL_vNyTKWCI&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 02 Nov 2021 21:52:24 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENUN-zkS_eL_KL_vNyTKWCI&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame F747
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYGzGAGhWkIV76meDNGaxAAABFgAAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YYGzGAGhWkIV76meDNGaxAAABFgAAAIB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEMjUZ4hGCjtM38iqIjxO4fw&google_cver=1

43 B
315 B

32ms
31ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEMjUZ4hGCjtM38iqIjxO4fw&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 02 Nov 2021 21:52:24 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEMjUZ4hGCjtM38iqIjxO4fw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ix
ad4m.at/ad/sim/ Frame F747 0
0 140ms
80ms Image
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame F747 43 B
220 B 13ms
7ms Image
image/gif 18.156.98.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.156.98.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-98-241.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 21:52:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame F747
Redirect Chain

https://beacon.lynx.cognitivlabs.com/ix.gif
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=5e8a6c59-88ae-442b-b04a-fda42cd41901&expiration=1667425944

43 B
1 KB

27ms
27ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=5e8a6c59-88ae-442b-b04a-fda42cd41901&expiration=1667425944
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 02 Nov 2021 21:52:24 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=5e8a6c59-88ae-442b-b04a-fda42cd41901&expiration=1667425944
date: Tue, 02 Nov 2021 21:52:24 GMT
server: Kestrel
content-length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame F747
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGep07DA2YAADfHDtoCIw&expiration=1637099544&gdpr=1

43 B
1 KB

29ms
28ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGep07DA2YAADfHDtoCIw&expiration=1637099544&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 02 Nov 2021 21:52:24 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGep07DA2YAADfHDtoCIw&expiration=1637099544&gdpr=1
Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2 200 setuid
sync.quantumdex.io/ Frame F747 43 B
95 B 159ms
150ms Image
image/gif 2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YYGzGAGhWkIV76meDNGaxAAABFgAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f8fc1f0e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 170D 70 B
264 B 31ms
31ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:24 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 170D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YYGzGH0WI6VfETmpxXDmIAAABGsAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YYGzGH0WI6VfETmpxXDmIAAABGsAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELsl3wwjCT12mzuiJw0M9wQ&google_cver=1

43 B
315 B

26ms
26ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELsl3wwjCT12mzuiJw0M9wQ&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 02 Nov 2021 21:52:24 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELsl3wwjCT12mzuiJw0M9wQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 170D
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYGzGH0WI6VfETmpxXDmIAAABGsAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYGzGH0WI6VfETmpxXDmIAAABGsAAAAB&dcc=t

43 B
645 B

106ms
106ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYGzGH0WI6VfETmpxXDmIAAABGsAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: GAVE2YE17202E60VJPQ2
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: SS20QV676SHS7TR74332
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YYGzGH0WI6VfETmpxXDmIAAABGsAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 170D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YYGzGH0WI6VfETmpxXDmIAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEExllE-QwWxUuQKAbEe-vNw&google_cver=1&gdpr=1

43 B
1 KB

43ms
26ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEExllE-QwWxUuQKAbEe-vNw&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 02 Nov 2021 21:52:24 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEExllE-QwWxUuQKAbEe-vNw&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index
dmp.brand-display.com/cm/api/ Frame 170D 43 B
253 B 4474ms
4442ms Image
image/gif 35.241.40.233

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.40.233 -, , ASN (),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:28 GMT
via: 1.1 google
last-modified: Tue, 02 Nov 2021 21:52:28 GMT
server: nginx/1.20.1
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: clear
content-length: 43
expires: Tue, 02 Nov 2021 21:52:29 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 170D
Redirect Chain

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=-HyROqx-mDPjep46-n2Eb_p5yDjjLp1uq32LAl-B

43 B
1013 B

68ms
33ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=-HyROqx-mDPjep46-n2Eb_p5yDjjLp1uq32LAl-B
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 02 Nov 2021 21:52:24 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:24 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=-HyROqx-mDPjep46-n2Eb_p5yDjjLp1uq32LAl-B
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 170D
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=37cd6181-b315-4a01-9dc4-5b657bf75408&gdpr=1&gdpr_consent=

43 B
1009 B

80ms
47ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=37cd6181-b315-4a01-9dc4-5b657bf75408&gdpr=1&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 02 Nov 2021 21:52:24 GMT

Redirect headers

Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: MT3 4067 88cc6bf master zrh-pixel-x3 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=37cd6181-b315-4a01-9dc4-5b657bf75408&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 02 Nov 2021 21:52:23 GMT

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame 170D
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6891763441104115118&uid=Q6891763441104115118&ref=%2Feucm%2Fp%2Fcc
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

19ms
18ms

Image
image/gif

104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/5.3.3
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Tue, 02 Nov 2021 21:52:24 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 200 setuid
sync.quantumdex.io/ Frame 170D 43 B
95 B 159ms
149ms Image
image/gif 2606:4700:10::6816:397e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YYGzGH0WI6VfETmpxXDmIAAABGsAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:52:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a8096f90c340e06-MXP
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

GET
H2

200

match
ads.betweendigital.com/ Frame 3742
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dbetween%26expires%3D30%26user_group%3D%24%...
https://x.bidswitch.net/sync?dsp_id=429&user_id=6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1&ssp=between&expires=30&user_group=1
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b3b0198e-6501-408d-b08a-a55ff055dce3

68 B
607 B

65ms
65ms

Image
image/png

88.212.252.2
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=b3b0198e-6501-408d-b08a-a55ff055dce3
Protocol: H2
Server: 88.212.252.2 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=b3b0198e-6501-408d-b08a-a55ff055dce3
Date: Tue, 02 Nov 2021 21:52:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

/
sync3.sniperlog.ru/ Frame 3742
Redirect Chain

https://sync.bumlam.com/?src=aid0
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=29b7e7cc-3c27-11ec-a6e9-002590c82437
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=29b7e7cc-3c27-11ec-a6e9-002590c82437&bounce=1
https://sync.bumlam.com/?src=aid1&uid=sQpS2PVExjmTQuae6WvEaQ&
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=sQpS2PVExjmTQuae6WvEaQ&extra2=aidata
https://sync3.sniperlog.ru/?src=ggl&extra1=sQpS2PVExjmTQuae6WvEaQ&extra2=aidata&google_gid=CAESECKJRW5xbSWrR8u78hOf-E8&google_cver=1

43 B
516 B

106ms
19ms

Image
image/gif

31.172.81.158
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync3.sniperlog.ru/?src=ggl&extra1=sQpS2PVExjmTQuae6WvEaQ&extra2=aidata&google_gid=CAESECKJRW5xbSWrR8u78hOf-E8&google_cver=1
Protocol: HTTP/1.1
Server: 31.172.81.158 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 21:52:25 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync3.sniperlog.ru/?src=ggl&extra1=sQpS2PVExjmTQuae6WvEaQ&extra2=aidata&google_gid=CAESECKJRW5xbSWrR8u78hOf-E8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

/
sync3.sniperlog.ru/ Frame 0877
Redirect Chain

https://sync.bumlam.com/?src=aid0
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=29b7e7cc-3c27-11ec-a6e9-002590c82437
https://sync.bumlam.com/?src=aid1&uid=sQpS2PVExjmTQuae6WvEaQ&
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=sQpS2PVExjmTQuae6WvEaQ&extra2=aidata
https://sync3.sniperlog.ru/?src=ggl&extra1=sQpS2PVExjmTQuae6WvEaQ&extra2=aidata&google_gid=CAESECKJRW5xbSWrR8u78hOf-E8&google_cver=1

43 B
516 B

65ms
9ms

Image
image/gif

31.172.81.158
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync3.sniperlog.ru/?src=ggl&extra1=sQpS2PVExjmTQuae6WvEaQ&extra2=aidata&google_gid=CAESECKJRW5xbSWrR8u78hOf-E8&google_cver=1
Protocol: HTTP/1.1
Server: 31.172.81.158 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 21:52:25 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync3.sniperlog.ru/?src=ggl&extra1=sQpS2PVExjmTQuae6WvEaQ&extra2=aidata&google_gid=CAESECKJRW5xbSWrR8u78hOf-E8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame DADA
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

281 B
554 B

13ms
13ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1&CACHEBUSTER=539532
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 02 Nov 2021 21:52:25 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Date: Tue, 02 Nov 2021 21:52:25 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 602B
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

281 B
554 B

18ms
11ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1&CACHEBUSTER=556578
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 02 Nov 2021 21:52:25 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Date: Tue, 02 Nov 2021 21:52:25 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame DADA 31 KB
10 KB 11ms
10ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 934ae5d93b0fa3d644fb2582defb5eef59982cc5c72dc338d58656c2e44de14b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 21:52:25 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Nov 2021 17:32:20 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=73949
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9395
Expires: Wed, 03 Nov 2021 18:24:54 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 602B 31 KB
10 KB 11ms
11ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b92caf56c6dba58cabc09aa3dabdb0fdef9307bedd6069742588f5a624c70791

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 21:52:25 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Nov 2021 17:32:20 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=73900
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9395
Expires: Wed, 03 Nov 2021 18:24:05 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame DADA 284 B
536 B 15ms
15ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/jpg

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 602B 284 B
536 B 20ms
9ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/jpg

GET
H2

200

539532
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 3742
Redirect Chain

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/539532
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/539532

43 B
297 B

57ms
57ms

Image
image/gif

2001:6d0:4001::226

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/539532
Protocol: H2
Server: 2001:6d0:4001::226 -, , ASN (),
Reverse DNS
Software: ms-counter-3.2.14/1.20.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:25 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.2.14/1.20.1
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:25 GMT
server: ms-counter-3.2.14/1.20.1
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/539532
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

556578
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 0877
Redirect Chain

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/556578
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/556578

43 B
297 B

57ms
57ms

Image
image/gif

2001:6d0:4001::226

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/556578
Protocol: H2
Server: 2001:6d0:4001::226 -, , ASN (),
Reverse DNS
Software: ms-counter-3.2.14/1.20.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:25 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.2.14/1.20.1
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:25 GMT
server: ms-counter-3.2.14/1.20.1
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/556578
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 6418 0
731 B 17ms
17ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:25 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 2fc22243-5272-49c7-9dd6-d869abf7c5ed
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3972 0
731 B 17ms
17ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:25 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0108e00c-88b4-4d5d-a226-d886a88c3ac6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame C071 0
731 B 51ms
51ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:25 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0f651d1c-8405-4b82-b064-ef02fdd27df5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0CAB 0
731 B 18ms
18ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:25 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: bb97aa42-747e-4618-bfcc-e048ed9a8d28
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 064B 0
731 B 62ms
62ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:25 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 6c56cb01-f059-4a58-b0eb-0ccff629a596
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 3742
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=429&user_id=6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1&expires=60
https://ad.360yield.com/match?publisher_dsp_id=191&external_user_id=b3b0198e-6501-408d-b08a-a55ff055dce3
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=191&external_user_id=b3b0198e-6501-408d-b08a-a55ff055dce3

43 B
446 B

15ms
15ms

Image
image/gif

3.66.41.54

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=191&external_user_id=b3b0198e-6501-408d-b08a-a55ff055dce3
Protocol: H2
Server: 3.66.41.54 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 02 Nov 2021 21:52:25 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=191&external_user_id=b3b0198e-6501-408d-b08a-a55ff055dce3
date: Tue, 02 Nov 2021 21:52:25 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

bswsync
crb.kargo.com/api/v1/ Frame 0877
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=429&user_id=6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1&expires=60
https://crb.kargo.com/api/v1/bswsync?bsw_uuid=b3b0198e-6501-408d-b08a-a55ff055dce3&dsp_uuid=&dsp_id=&krg_ids=&gdpr=&gdpr_consent=&us_privacy=

43 B
360 B

56ms
17ms

Image
image/gif

3.127.62.220

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crb.kargo.com/api/v1/bswsync?bsw_uuid=b3b0198e-6501-408d-b08a-a55ff055dce3&dsp_uuid=&dsp_id=&krg_ids=&gdpr=&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 3.127.62.220 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Nov 2021 21:52:25 GMT
Vary: Origin
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Krk-Reject-Reason: consent
Content-Length: 43
X-Accel-Expires: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: //crb.kargo.com/api/v1/bswsync?bsw_uuid=b3b0198e-6501-408d-b08a-a55ff055dce3&dsp_uuid=&dsp_id=&krg_ids=&gdpr=&gdpr_consent=&us_privacy=
Date: Tue, 02 Nov 2021 21:52:25 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame E420 2 KB
823 B 3480ms
3480ms Document
text/html 51.75.86.98

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5d1628750185ace

Requested by

Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1&CACHEBUSTER=556578

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame DE5C 2 KB
823 B 3448ms
3448ms Document
text/html 51.75.86.98

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5d1628750185ace

Requested by

Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1&CACHEBUSTER=539532

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

POST
H2 200 /
track.adform.net/serving/unload/ Frame E739 35 B
478 B 23ms
22ms Ping
image/gif 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=102534494300021785@@50457257,2180956389242426510,100|4700|0|0|0|0|0|0|0||184|1|||||1|0|0|UDIayQXHERZcPlakbYq96RZf4KTsCaLNsosmjXY3fzQ-6N9HS3kS4Im3nyX34Xgm0|||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal900016.redintelligence.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:27 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://hal900016.redintelligence.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2

200

6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1
an.yandex.ru/mapuid/betweendigitalis/ Frame 3742
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1
https://an.yandex.ru/mapuid/betweendigitalis/6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1
https://an.yandex.ru/mapuid/betweendigitalis/6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1?redir-setuniq=1

43 B
80 B

60ms
60ms

Image
image/gif

2a02:6b8::90

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/betweendigitalis/6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1?redir-setuniq=1

Protocol

Server

2a02:6b8::90 -, , ASN (),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:29 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 21:52:29 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 02 Nov 2021 21:52:29 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:29 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 21:52:29 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/betweendigitalis/6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 02 Nov 2021 21:52:29 GMT

GET
H2

200

6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1
an.yandex.ru/mapuid/betweendigitalis/ Frame 0877
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1
https://an.yandex.ru/mapuid/betweendigitalis/6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1
https://an.yandex.ru/mapuid/betweendigitalis/6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1?redir-setuniq=1

43 B
108 B

64ms
64ms

Image
image/gif

2a02:6b8::90

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/betweendigitalis/6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1?redir-setuniq=1

Protocol

Server

2a02:6b8::90 -, , ASN (),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:29 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 21:52:29 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 02 Nov 2021 21:52:29 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:29 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 21:52:29 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/betweendigitalis/6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 02 Nov 2021 21:52:29 GMT

GET
H2 200 sync
t.adx.opera.com/ Frame 0877 0
409 B 68ms
24ms Image
text/plain 82.145.213.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60079&uid=6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 -, , ASN (),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:29 GMT
server: Tengine
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
t.adx.opera.com/ Frame 3742 0
409 B 50ms
22ms Image
text/plain 82.145.213.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60079&uid=6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1&CACHEBUSTER=539532
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 -, , ASN (),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Nov 2021 21:52:29 GMT
server: Tengine
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: onetag-sys.com
URL: https://onetag-sys.com/prebid-request

Domain: onetag-sys.com
URL: https://onetag-sys.com/prebid-request

Domain: onetag-sys.com
URL: https://onetag-sys.com/prebid-request

Domain: rtb.adpone.com
URL: https://rtb.adpone.com/bid-request?pid=121725125956429&gdpr_applies=false&consentString=undefined

Domain: onetag-sys.com
URL: https://onetag-sys.com/prebid-request

Domain: onetag-sys.com
URL: https://onetag-sys.com/prebid-request

Domain: links.services.disqus.com
URL: https://links.services.disqus.com/api/ping

Domain: sync.adotmob.com
URL: https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1

Verdicts & Comments Add Verdict or Comment

189 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

93 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
thetruedefender.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 14f00a3bf46458cf2c56b9c5d474c5ec
.thetruedefender.com/	1970-01-20 15:56:01	Name: _ga Value: GA1.2.1031479285.1635889940
.thetruedefender.com/	1970-01-19 22:26:16	Name: _gid Value: GA1.2.1998227999.1635889940
.thetruedefender.com/	1970-01-19 22:24:49	Name: _gat_gtag_UA_186892928_1 Value: 1
thetruedefender.com/	1970-01-19 23:08:01	Name: _pbjs_userid_consent_data Value: 6683316680106290
.smartadserver.com/	1970-01-20 07:53:37	Name: pbw Value: %24b%3d16950%3b%24o%3d11100
.smartadserver.com/	1969-12-31 23:59:59	Name: vs Value: 402008=4648192
.smartadserver.com/	1969-12-31 23:59:59	Name: TestIfCookie Value: ok
.smartadserver.com/	1970-01-20 07:53:37	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-19 22:26:16	Name: sasd Value: %24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D60311%3B%24qt%3D25_1045_42811t%3B%24dma%3D0
.betweendigital.com/	1970-01-20 07:10:25	Name: dc Value: mow1
.betweendigital.com/	1970-01-20 07:10:25	Name: ss Value: 1
.betweendigital.com/	1970-01-20 07:10:25	Name: unm Value: 1
.smartadserver.com/	1970-01-19 22:26:16	Name: sasd2 Value: q=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D60311%3B%24qt%3D25_1045_42811t%3B%24dma%3D0&c=1&l=1881784456&lo=-721590141&lt=637714903401776546&o=1
.betweendigital.com/	1970-01-20 07:10:25	Name: tuuid Value: 6f2cfef0-8f9f-5133-826a-54e5e3ebe7f1
.a-mo.net/	1970-01-20 07:10:25	Name: amuid2 Value: 9ab74ca4-f985-498f-8672-7a280b8f9c6a
.quantumdex.io/	1970-01-19 22:53:41	Name: uid Value: 5fa2e97e-1f80-4540-bf28-c49c2159d9e7
xn--r1a.website/	1970-01-19 22:26:16	Name: stel_ssid Value: e6b4820621b3e1ffe4_3374479780132697596
.adnxs.com/	1970-01-20 00:34:25	Name: icu Value: ChgIztV3EAoYASABKAEwleaGjAY4AUABSAEQleaGjAYYAA..
.adnxs.com/	1970-01-20 00:34:25	Name: uuid2 Value: 5144825251432877873
.smartadserver.com/	1970-01-20 07:53:37	Name: pid Value: 3809574324659257350
.smartadserver.com/	1970-01-20 07:53:37	Name: pdomid Value: 5
prebid.a-mo.net/	1970-01-20 07:10:25	Name: __amc Value: 2_1635889940_1635889941
.criteo.com/	1970-01-20 07:46:25	Name: uid Value: cf40501b-bda5-419d-aa55-d5c5593146ff
.smartadserver.com/	1970-01-19 23:08:01	Name: Trk0 Value: Value=1366485&Creation=02%2f11%2f2021+22%3a52%3a21
.mathtag.com/	1970-01-20 07:10:25	Name: uuid Value: 37cd6181-b315-4a01-9dc4-5b657bf75408
.thetruedefender.com/	1970-01-20 07:46:25	Name: cto_bundle Value: SpaPSF9BUVJCWnBjOEU0em1IcDJ1byUyQk1WUWFEdlY4VFdFb3d3cHRCNDZTTHFmVEpXd0RtRFI4RFZEWGpYYkppSWJ1WWVZQ2dMd0RUUGozNWZiVFdJNDNlRE11OU56Q0FOUG9WOW9TMGZNa1NyJTJCMTVBcjBJZkVqY3RNVnhENzNIWjBVWjJiRVpxZVN0cCUyRlJNYTBDZXhOd2drRHpVeGpEMXJQelYyOUY2MUxDM0JpbWMlM0Q
.redintelligence.net/	1970-01-20 00:34:25	Name: 8lcfmzhxc8d6_uid Value: 42d47c970d8c252c
.adform.net/	1970-01-19 23:08:01	Name: C Value: 1
.adform.net/	1970-01-19 23:51:13	Name: uid Value: 102534494300021785
.adform.net/	1970-01-19 22:34:54	Name: TPC Value: 1635889941928
.bidswitch.net/	1970-01-20 07:10:25	Name: tuuid Value: b3b0198e-6501-408d-b08a-a55ff055dce3
.bidswitch.net/	1970-01-20 07:10:25	Name: c Value: 1635889944
.bidswitch.net/	1970-01-20 07:10:25	Name: tuuid_lu Value: 1635889944
thetruedefender.com/	1970-01-20 07:46:25	Name: cto_bundle Value: 7c82Al9QenkxJTJGdnIwVVN5cloybzlvQ0FIeVFaalJWdExqRkNIeEpSa2RLWDNrUDhQeFVxTTFtVUtYSEhXY0wlMkJlb2U4dyUyRiUyQm5ON1pqbUtJQVN2TzlGcXAzWll1a0VZQkswYXpPMFNVaktPYWJkZHM5T2VwRkQwQkwlMkZCTW1IckJxV29jZTklMkJvUjlVdUZHYk13bkpMaEpjJTJCT0lEMnBKRmJmUm1MQW1EaWlXQXE5aWhJNCUzRA
thetruedefender.com/	1970-01-20 07:46:25	Name: cto_bidid Value: fTMsJV8xZW1NamFRa3lCY0luc1hpQmlGMHZlYnAwYllGTUo3R1NYWXRHTnlnWmNuNWJySnFodVhDTVA4M0lSdklTS2s1RWw2dHpENVJWJTJCbjNzWW5tUW5IYWx4a1RkdXhWNXc5TXgzZW52MWloVEF2TjZaSUhGbEMlMkZTeFFBN1JHNGFFbGk
.lijit.com/	1970-01-20 07:10:25	Name: ljt_reader Value: 4f681b0473f12007d534bb6d
.adhigh.net/	1970-01-20 07:10:25	Name: gi_u Value: 8eZzOFdEKI4.AikABlF84qOWug
.adsniper.ru/	1970-01-27 05:36:49	Name: uuid3 Value: IiQyOWI3ZTdjYy0zYzI3LTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.id5-sync.com/	1970-01-19 22:24:50	Name: cf Value:
.id5-sync.com/	1970-01-19 22:24:50	Name: cip Value:
.id5-sync.com/	1970-01-19 22:24:50	Name: cnac Value:
.id5-sync.com/	1970-01-19 22:24:50	Name: car Value:
.id5-sync.com/	1970-01-19 22:24:50	Name: gdpr Value:
.sharethrough.com/	1970-01-20 07:10:25	Name: stx_user_id Value: d35b0059-5249-4829-8009-5a42a0d432e8
.advertising.com/	1970-01-20 07:11:52	Name: APID Value: UP29ba9eb6-3c27-11ec-9925-02b6d90ce87a
.id5-sync.com/	1970-01-19 22:24:50	Name: callback Value:
.yahoo.com/	1970-01-20 07:10:47	Name: A3 Value: d=AQABBBizgWECEJXWNwTjGKu-Ju9Wn_kYr88FEgEBAQEEg2GLYQAAAAAA_eMAAA&S=AQAAAnzWpFB9KkMf5OTcpLC4cyk
.bumlam.com/	1970-01-27 05:36:49	Name: suuid3 Value: IiQyOWI3ZTdjYy0zYzI3LTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.adhigh.net/	1970-01-20 07:10:25	Name: btw_sync Value: IY2
.adhigh.net/	1970-01-20 07:10:25	Name: bsw_sync Value: IY2
.casalemedia.com/	1970-01-20 00:34:25	Name: CMPS Value: 5221
.id5-sync.com/	1970-01-20 00:34:25	Name: id5 Value: c6860941-3860-41ba-bd63-fedf9622a8bd#1635889936565#2
.id5-sync.com/	1970-01-20 00:34:25	Name: 3pi Value:
.creative-serving.com/	1970-01-20 07:46:25	Name: tuuid Value: c2f1760c-f2fd-48c2-aaba-8eac511ce7ce
.creative-serving.com/	1970-01-20 07:46:25	Name: c Value: 1635889944
.creative-serving.com/	1970-01-20 07:46:25	Name: tuuid_lu Value: 1635889944
.analytics.yahoo.com/	1970-01-20 07:11:52	Name: IDSYNC Value: "192w~21b9:192x~21b9"
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UP29ba9eb6-3c27-11ec-9925-02b6d90ce87a
.yahoo.com/	1970-01-19 22:26:16	Name: APIDTS Value: 1635889944
.casalemedia.com/	1970-01-19 22:26:16	Name: CMST Value: YYGzGGGBsxgA
.casalemedia.com/	1970-01-20 07:10:25	Name: CMID Value: YYGzGH0WI6VfETmpxXDmIAAA
.casalemedia.com/	1970-01-20 00:34:25	Name: CMPRO Value: 1131
.ads.pubmatic.com/	1970-01-19 22:26:16	Name: KCCH Value: YES
.adsrvr.org/	1970-01-20 07:10:25	Name: TDID Value: 93fd85dc-2c35-4966-93ea-5d3eceb7b5bf
.adsrvr.org/	1970-01-20 07:10:25	Name: TDCPM Value: CAEYBSABKAIyCwia9NqQuZWPOhAFOAE.
.1rx.io/	1970-01-20 07:10:25	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-3c63a55e-01af-4095-8f3e-422e69994212-003%22%7D
.quantserve.com/	1970-01-20 00:34:25	Name: d Value: EA8BDQHQJLjvsQA
.quantserve.com/	1970-01-20 07:55:04	Name: mc Value: 6181b318-772db-a4061-03f5d
.simpli.fi/	1970-01-20 07:11:52	Name: suid Value: 422CBF86B60B4F7D953430FCB63F942B
.rfihub.com/	1970-01-20 07:46:25	Name: eud Value: H4sIAAAAAAAAAPvFyGtoZmxqYWFpaWJiamQMAEI4nA0QAAAA
.rfihub.com/	1970-01-20 07:46:25	Name: rud Value: H4sIAAAAAAAAAOMSNjU0NjY2sjQ1tDQxMjEwMDe1NBfiM9R1zM4vcKoqMzQ1DDCU4jU0Mza1sLC0NDExNTIGAIgJEf40AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjU0NjY2sjQ1tDQxMjEwMDe1NBfiM9R1zM4vcKoqMzQ1DDAEAJNKv9slAAAA
.doubleclick.net/	1970-01-20 07:46:25	Name: IDE Value: AHWqTUkKgVBnEQTrxse85ah2vUq-03Lustz5Gf-9fWhAn8lEJ02hkLGMkElhqCiDZFc
.targeting.unrulymedia.com/	1970-01-20 07:10:25	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-3c63a55e-01af-4095-8f3e-422e69994212-003%22%7D
.owneriq.net/	1970-01-19 22:39:13	Name: p2 Value: cc
.owneriq.net/	1970-01-20 15:56:01	Name: si Value: Q6891763441790670284
ms.quantumdex.io/	1970-01-23 14:00:49	Name: qdsp_uid Value: 10fb9827-5f20-41d7-89f8-e79dcddf43f2
.bidr.io/	1970-01-20 07:53:23	Name: bito Value: AAGep07DA2YAADfHDtoCIw
.bidr.io/	1970-01-20 07:53:23	Name: bitoIsSecure Value: ok
pool.admedo.com/	1970-01-20 07:10:25	Name: tuuid Value: 54c7b7f3-56da-40c6-9cf0-efe7264e8a85
pool.admedo.com/	1970-01-20 07:10:25	Name: c Value: 1635889944
pool.admedo.com/	1970-01-20 07:10:25	Name: tuuid_lu Value: 1635889944
beacon.lynx.cognitivlabs.com/	1970-01-20 07:10:25	Name: UID Value: 5e8a6c59-88ae-442b-b04a-fda42cd41901
beacon.lynx.cognitivlabs.com/	1970-01-20 07:10:25	Name: ss Value: KO16e36c%2BU3uwHtumHF4TiG%2Bl6bBXynpWnKyV9dqNh0icMN6c7PZbknABVx5mHCGBGmnWVTWcvGilxrsFNC0jQ%3D%3D
.casalemedia.com/	1970-01-20 07:10:25	Name: CMRUM3 Value: 826181b3182760AAGep07DA2YAADfHDtoCIw&2d6181b3182760CAESEExllE-QwWxUuQKAbEe-vNw&276181b3180b40&516181b31805a0&e66181b3182760&036181b318276037cd6181-b315-4a01-9dc4-5b657bf75408&f16181b31805a0&1f6181b31805a00&bf6181b31805a0&086181b31827605e8a6c59-88ae-442b-b04a-fda42cd41901
.aidata.io/	1970-01-20 15:56:01	Name: __upin Value: sQpS2PVExjmTQuae6WvEaQ
.aidata.io/	1970-01-20 15:56:01	Name: __upints Value: 1635889944
.betweendigital.com/	1970-01-20 07:10:25	Name: ut Value: YYGzGAAM5Mip0btjH7b-SBK3q5ybDnT3mfqr2w==
x01.aidata.io/	1970-01-19 22:24:49	Name: adsnpr Value: 1
.sniperlog.ru/	1970-01-20 15:56:01	Name: guid Value: 681224BD1E960D7B
.adfarm1.adition.com/	1970-01-20 00:34:25	Name: UserID1 Value: 7026093813632268437
.smartadserver.com/	1970-01-20 07:53:37	Name: csync Value: 49:7026093813632268437\|79:cf40501b-bda5-419d-aa55-d5c5593146ff

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://thetruedefender.com/thousand-reports-confirmed-the-abnormal-tumor-development-after-taking-the-covid-shots/ Message: Access to XMLHttpRequest at 'https://links.services.disqus.com/api/ping' from origin 'https://thetruedefender.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://links.services.disqus.com/api/ping Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.disquscdn.com
acdn.adnxs.com
ad.360yield.com
ad4m.at
ads.betweendigital.com
ads.creative-serving.com
ads.pubmatic.com
an.yandex.ru
ap.lijit.com
apps.sascdn.com
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
bidder.criteo.com
bttrack.com
c.disquscdn.com
c0.wp.com
cache.betweendigital.com
cdn.connectad.io
cdn.contentspread.net
cdn.jsdelivr.net
cdn.viglink.com
cdn1.lockerdomecdn.com
cdn2.lockerdomecdn.com
cdn4.telesco.pe
ced-ns.sascdn.com
clientcdn.pushengage.com
cm.g.doubleclick.net
cmp.optad360.io
cookie-matching.mediarithmics.com
crb.kargo.com
cs.lkqd.net
dis.criteo.com
disqus.com
dmp.brand-display.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
get.optad360.io
gu.dyntrk.com
gum.criteo.com
hal9000.redintelligence.net
hal900016.redintelligence.net
i.connectad.io
i0.wp.com
i2.wp.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
itx4.smartadserver.com
links.services.disqus.com
lockerdome.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
ms.quantumdex.io
mug.criteo.com
onetag-sys.com
p.rfihub.com
pixel.advertising.com
pixel.mathtag.com
pixel.quantserve.com
pixel.wp.com
pool.admedo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prg.smartadserver.com
px.adhigh.net
px.owneriq.net
referrer.disqus.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.adpone.com
s.amazon-adsystem.com
s1.adform.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.gravatar.com
securepubads.g.doubleclick.net
ssp.wp.pl
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
stats.wp.com
std.wpcdn.pl
sync-eu.connectad.io
sync.1rx.io
sync.adotmob.com
sync.bumlam.com
sync.go.sonobi.com
sync.mathtag.com
sync.quantumdex.io
sync.targeting.unrulymedia.com
sync3.adsniper.ru
sync3.sniperlog.ru
t.adx.opera.com
tags.mathtag.com
thetruedefender-com.disqus.com
thetruedefender.com
tlgr.org
token.rubiconproject.com
track.adform.net
um.simpli.fi
ups.analytics.yahoo.com
useast.quantumdex.io
users.api.jeeng.com
www.google-analytics.com
www.googletagmanager.com
www.tns-counter.ru
www8.smartadserver.com
x.bidswitch.net
x01.aidata.io
xn--r1a.website
links.services.disqus.com
onetag-sys.com
rtb.adpone.com
sync.adotmob.com
104.109.78.125
104.111.242.53
104.154.142.214
13.35.253.117
135.125.160.77
138.201.220.30
138.201.63.164
142.250.185.194
146.20.132.120
147.75.38.124
149.154.165.133
151.101.192.134
151.236.71.82
159.253.128.188
164.132.158.126
172.217.18.98
178.162.133.149
178.250.2.131
178.250.2.146
178.250.2.151
18.156.98.241
18.184.122.71
18.197.47.23
185.184.8.65
185.29.132.241
185.29.134.249
185.33.221.50
185.33.221.87
185.64.190.78
185.86.137.17
185.86.139.115
185.86.139.59
192.0.76.3
192.0.77.2
192.0.77.37
192.132.33.46
193.0.160.129
193.232.148.143
199.232.192.134
199.232.196.134
199.232.198.49
2.16.186.104
2.18.232.130
2.18.233.180
2.18.233.201
2.18.234.21
2.19.35.65
2001:6d0:4001::226
212.77.98.32
212.77.99.29
213.19.147.45
216.52.2.39
2600:9000:2057:2400:b:6268:b880:93a1
2600:9000:2057:ee00:6:8656:f5c0:93a1
2600:9000:206f:a000:a:cbb7:a940:93a1
2600:9000:206f:a600:6:b871:4f00:93a1
2600:9000:206f:ec00:11:a4de:2580:93a1
2606:4700:10::6816:36ce
2606:4700:10::6816:38ae
2606:4700:10::6816:397e
2606:4700:20::681a:8a9
2606:4700:20::ac43:4551
2606:4700:20::ac43:49e4
2606:4700:20::ac43:4a81
2606:4700::6810:5814
2606:4700::6810:a00d
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:809::2008
2a00:1450:4001:813::200a
2a00:1450:4001:827::2003
2a00:1450:4001:830::200e
2a00:1450:400c:c06::9a
2a02:2638::1c
2a02:2638::3
2a02:26f0:6c00::210:ba0b
2a02:6b8::90
2a04:fa87:fffe::c000:4902
3.120.83.159
3.126.56.137
3.127.62.220
3.209.222.165
3.66.41.54
31.172.81.158
31.172.81.172
35.210.53.219
35.241.40.233
35.71.131.137
37.157.3.30
37.157.5.73
50.31.142.95
51.75.86.98
51.89.21.5
52.212.206.16
52.3.173.52
52.46.130.91
69.173.144.138
82.145.213.8
85.114.131.233
85.114.159.118
88.212.252.2
89.108.119.43
95.216.186.40
015964ab01e4bd0a7384e8ac665f75be9388c6810a696c443051a6395d7c36fd
023d2dda72814a8b932eaa0e1d2c7c1c4bd5f493d9c018e3345d8bc3f9bc6d69
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
033a611844f324323caf67b48848e90d87ea61a9577a72d51db985c96620fb0d
0527ce5b5792f6d9b63ea01a0ceab6ba6603c441f35be4fbba6823f88ace6f75
071ae33974e54b0b7586b5ecc94a40ab118f7df9a387f351231095b51aafe93e
071f953e4deef698c9a6c8540e2c4b311932137e5f5b2d3a219503c03f67d233
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
09255fc220032ea7ecb474d0b0b6daffccade6134caae15332892691465788f8
0a1fc524469c189ab3ef5bb0fd741d4ca4b9397535b88666e87b412fb78cb4f1
0b721ba64a02eb660eb62d1b6d7558ec8d86490c0e4444262b38ac5a54004e88
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad
0f661b180cb5ec06a2458d8be5c013a37abe06a0d446945709010132ca813d15
114cec4e4207abfdc3fc0fb6505d2ce91d37b2da7d728313d145e2713d2112c5
135204107165e54331e24daab6240378ec324d61d93457685ac665efd401ea08
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
166947202db131a556e24bba1116e1a2c11532a1db3487b3b0984388bff9bc14
17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
2112007d6e205ff60a7967796907853e3129f1f7cb6eab9f6b023da7ec1e9534
211a8253beb9326658353bdc98946d139c1a9f5c50a3da0dca69738c7855182d
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
23695860a414cbbe4eb223a9ef31f944a10eb43953b59b5eca3e069ebf3db31c
257aa0fe09b3bf4b6c1869211fdbd95f9e56d739dabb3be9808764270a00e410
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
260ef93bb89130614a4d3ff6448bac862f17fdafcb435e1c0973ab8aaa711356
2892a779cee25c3a681f6c8d4c779f0e8632741aec6485a87da48000d84b96c5
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
2f86b3f504c6dee16b7afdb28a4af802c0ea8fc39fb67dc3180dcd9fabe9f0c6
300c2a57d0ed169063b3daaff0550227cf8be6e702a58ab79f40a351df655243
3024802e662d69d407cfe352d09bc3ca34925d63f7b8eec4058cbcc392253328
3149deb1b9b8bae2a4c322f8342d3fcbfae583459d5554eec43ed1c06e010d11
323f9384b04de16655cc1378fd2655ff02e512ff2c2536d5ab8e0d7ac9a1037c
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
360cb757953c12a86e5cab86a14bc19f343fae4b09fa758b1a0535dca3c5f26f
36bcddc52d8e87544a4bbf8615f54388da33b1d0df839fe29b3f7af885357284
36d290f9d96e9e54061a31c2a9efc26e0fbab8ed60861393f9554cd509003a4c
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3b6dabc25c6f2284c68ffa1a0a016d6d8eac85d2244675ee2c94d910255b010e
3ba2c590c10398cdd1488c24d30220c44e4faa04eeaa2d874a14da5d550b7b18
3d52d83e861aa3a1407b96ecc89c8175eb866405606c1d4f3372d5f42f585b4b
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e32dd5f51c877408019caff9857888020ce7779f99bda59d10d113f7604c0b4
3e994c6b869ce31ac6a8997cfcdaca22ac6c47f137ec735b2ac413e466b7ca0c
3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1
3ebe3ff6e3d8d47304ff7bbcb28cc0579ca64c2cd7989015db2fbdb08ec8dd92
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0
480d5b028c764f430abceb5dc43f7bad59001a0bbaa4d71beb7b67846fbd42b5
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4aedd618e5afdcceeaeb82c1d6926175a4bb43dd363e9c64eacfca2ae80c9b60
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4d958aa0fe56b2c9ef407522721c72a3f0ac4f0ae063a2e2d05c134b7a79fa85
4e2ff4dda6510591e0123ec9153d0dd7f35a566566df7095694625e6c654e527
4f41cc4fab403de9d228f97f48da9d1985a2a00307ec22f09cd7f7b1e98470c4
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fb7da1e767138bdd223778786f7b3a48072fd689f029940600fcc5678efcbe2
50b8c8186c42f2c359478833bd354794e1025cfe16665c6348d7a9256b5280c2
50c80b7f0573b4a9b5ed8b5444d74e55e8c6aa575f098a911ddf03a6b490154d
51e78e904c795ed5b0154a9995d1ab0b7e3667f5aede719bda86ba38236c5989
5269b569fa0528a8a3b2ab46ab09447408391e7287f03c6a8523fcbf7239f3b8
5332ecf2132e7019c78a8149053b05458f0869c73ae8a3e2f18dd1121d0b386a
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
545f7284439440fac6a2ce4a53a16cf7e9c7f9f6dc7a6f09877bd2af7c85e3b1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5694190f33aafaf67bee0056ee8532facda90c590ad0cc5c980a06c69f3a035d
5ba4f5a677d6ea902838fd0129ecf4bf43b6b9f81b266b250e932ae49f1d9564
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d674ccfc99275643e24088b4c1ed8930f67c24ee5481fcab84efde40879ca67
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29
5e0780e3675a5f9313cb1f81de033f6a0d8d1b7b70f0f76825d899db6b6510a8
5e95edacefbf5579eb92a9299cae71cee87410fd4681b7108f1cddb5964074f0
5f2f18aec7345dd5c5af496b485f07156f039b3fbd091e52418ee993885175ff
5f48401d810df54d8c06bd7a85a69b65e5403bab8dcb8d7e919f3d31247e5460
60631ed8f1dfa6713ff9e30fec41786aadc477c0cac5a75dca66b5a49f76b901
60c6565dc4af986490c60907f5c62642b3435afee9b6ee2af562becfe62f32aa
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
62ebdd655eb7d82324ded1127e184b1f4a65132a2b4f5ba0e113d3b65cc47b61
632b66c5318d24aeb3304d1de2b6530ecbaa80d11e6d8654e04ed73dd6283e57
6577a7f099bb2427321e33527186d259d4b6e248497fdc97a6600d51d6a8484a
668dee0c0f533e0709f09953340469952e5368b86628622f6b19f7f6bf03bda3
6990ea232bb26e9f419f1c364efc4d46ab62288a58f57aff6f289f4a98459240
6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c5c8e0b5e2e8acb7cec79788140b4c7b27268b6fe17a5587c51add17fa67eaf
6c84b15475645a583ebcacf9dce3e2ac8ada4feacf3640b2ba60c9139dc9e382
6f7760e57750d49f911bf96dc7bb3e3d09a706b0bbbf1d84828fa9e18de96e06
6f9a673b1873e1e9a5a0d36241a93bdcb1ad11375d26c93fa0fcd65ed2ed45e6
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453
71525986010b69cd30e5a0e238de2e04e942b4c1765725116cd107150fe9bbc5
7462bdf789a89db34e26ce9deeb27e2d532113145d71bb560aad30c67dceaf88
7465754e4a333d4ee5b0bd64ee1214d9629ea0fe3622c96b597ae017c9da2293
7723cbd4284fa4de9d098c53e0b0710e67f186370322d984913375c8aa45e4cc
7af53d7077c16f6ad9efd63a975749c4835ce6e495c337fa4176f15ed385f80b
7c3486c8d6b8a89a785cd2bd20bd64487a6518900720d85999ecefffc246c076
7c5ad9508977fa9a8685857181c93948a27aa92116e4801d95f3238c82075bd4
7dcbd9ddb813cf06084d60b6158da5289b9e33ba3f9e7c463fd20e7ec8462014
7df1f509c76a628ef5d5ad7786b00a73603a4fdb7cdb104d4ec2e69a59e89275
7ed7991567af566628cbb8a721f6a4eac1d43220eba83867a6b4360b0cb490f1
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
7fb0d6eef52ad36c85847fc0b0a93bd0748190aa0b58b1e7ddf95b8f106f1dea
82649ad7d4ec9c61f1e525b2dade75153ffb03610b88d22e1ba3ba98fd55de81
831d25b7dd675bc9bd915177eefeb353bac5b1af2240669c603cf7f28967da43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
841fc3b8f3bfa44fe3cde19cb624fa583e340a2674d1c665be8550aa673ed98c
8727353028ec84a1d143d12d2e7f3db41228182be2abf4e03b27b642125a67c9
88264adf3d3193fb56c229f0b92e2a6096770eb76996d1fedc95f5bcb208ccda
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a3444042157f7809f0fab7cad136bf9b3a383c2d2b3b3b87311e55c85ee0837
8d00f836b8651b83404dbf59e5a0a8bdfccde3654beb779a8d388495379a3395
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
91b66b071069f848a73997d924408d7f88dcebaeb3921a472cd388b0c9036a30
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93322181e26ce5f07c801f8bdd8bc3c21dd91f756be0992e50ffe476d415cc95
934ae5d93b0fa3d644fb2582defb5eef59982cc5c72dc338d58656c2e44de14b
93d20b25f386b7f7bc5fd17cb10ee67dcc084284d4a845ee3131356503490388
93f93bb11d7fad6a56886d7f4c335e43c924d046744b285ce6a04f16030f63fb
94488e121b5b9478a9ee12e927721cb15c185370ff98f60e523016ddee4dfd2c
94b0dd7a061f80bc838b0095bff0280e06b1eef839dc2d5fcd1b0b91c20d5386
94e8d8f83302bda3ed4be6f5137a76a8f5643327be490f4ac1598a54231d146c
94fe45377e314459bbf1b01708c6d27fd0f5045a586976a9882535fdebea47c6
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
9a211890e04f6342daafeab7c7d11cd15419e8a4830f530176b28d872e6a1d9a
9bd22f7705467d07c0f399042993aa71ff4fc0d708a6e5d654d2d8b06e7cf287
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1e1bbde95c25364baea8f86c18729bbdcc9ea26cbebef777b7ecea9987e3109
a1eb43d3b2628d370e2446a492808c177f039292f007b984a851a70812753b3f
a3cfff1f84f089837e93a0d14f52efcf01560750ab9fff5c3a0fcaa705d9b34b
a7145e35459692778d48ee4720e0897425811356b8e60ecdf87decaa8db0fdd6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aae68d7418f7820c7267d6dc0ec4f3f0935d15e965d5dfd0730ee15265cb932e
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
ae5df397c5c0dac0b9a5156343d18306f38b277664010be4121bd082f795131c
af835718d2bbc006f11104cbd1258b00c59804cbcfda40488707a58c672b2e94
b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6
b4bd66d27bcd179af78cc5596a6ebb04457528cd7d4344760c9119ce7b26e233
b4e54900492e7fa37b1da9dfb701b52ce20eb8709219e48f9db66b9fd547c429
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b5c639313a20041c6986df07dae08542d6e26be05464cadce13a51141b8a8886
b83d88fa2b75020875f387fa0f894d4d37cd995aca9144b6a824ff11e3c8ff31
b92caf56c6dba58cabc09aa3dabdb0fdef9307bedd6069742588f5a624c70791
b95a8992de21a2bcde6b7312e53c3c67774fa7bd087f22df319e7232a4c4dd97
b9b119103a6c75308bbc9ba8dc606a095dd200104de1398912c0ba8ad33ac305
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b
ba3e3f22592ee6f8bb60554a0ab8f93d5295790ed1bdb457ccd280aeea784c19
ba6b37372f51bb80758ae18bb5477d2971f6acbd6c58ae91b1ce958a2efb49d3
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2e8a68e96ef3d9e906cdd9a4e168f516930e8a5ebaf78993d0a084106ead88
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bc799480da1c273f1b5aa31734cf43da465e5276d572fab15b653acc9d310f32
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
bf3b52f874aebd7cfc4c49cc840977ec1fa179df6026c7cbb23794a3ccbde172
bf7cf40cac4303c84fe1f2023fd8905b9b6e91fc6d37d1b50d12acd3e418ad5d
bfc0c68a68647a1fca6bca193f1ae4287ceb3839bd16538e6fde83bf50aff37d
c0f5e0bca8b78f9db4a052ac6e5636911334ba2a9cd260f643c1f51a9fbcfd68
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c74e03c5f06c7a777111870687ac13741bbe623067bec980374ba3d668904311
cb61f98d1b5d2dfe91e815a3547dd241effe77301932cf6a5ba9d1542846221b
cbf109b38f079870b1f9035e2b44e2ea38d2b65b4a900a68c1cae0103285ab33
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf19b50b61fcb709cac17f29d02dddb82a9711227585e2607dd5ef42b613fa28
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0ec5d16c94170a36390acc16f5d01af93b195dcf7adea68d6456002d6618168
d1ec47f2cdbe72cfa78eea0aa8630c75a0b146d36473ac659fecaf00475fc098
d5b83174b14c8fb07a6cfc17abbc860e726a23b84f724c468049c73e1e8d7cba
d60f68c7b443a27ae8476859eb623b9b46a2d97e892cb317c317c07e77b8b2c5
d712796d188539ac294a0dd7a2d0b2770cbaca32d836863fd2565e6b39ae5f52
d859402073416136cd706c883ae28bb041a61c6f6ff181e0ae9c06ed9631d82e
d90a92a7cfa091e8b08b8a24572b8c67d1aa35d4e2a9b09887cfb412acc3adfc
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddfd24c995c2e6a2f5820919d0bc7b0b33d221203f10c9bec4d6199a7efdab40
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62414ffb988b8ff08ae3b877d3fec3f38f3773ec63f726e9352769951fa6053
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
e79482f5d457ca4e23fd2200b4dbc9ad872e24f20e7d9d7b188e2bc778d7bef3
e79d7844bd5daf0cb750f029d8e088938c60ebd784878c9cc41cbd1481d5563c
e84a340caf47fb7f52d6d4eef3db512e84c911268acf1c5eb66b44887f343457
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eae1ffdb6fdd7704a8f58a0ae137925f5bfae61739d73de00c62cd423494578f
eb46d82ef6f86859f18e379660e0f45b85c6f69fa97111905f0c125a08506376
eb8d75b932aff4e0cbd76c871c9acc03add1319ae596ee3c0f8750d20269e2ec
ebf628237fab3f0d9615ebe814b9c639a3d8aa71d61e700a985560532fd0ea56
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd5ad608d8f3603b3eb9ca9f2c65ed45d7ca18acd0296fe5fc24b150eb4c4e9
efd9e824a1e4ebcc1191decc082d4718bc50ca3ac692bb9529753d4cc97c5ecc
f1672b6adb575ab5321d426ebcca1e8b00217bfb2704fb41797f0dc91f5f5061
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5010764339d94d1fa6a5cc219dd0ab07cfca326a11e866768b80d6081773950
f5627ea74eac809576ae16667ed7522b8dff46df48c38d9452dbe2eb208d2eef
f8344a6a51143c26b02ba22367c0f7d3bfcff7951cc590f753e09aeba755cea7
f8374fd41dba00c2db7d80888b361ff3cb0291093144ba8387e9ebaf38e7cefd
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ff17f08db808e813e0f3270329ce38e06376065502acddb467d39eea8d84d67c

thetruedefender.com Open in urlscan Pro 2606:4700:20::ac43:4551 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

443 Requests

77 %HTTPS

25 %IPv6

81 Domains

115 Subdomains

84 IPs

11 Countries

4323 kBTransfer

8768 kBSize

93 Cookies

17 Outgoing links

Redirected requests

443 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

thetruedefender.com Open in urlscan Pro
2606:4700:20::ac43:4551 Public Scan

Screenshot
Live screenshot

Full Image

443
Requests

77 %
HTTPS

25 %
IPv6

81
Domains

115
Subdomains

84
IPs

11
Countries

4323 kB
Transfer

8768 kB
Size

93
Cookies

443 HTTP transactions
5 data transactions