urlscan.io logo urlscan.io
SecurityTrails logo

thetruedefender.com Open in urlscan Pro
2606:4700:20::681a:842  Public Scan

Go To Rescan Add Verdict Report
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Submission: On April 04 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 134 IPs in 14 countries across 119 domains to perform 566 HTTP transactions. The main IP is 2606:4700:20::681a:842, located in United States and belongs to CLOUDFLARENET, US. The main domain is thetruedefender.com. The Cisco Umbrella rank of the primary domain is 788226.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 5th 2021. Valid for: a year.
This is the only time thetruedefender.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
36 2606:4700:20:... 13335 (CLOUDFLAR...)
16 192.0.77.2 2635 (AUTOMATTIC)
1 2a00:1450:400... 15169 (GOOGLE)
14 192.0.77.37 2635 (AUTOMATTIC)
11 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
4 2600:9000:223... 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
5 2606:4700::68... 13335 (CLOUDFLAR...)
20 104.19.135.78 13335 (CLOUDFLAR...)
2 2600:9000:223... 16509 (AMAZON-02)
1 18.66.139.34 16509 (AMAZON-02)
4 192.0.76.3 2635 (AUTOMATTIC)
1 2600:9000:224... 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
5 169.59.64.184 36351 (SOFTLAYER)
13 52.3.110.18 14618 (AMAZON-AES)
2 34.120.247.19 15169 (GOOGLE)
4 104.154.142.214 15169 (GOOGLE)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
16 52.20.240.56 14618 (AMAZON-AES)
1 2600:9000:231... 16509 (AMAZON-02)
6 104.102.28.254 20940 (AKAMAI-ASN1)
2 151.101.1.194 54113 (FASTLY)
2 151.139.128.11 20446 (STACKPATH...)
3 8 2606:4700:10:... 13335 (CLOUDFLAR...)
28 2600:9000:231... 16509 (AMAZON-02)
2 11 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 147.75.38.124 54825 (PACKET)
5 51.89.9.252 16276 (OVH)
1 178.162.133.150 60781 (LEASEWEB-...)
6 185.64.189.112 62713 (AS-PUBMATIC)
6 192.96.200.41 30633 (LEASEWEB-...)
1 52.58.101.33 16509 (AMAZON-02)
1 6 5.178.65.246 50673 (SERVERIUS-AS)
2 6 37.252.173.22 29990 (ASN-APPNEX)
4 216.52.2.39 29791 (VOXEL-DOT...)
6 34.149.20.76 15169 (GOOGLE)
11 213.19.147.43 26120 (RHYTHMONE)
1 20.40.202.0 8075 (MICROSOFT...)
10 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 192.0.78.23 2635 (AUTOMATTIC)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.250.2.146 44788 (ASN-CRITE...)
1 108.157.4.11 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
1 18.66.248.79 16509 (AMAZON-02)
1 108.157.4.71 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
22 104.19.133.78 13335 (CLOUDFLAR...)
2 2a03:90c0:41:... 199524 (GCORE)
1 151.101.66.132 54113 (FASTLY)
7 54.87.78.200 14618 (AMAZON-AES)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
9 52.73.223.127 14618 (AMAZON-AES)
15 23.36.163.227 20940 (AKAMAI-ASN1)
1 108.138.7.78 16509 (AMAZON-02)
1 18.66.248.86 16509 (AMAZON-02)
1 52.206.128.29 14618 (AMAZON-AES)
2 17 2.20.85.164 16625 (AKAMAI-AS)
3 3 2.19.35.65 16625 (AKAMAI-AS)
6 104.109.78.125 16625 (AKAMAI-AS)
6 52.57.37.214 16509 (AMAZON-02)
3 51.89.7.205 16276 (OVH)
3 9 52.30.140.199 16509 (AMAZON-02)
5 8 3.33.220.150 16509 (AMAZON-02)
1 34.120.133.55 15169 (GOOGLE)
10 142.250.186.162 15169 (GOOGLE)
6 2600:9000:223... 16509 (AMAZON-02)
4 69.173.144.139 26667 (RUBICONPR...)
2 4 52.46.130.91 16509 (AMAZON-02)
8 11 142.250.186.66 15169 (GOOGLE)
5 5 54.216.37.155 16509 (AMAZON-02)
4 4 151.101.194.49 54113 (FASTLY)
1 1 52.51.87.182 16509 (AMAZON-02)
2 3 104.90.179.100 16625 (AKAMAI-AS)
1 3.209.156.238 14618 (AMAZON-AES)
2 69.173.151.100 26667 (RUBICONPR...)
1 6 198.47.127.19 62713 (AS-PUBMATIC)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 151.101.65.108 54113 (FASTLY)
1 104.17.120.107 13335 (CLOUDFLAR...)
22 2606:4700:10:... 13335 (CLOUDFLAR...)
3 67.202.105.23 32748 (STEADFAST)
1 132.226.63.138 31898 (ORACLE-BM...)
1 1 88.214.206.247 46636 (NATCOWEB)
8 8 3.120.1.163 16509 (AMAZON-02)
1 1 146.0.227.109 20773 (GODADDY)
1 178.162.133.149 60781 (LEASEWEB-...)
3 4 3.126.56.137 16509 (AMAZON-02)
3 66.155.71.150 13768 (COGECO-PEER1)
1 35.227.252.103 15169 (GOOGLE)
3 7 3.228.116.73 14618 (AMAZON-AES)
2 5.178.65.253 50673 (SERVERIUS-AS)
1 3 162.55.236.225 24940 (HETZNER-AS)
4 5 35.227.248.159 15169 (GOOGLE)
1 2 37.157.6.241 198622 (ADFORM)
1 2 2a04:4e42::300 54113 (FASTLY)
1 2600:1f16:e61... 16509 (AMAZON-02)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
2 2 52.31.55.178 16509 (AMAZON-02)
1 18.198.126.47 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
2 3 35.201.81.244 15169 (GOOGLE)
1 185.15.245.80 24961 (MYLOC-AS ...)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 18.185.251.21 16509 (AMAZON-02)
3 52.215.247.247 16509 (AMAZON-02)
1 1 2.18.233.201 16625 (AKAMAI-AS)
1 1 3.216.55.148 14618 (AMAZON-AES)
1 2 52.95.115.255 16509 (AMAZON-02)
2 104.111.215.191 16625 (AKAMAI-AS)
2 2 54.171.52.214 16509 (AMAZON-02)
2 4 2a05:d018:d29... 16509 (AMAZON-02)
1 2 37.252.172.37 29990 (ASN-APPNEX)
2 2 2001:678:cb4:... 56396 (AMOBEE)
1 1 34.194.30.250 14618 (AMAZON-AES)
2 4 37.157.3.30 198622 (ADFORM)
2 2 52.21.142.155 14618 (AMAZON-AES)
1 205.234.175.175 30081 (CACHENETW...)
7 7 162.210.196.208 30633 (LEASEWEB-...)
1 34.98.67.61 ()
3 3 185.29.132.245 30419 (MEDIAMATH...)
1 2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 2620:116:800d... 16509 (AMAZON-02)
1 1 185.183.112.155 60350 (VP)
2 2 51.178.20.139 16276 (OVH)
2 2 213.155.156.165 1299 (TWELVE99 ...)
6 104.36.113.107 62713 (AS-PUBMATIC)
16 185.64.189.110 62713 (AS-PUBMATIC)
1 178.250.0.163 44788 (ASN-CRITE...)
1 1 23.88.75.186 24940 (HETZNER-AS)
1 1 198.148.27.140 19189 (PULSEPOINT)
1 185.86.139.115 201081 (SMARTADSE...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 157.90.212.181 24940 (HETZNER-AS)
1 1 37.187.69.198 16276 (OVH)
1 195.5.165.20 44968 (IPROM-AS)
1 72.251.241.204 29791 (VOXEL-DOT...)
2 2 213.19.147.44 3356 (LEVEL3)
1 151.101.1.44 54113 (FASTLY)
2 204.237.133.121 3257 (GTT-BACKB...)
2 2 141.94.170.77 16276 (OVH)
1 2 169.50.137.182 36351 (SOFTLAYER)
1 1 51.68.39.188 16276 (OVH)
1 1 159.65.197.210 14061 (DIGITALOC...)
1 1 34.102.253.54 15169 (GOOGLE)
1 18.66.248.33 16509 (AMAZON-02)
1 51.158.29.13 12876 (Online SAS)
2 3.127.178.105 16509 (AMAZON-02)
1 104.36.113.24 ()
1 1 3.125.247.50 ()
1 169.197.150.8 ()
1 38.27.122.126 ()
2 2 35.157.226.32 ()
2 2 35.201.96.126 ()
1 185.64.190.87 ()
1 2 77.243.60.138 ()
1 54.229.167.98 ()
1 1 3.233.223.17 ()
1 1 2001:678:cb4:... ()
1 1 34.79.192.155 ()
566 134
36    2606:4700:20::681a:842 (United States)

ASN13335 (CLOUDFLARENET, US)
thetruedefender.com
16    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com
i0.wp.com
i2.wp.com
i1.wp.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
14    192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
c0.wp.com
11    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2606:4700:10::ac43:264e (United States)

ASN13335 (CLOUDFLARENET, US)
users.api.jeeng.com
4    2600:9000:223d:2c00:9:78a:e540:93a1 (United States)

ASN16509 (AMAZON-02, US)
product.instiengage.com
auth.instiengage.com
1    2600:9000:223c:6400:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.optad360.io
1    2600:9000:225e:5000:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
5    2606:4700::6810:4fa5 (United States)

ASN13335 (CLOUDFLARENET, US)
www.lightboxcdn.com
20    104.19.135.78 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
cdn.mgid.com
c.mgid.com
servicer.mgid.com
cm.mgid.com
2    2600:9000:223c:f400:b:6268:b880:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn1.lockerdomecdn.com
1    18.66.139.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-34.fra60.r.cloudfront.net
clientcdn.pushengage.com
4    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
1    2600:9000:224a:4e00:1c:386f:ec80:21 (United States)

ASN16509 (AMAZON-02, US)
d3lcz8vpax4lo2.cloudfront.net
1    2600:9000:225e:4600:a:cbb7:a940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn2.lockerdomecdn.com
5    169.59.64.184 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.40.3ba9.ip4.static.sl-reverse.com
rumble.com
13    52.3.110.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-110-18.compute-1.amazonaws.com
geoip.instiengage.com
eua.instiengage.com
cms.instiengage.com
event.instiengage.com
2    34.120.247.19 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 19.247.120.34.bc.googleusercontent.com
telemetries.jeeng.com
4    104.154.142.214 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com
lockerdome.com
1    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
16    52.20.240.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-240-56.compute-1.amazonaws.com
geoip.insticator.com
b2c.insticator.com
event.insticator.com
dashboard.insticator.com
1    2600:9000:2315:6800:10:3422:3f00:21 (United States)

ASN16509 (AMAZON-02, US)
df80k0z3fi8zg.cloudfront.net
6    104.102.28.254 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-28-254.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    151.101.1.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
2    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
sp.rmbl.ws
8    2606:4700:10::ac43:a93 (United States)

ASN13335 (CLOUDFLARENET, US)
comment.instiengage.com
28    2600:9000:2315:4400:17:5bae:c7c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.instiengage.com
11    2606:4700:10::ac43:efc (United States)

ASN13335 (CLOUDFLARENET, US)
ex.ingage.tech
2    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
5    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
1    178.162.133.150 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
6    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
6    192.96.200.41 (United States)

ASN30633 (LEASEWEB-USA-WDC, US)
hb.aralego.com
1    52.58.101.33 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-101-33.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
6    5.178.65.246 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
sync.e-planning.net
u-ams02.e-planning.net
6    37.252.173.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
4    216.52.2.39 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
6    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
11    213.19.147.43 (Utrecht, Netherlands)

ASN26120 (RHYTHMONE, US)
tag.1rx.io
tag.targeting.unrulymedia.com
1    20.40.202.0 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lightboxapi.azurewebsites.net
10    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
5    2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
8    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    192.0.78.23 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
public-api.wordpress.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    108.157.4.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-11.dus51.r.cloudfront.net
get.s-onetag.com
6    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
6    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    18.66.248.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-79.dus51.r.cloudfront.net
onetag-geo.s-onetag.com
1    108.157.4.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-71.dus51.r.cloudfront.net
signal-beacon.s-onetag.com
1    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
22    104.19.133.78 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
2    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
video-native.mgid.com
1    151.101.66.132 (United States)

ASN54113 (FASTLY, US)
player.ex.co
7    54.87.78.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-78-200.compute-1.amazonaws.com
prd-collector-anon.ex.co
1    2a02:26f0:3500:c::5c7b:6837 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.avplayer.com
2    2a02:26f0:3500:58c::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
9    52.73.223.127 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-223-127.compute-1.amazonaws.com
atrack.avplayer.com
track1.aniview.com
15    23.36.163.227 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-227.deploy.static.akamaitechnologies.com
mcd.ex.co
1    108.138.7.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-78.fra56.r.cloudfront.net
ats.rlcdn.com
1    18.66.248.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-86.dus51.r.cloudfront.net
geo.privacymanager.io
1    52.206.128.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-128-29.compute-1.amazonaws.com
premiumsrv.aniview.com
17    2.20.85.164 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-85-164.deploy.static.akamaitechnologies.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
3    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
6    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
6    52.57.37.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-37-214.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
3    51.89.7.205 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p28.id5-sync.com
id5-sync.com
9    52.30.140.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
bcp.crwdcntrl.net
sync.crwdcntrl.net
8    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
10    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
6    2600:9000:223e:4e00:1c:f0ba:c200:21 (United States)

ASN16509 (AMAZON-02, US)
d2s3kjdp77ms5k.cloudfront.net
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel-eu.rubiconproject.com
4    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
11    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
5    54.216.37.155 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-37-155.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
4    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    52.51.87.182 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-87-182.eu-west-1.compute.amazonaws.com
d.adroll.com
3    104.90.179.100 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-179-100.deploy.static.akamaitechnologies.com
px.owneriq.net
1    3.209.156.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-156-238.compute-1.amazonaws.com
sync.aniview.com
2    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
6    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2606:4700:20::681a:467 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    104.17.120.107 (None, )

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
22    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
3    67.202.105.23 (United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
1    132.226.63.138 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    88.214.206.247 (United Kingdom)

ASN46636 (NATCOWEB, US)
PTR: buycheapfags.com
cs.admanmedia.com
8    3.120.1.163 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-1-163.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    146.0.227.109 (Ascension Island)

ASN20773 (GODADDY, DE)
inv-nets.admixer.net
1    178.162.133.149 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
4    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
pixel-sync.sitescout.com
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
7    3.228.116.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-116-73.compute-1.amazonaws.com
a.audrte.com
2    5.178.65.253 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net
s.e-planning.net
3    162.55.236.225 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.225.236.55.162.clients.your-server.de
sync.richaudience.com
5    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
2    37.157.6.241 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
2    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2600:1f16:e61:3f02:363e:3490:f8eb:b263 (Columbus, United States)

ASN16509 (AMAZON-02, US)
dmp.v.fwmrm.net
2    2a05:d018:24:b002:eeee:33cd:8e98:b126 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
2    52.31.55.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-55-178.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    18.198.126.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
loadeu.exelator.com
1    151.1.205.165 (Milan, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
2    85.114.159.93 (Rheinfelden, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 244.81.201.35.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    185.15.245.80 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    18.185.251.21 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-251-21.eu-central-1.compute.amazonaws.com
aa.agkn.com
3    52.215.247.247 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-247-247.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    3.216.55.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-55-148.compute-1.amazonaws.com
usermatch.krxd.net
2    52.95.115.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
tags.bluekai.com
2    54.171.52.214 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-52-214.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
4    2a05:d018:d29:3602:8032:ea84:336c:262b (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    37.252.172.37 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    34.194.30.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-30-250.compute-1.amazonaws.com
sync.extend.tv
4    37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    52.21.142.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-142-155.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    205.234.175.175 (Leesburg, United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
7    162.210.196.208 (Bethesda, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
1    34.98.67.61 (None, )

ASN- ()
odr.mookie1.com
3    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
pubmatic-match.dotomi.com
2    2620:116:800d:21:3175:5196:e3fd:8c1d (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
1    185.183.112.155 (Meaux, France)

ASN60350 (VP, FR)
sync.adotmob.com
2    51.178.20.139 (France)

ASN16276 (OVH, FR)
PTR: ns31193669.ip-51-178-20.eu
gu.dyntrk.com
2    213.155.156.165 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-165.teliacarrier-cust.com
d5p.de17a.com
6    104.36.113.107 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
16    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    23.88.75.186 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.186.75.88.23.clients.your-server.de
csync.loopme.me
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    185.86.139.115 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
2    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    157.90.212.181 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.181.212.90.157.clients.your-server.de
matching.truffle.bid
1    37.187.69.198 (France)

ASN16276 (OVH, FR)
PTR: hg12812.cortb.pl
green.erne.co
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    72.251.241.204 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    213.19.147.44 (Utrecht, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
1    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
match.taboola.com
2    204.237.133.121 (West Chester, United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
2    141.94.170.77 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-6.cloudy.ovh
pixel.onaudience.com
2    169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
1    51.68.39.188 (France)

ASN16276 (OVH, FR)
PTR: ns3129809.ip-51-68-39.eu
dsp.nrich.ai
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.102.253.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    18.66.248.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-33.dus51.r.cloudfront.net
tags.crwdcntrl.net
1    51.158.29.13 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-158-29-13.rev.poneytelecom.eu
js.cookieless-data.com
2    3.127.178.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
ps.eyeota.net
1    104.36.113.24 (None, )

ASN- ()
simage4.pubmatic.com
1    3.125.247.50 (None, )

ASN- ()
docker.creative-serving.com
1    169.197.150.8 (None, )

ASN- ()
match.deepintent.com
1    38.27.122.126 (None, )

ASN- ()
match.bnmla.com
2    35.157.226.32 (None, )

ASN- ()
pm.w55c.net
2    35.201.96.126 (None, )

ASN- ()
visitor.fiftyt.com
1    185.64.190.87 (None, )

ASN- ()
aud.pubmatic.com
2    77.243.60.138 (None, )

ASN- ()
uipglob.semasio.net
1    54.229.167.98 (None, )

ASN- ()
rtb.gumgum.com
1    3.233.223.17 (None, )

ASN- ()
sync.ipredictive.com
1    2001:678:cb4:bbbb::13 (None, )

ASN- ()
d.turn.com
1    34.79.192.155 (None, )

ASN- ()
cr.frontend.weborama.fr
Apex Domain
Subdomains		 Transfer
53 instiengage.com
product.instiengage.com — Cisco Umbrella Rank: 23171
geoip.instiengage.com — Cisco Umbrella Rank: 25049
auth.instiengage.com — Cisco Umbrella Rank: 19345
comment.instiengage.com — Cisco Umbrella Rank: 60209
static.instiengage.com — Cisco Umbrella Rank: 27907
eua.instiengage.com — Cisco Umbrella Rank: 23258
cms.instiengage.com — Cisco Umbrella Rank: 30806
event.instiengage.com — Cisco Umbrella Rank: 27604
5 MB
44 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 453
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 446
image6.pubmatic.com — Cisco Umbrella Rank: 610
image2.pubmatic.com — Cisco Umbrella Rank: 882
simage2.pubmatic.com — Cisco Umbrella Rank: 620
image4.pubmatic.com — Cisco Umbrella Rank: 868
simage4.pubmatic.com
aud.pubmatic.com
119 KB
44 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 8057
cdn.mgid.com — Cisco Umbrella Rank: 10440
c.mgid.com — Cisco Umbrella Rank: 5828
servicer.mgid.com — Cisco Umbrella Rank: 8257
s-img.mgid.com — Cisco Umbrella Rank: 7239
cm.mgid.com — Cisco Umbrella Rank: 1117
video-native.mgid.com — Cisco Umbrella Rank: 27218
705 KB
36 thetruedefender.com
thetruedefender.com — Cisco Umbrella Rank: 788226
496 KB
34 wp.com
i0.wp.com — Cisco Umbrella Rank: 2873
c0.wp.com — Cisco Umbrella Rank: 7127
stats.wp.com — Cisco Umbrella Rank: 2718
i2.wp.com — Cisco Umbrella Rank: 6027
pixel.wp.com — Cisco Umbrella Rank: 2543
i1.wp.com — Cisco Umbrella Rank: 6386
2 MB
26 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
cm.g.doubleclick.net — Cisco Umbrella Rank: 206
pubads.g.doubleclick.net — Cisco Umbrella Rank: 478
223 KB
23 ex.co
player.ex.co — Cisco Umbrella Rank: 10579
prd-collector-anon.ex.co — Cisco Umbrella Rank: 8401
mcd.ex.co — Cisco Umbrella Rank: 11719
1 MB
22 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1690
mwzeom.zeotap.com — Cisco Umbrella Rank: 1548
7 KB
21 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1110
eus.rubiconproject.com — Cisco Umbrella Rank: 551
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1070
token.rubiconproject.com — Cisco Umbrella Rank: 669
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1170
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2452
36 KB
17 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1346
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 568
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 536
dsum.casalemedia.com — Cisco Umbrella Rank: 1319
22 KB
16 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 405
fonts.googleapis.com — Cisco Umbrella Rank: 45
2 MB
16 insticator.com
geoip.insticator.com — Cisco Umbrella Rank: 21089
b2c.insticator.com — Cisco Umbrella Rank: 17020
event.insticator.com — Cisco Umbrella Rank: 16165
dashboard.insticator.com — Cisco Umbrella Rank: 37017 Failed
92 KB
13 aralego.com
hb.aralego.com — Cisco Umbrella Rank: 14531
sync.aralego.com — Cisco Umbrella Rank: 2608
4 KB
11 ingage.tech
ex.ingage.tech — Cisco Umbrella Rank: 15447
2 KB
11 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
158 KB
10 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1694
bcp.crwdcntrl.net — Cisco Umbrella Rank: 806
sync.crwdcntrl.net — Cisco Umbrella Rank: 629
tags.crwdcntrl.net — Cisco Umbrella Rank: 1418
15 KB
10 aniview.com
player.aniview.com — Cisco Umbrella Rank: 1841
track1.aniview.com — Cisco Umbrella Rank: 1778
premiumsrv.aniview.com — Cisco Umbrella Rank: 15085
sync.aniview.com — Cisco Umbrella Rank: 2769
208 KB
9 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 287
cms.analytics.yahoo.com — Cisco Umbrella Rank: 899
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 370
6 KB
9 33across.com
ssc.33across.com — Cisco Umbrella Rank: 1486
ssc-cms.33across.com — Cisco Umbrella Rank: 905
1 KB
9 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 245
acdn.adnxs.com — Cisco Umbrella Rank: 560
secure.adnxs.com — Cisco Umbrella Rank: 436
23 KB
9 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 5180
sync.e-planning.net — Cisco Umbrella Rank: 5534
s.e-planning.net — Cisco Umbrella Rank: 6799
u-ams02.e-planning.net — Cisco Umbrella Rank: 69069
i.e-planning.net — Cisco Umbrella Rank: 6829
5 KB
8 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 285
4 KB
8 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 326
4 KB
8 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 98
101 KB
8 cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
df80k0z3fi8zg.cloudfront.net
d2s3kjdp77ms5k.cloudfront.net
111 KB
7 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2307
11 KB
7 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1309
sync.1rx.io — Cisco Umbrella Rank: 534
2 KB
6 adform.net
dmp.adform.net — Cisco Umbrella Rank: 2549
c1.adform.net — Cisco Umbrella Rank: 571
3 KB
6 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 278
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1196
4 KB
6 unrulymedia.com
tag.targeting.unrulymedia.com — Cisco Umbrella Rank: 8431
2 KB
6 gstatic.com
fonts.gstatic.com
253 KB
5 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 435
2 KB
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 489
2 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 389
mug.criteo.com — Cisco Umbrella Rank: 2685
dis.criteo.com — Cisco Umbrella Rank: 697
2 KB
5 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 841
3 KB
5 rumble.com
rumble.com — Cisco Umbrella Rank: 21659
33 KB
5 lightboxcdn.com
www.lightboxcdn.com — Cisco Umbrella Rank: 6381
140 KB
4 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 1197
sync.mathtag.com — Cisco Umbrella Rank: 438
3 KB
4 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 428
usermatch.krxd.net — Cisco Umbrella Rank: 1229
1 KB
4 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 37887
cr.frontend.weborama.fr
1 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 575
1 KB
4 avplayer.com
player.avplayer.com — Cisco Umbrella Rank: 8653
atrack.avplayer.com — Cisco Umbrella Rank: 13472
71 KB
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 602
1 KB
4 lockerdome.com
lockerdome.com — Cisco Umbrella Rank: 9475
6 KB
4 jeeng.com
users.api.jeeng.com — Cisco Umbrella Rank: 17713
telemetries.jeeng.com — Cisco Umbrella Rank: 13200
120 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 756
d.turn.com
1 KB
3 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 645
match.taboola.com — Cisco Umbrella Rank: 2157
589 B
3 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1605
741 B
3 sitescout.com
pixel.sitescout.com — Cisco Umbrella Rank: 3356
pixel-sync.sitescout.com — Cisco Umbrella Rank: 613
573 B
3 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1077
1 KB
3 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 607
2 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 7
adservice.google.com — Cisco Umbrella Rank: 76
1 KB
3 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 3444
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 4164
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 4282
17 KB
3 lockerdomecdn.com
cdn1.lockerdomecdn.com — Cisco Umbrella Rank: 12382
cdn2.lockerdomecdn.com — Cisco Umbrella Rank: 22572
21 KB
2 semasio.net
uipglob.semasio.net
1 KB
2 fiftyt.com
visitor.fiftyt.com
1 KB
2 w55c.net
pm.w55c.net
1 KB
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1036
2 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 809
1 KB
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3030
949 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 800
s.tribalfusion.com — Cisco Umbrella Rank: 2468
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5026
637 B
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1250
850 B
2 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 418
1 KB
2 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 3115
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3118
291 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 822
1 KB
2 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 183434
428 B
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 449
529 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1593
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
2 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1150
791 B
2 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1357
api.rlcdn.com — Cisco Umbrella Rank: 801
36 KB
2 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 954
85 KB
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 257
33 KB
2 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1704
sync.go.sonobi.com — Cisco Umbrella Rank: 1004
1 KB
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1149
604 B
2 rmbl.ws
sp.rmbl.ws — Cisco Umbrella Rank: 28243
17 KB
2 fastly.net
confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1571
81 KB
2 optad360.io
cmp.optad360.io — Cisco Umbrella Rank: 45226
get.optad360.io — Cisco Umbrella Rank: 26661
721 B
1 ipredictive.com
sync.ipredictive.com
522 B
1 gumgum.com
rtb.gumgum.com
209 B
1 bnmla.com
match.bnmla.com
112 B
1 deepintent.com
match.deepintent.com
44 B
1 creative-serving.com
docker.creative-serving.com
475 B
1 cookieless-data.com
js.cookieless-data.com — Cisco Umbrella Rank: 6509
535 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3728
463 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2500
534 B
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 3054
482 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1479
408 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5791
277 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 13770
326 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6371
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 626
163 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 587
497 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 977
217 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1450
307 B
1 mookie1.com
odr.mookie1.com
324 B
1 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 1707
546 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 434
378 B
1 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 19073
272 B
1 bemail.it
bn01.er.bemail.it — Cisco Umbrella Rank: 141312
659 B
1 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 7620
324 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 11724
411 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1485
351 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2945
585 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1269
528 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1184
297 B
1 brealtime.com
biddr.brealtime.com — Cisco Umbrella Rank: 2662
1 KB
1 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 7743
1 KB
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1600
112 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1469
596 B
1 google.de
www.google.de — Cisco Umbrella Rank: 5640
501 B
1 wordpress.com
public-api.wordpress.com — Cisco Umbrella Rank: 7353
3 KB
1 azurewebsites.net
lightboxapi.azurewebsites.net — Cisco Umbrella Rank: 7214
578 B
1 emxdgt.com
hb.emxdgt.com — Cisco Umbrella Rank: 1840
161 B
1 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 1651
36 KB
1 pushengage.com
clientcdn.pushengage.com — Cisco Umbrella Rank: 16443
21 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 70
38 KB
0 ib-ibi.com Failed
global.ib-ibi.com Failed
566 119
Domain Requested by
36 thetruedefender.com thetruedefender.com
c0.wp.com
28 static.instiengage.com thetruedefender.com
comment.instiengage.com
22 s-img.mgid.com
16 simage2.pubmatic.com ads.pubmatic.com
15 mwzeom.zeotap.com spl.zeotap.com
sync.e-planning.net
15 mcd.ex.co player.avplayer.com
player.ex.co
14 c0.wp.com thetruedefender.com
12 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
ssum-sec.casalemedia.com
12 dashboard.insticator.com d3lcz8vpax4lo2.cloudfront.net
dashboard.insticator.com
11 cm.g.doubleclick.net 8 redirects ssum.casalemedia.com
spl.zeotap.com
bcp.crwdcntrl.net
11 ex.ingage.tech 2 redirects df80k0z3fi8zg.cloudfront.net
ssum-sec.casalemedia.com
sync.e-planning.net
11 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
rumble.com
dashboard.insticator.com
10 imasdk.googleapis.com rumble.com
imasdk.googleapis.com
player.aniview.com
8 x.bidswitch.net 8 redirects
8 match.adsrvr.org 5 redirects ads.pubmatic.com
ssum.casalemedia.com
8 event.instiengage.com product.instiengage.com
comment.instiengage.com
8 pagead2.googlesyndication.com srcdoc
8 comment.instiengage.com 3 redirects comment.instiengage.com
8 i2.wp.com thetruedefender.com
7 sync.aralego.com 7 redirects
7 a.audrte.com 3 redirects sync.e-planning.net
a.audrte.com
7 spl.zeotap.com df80k0z3fi8zg.cloudfront.net
spl.zeotap.com
sync.e-planning.net
ads.pubmatic.com
7 pubads.g.doubleclick.net imasdk.googleapis.com
7 prd-collector-anon.ex.co player.ex.co
7 cdn.mgid.com jsc.mgid.com
6 image2.pubmatic.com ads.pubmatic.com
6 sync.crwdcntrl.net 2 redirects ssum-sec.casalemedia.com
bcp.crwdcntrl.net
6 image6.pubmatic.com 1 redirects ads.pubmatic.com
spl.zeotap.com
6 d2s3kjdp77ms5k.cloudfront.net
6 prebid-server.rubiconproject.com player.aniview.com
6 tag.targeting.unrulymedia.com player.aniview.com
6 eus.rubiconproject.com player.aniview.com
eus.rubiconproject.com
sync.e-planning.net
ex.ingage.tech
6 track1.aniview.com player.aniview.com
6 fonts.gstatic.com fonts.googleapis.com
6 fonts.googleapis.com client
comment.instiengage.com
6 ssc.33across.com df80k0z3fi8zg.cloudfront.net
6 ib.adnxs.com 2 redirects df80k0z3fi8zg.cloudfront.net
acdn.adnxs.com
spl.zeotap.com
6 hb.aralego.com df80k0z3fi8zg.cloudfront.net
6 hbopenbid.pubmatic.com df80k0z3fi8zg.cloudfront.net
player.aniview.com
6 ads.pubmatic.com d3lcz8vpax4lo2.cloudfront.net
player.aniview.com
df80k0z3fi8zg.cloudfront.net
sync.e-planning.net
ads.pubmatic.com
6 jsc.mgid.com thetruedefender.com
jsc.mgid.com
5 pixel.tapad.com 4 redirects spl.zeotap.com
5 match.prod.bidr.io 5 redirects
5 stats.g.doubleclick.net lockerdome.com
www.google-analytics.com
5 tag.1rx.io df80k0z3fi8zg.cloudfront.net
player.aniview.com
5 onetag-sys.com df80k0z3fi8zg.cloudfront.net
sync.e-planning.net
5 rumble.com thetruedefender.com
rumble.com
5 www.lightboxcdn.com thetruedefender.com
www.lightboxcdn.com
4 c1.adform.net 2 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
4 pr-bh.ybp.yahoo.com 2 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
4 ups.analytics.yahoo.com 3 redirects ssum-sec.casalemedia.com
4 sync-tm.everesttech.net 4 redirects
4 s.amazon-adsystem.com 2 redirects ssum.casalemedia.com
4 ap.lijit.com df80k0z3fi8zg.cloudfront.net
player.aniview.com
4 i1.wp.com thetruedefender.com
4 lockerdome.com cdn2.lockerdomecdn.com
4 i0.wp.com thetruedefender.com
3 sync.mathtag.com 3 redirects
3 beacon.krxd.net spl.zeotap.com
bcp.crwdcntrl.net
3 idsync.frontend.weborama.fr 2 redirects
3 u-ams02.e-planning.net sync.e-planning.net
ssum.casalemedia.com
ads.pubmatic.com
3 sync.richaudience.com 1 redirects sync.e-planning.net
spl.zeotap.com
3 ssc-cms.33across.com df80k0z3fi8zg.cloudfront.net
3 px.owneriq.net 2 redirects ssum.casalemedia.com
3 token.rubiconproject.com eus.rubiconproject.com
3 securepubads.g.doubleclick.net d3lcz8vpax4lo2.cloudfront.net
securepubads.g.doubleclick.net
3 id5-sync.com ads.pubmatic.com
player.aniview.com
df80k0z3fi8zg.cloudfront.net
3 secure-assets.rubiconproject.com 3 redirects
3 ssum.casalemedia.com 1 redirects player.aniview.com
sync.e-planning.net
3 atrack.avplayer.com
3 servicer.mgid.com jsc.mgid.com
2 uipglob.semasio.net 1 redirects
2 visitor.fiftyt.com 2 redirects
2 pm.w55c.net 2 redirects
2 ps.eyeota.net
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 pixel.onaudience.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 sync.1rx.io 2 redirects
2 d5p.de17a.com 2 redirects
2 gu.dyntrk.com 2 redirects
2 pixel-sync.sitescout.com ssum.casalemedia.com
ads.pubmatic.com
2 pixel.quantserve.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 ad.turn.com 2 redirects
2 secure.adnxs.com 1 redirects ssum-sec.casalemedia.com
2 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 2 redirects
2 tags.bluekai.com spl.zeotap.com
bcp.crwdcntrl.net
2 aax-eu.amazon-adsystem.com 1 redirects
2 bcp.crwdcntrl.net 1 redirects tags.crwdcntrl.net
2 dsp.adfarm1.adition.com 2 redirects
2 dpm.demdex.net 2 redirects
2 sync.tidaltv.com 2 redirects
2 trc.taboola.com 1 redirects spl.zeotap.com
2 dmp.adform.net 1 redirects spl.zeotap.com
2 s.e-planning.net sync.e-planning.net
2 adservice.google.com imasdk.googleapis.com
2 pixel-us-east.rubiconproject.com eus.rubiconproject.com
2 player.aniview.com player.ex.co
player.aniview.com
2 video-native.mgid.com jsc.mgid.com
video-native.mgid.com
2 cm.mgid.com jsc.mgid.com
2 c.mgid.com jsc.mgid.com
2 use.fontawesome.com client
use.fontawesome.com
2 mug.criteo.com thetruedefender.com
2 gum.criteo.com 1 redirects
2 s0.2mdn.net imasdk.googleapis.com
2 eua.instiengage.com auth.instiengage.com
2 ads.us.e-planning.net 1 redirects thetruedefender.com
2 prebid.a-mo.net 1 redirects df80k0z3fi8zg.cloudfront.net
2 sp.rmbl.ws rumble.com
2 event.insticator.com d3lcz8vpax4lo2.cloudfront.net
2 confiant-integrations.global.ssl.fastly.net d3lcz8vpax4lo2.cloudfront.net
confiant-integrations.global.ssl.fastly.net
2 telemetries.jeeng.com users.api.jeeng.com
2 auth.instiengage.com product.instiengage.com
auth.instiengage.com
2 geoip.instiengage.com product.instiengage.com
2 pixel.wp.com thetruedefender.com
2 stats.wp.com thetruedefender.com
2 cdn1.lockerdomecdn.com thetruedefender.com
cdn1.lockerdomecdn.com
2 product.instiengage.com thetruedefender.com
product.instiengage.com
2 users.api.jeeng.com thetruedefender.com
users.api.jeeng.com
1 cr.frontend.weborama.fr 1 redirects
1 d.turn.com 1 redirects
1 sync.ipredictive.com 1 redirects
1 rtb.gumgum.com
1 aud.pubmatic.com
1 match.bnmla.com ads.pubmatic.com
1 match.deepintent.com ads.pubmatic.com
1 docker.creative-serving.com 1 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 js.cookieless-data.com s.e-planning.net
1 tags.crwdcntrl.net s.e-planning.net
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 ads.playground.xyz 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 match.adsby.bidtheatre.com 1 redirects
1 dsp.nrich.ai 1 redirects
1 match.taboola.com ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 green.erne.co 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 rtb-csync.smartadserver.com ads.pubmatic.com
1 bh.contextweb.com 1 redirects
1 csync.loopme.me 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 sync.adotmob.com 1 redirects
1 dsum.casalemedia.com ssum.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 odr.mookie1.com cdn.aralego.net
1 i.e-planning.net sync.e-planning.net
1 sync.extend.tv 1 redirects
1 usermatch.krxd.net 1 redirects
1 pixel.mathtag.com 1 redirects
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 rtb.openx.net sync.e-planning.net
1 pixel.sitescout.com sync.e-planning.net
1 sync.go.sonobi.com
1 inv-nets.admixer.net 1 redirects
1 cs.admanmedia.com 1 redirects
1 sync.technoratimedia.com
1 biddr.brealtime.com df80k0z3fi8zg.cloudfront.net
1 sync.e-planning.net df80k0z3fi8zg.cloudfront.net
1 acdn.adnxs.com df80k0z3fi8zg.cloudfront.net
1 ssum-sec.casalemedia.com df80k0z3fi8zg.cloudfront.net
1 cdn.aralego.net df80k0z3fi8zg.cloudfront.net
1 sync.aniview.com ssum.casalemedia.com
1 d.adroll.com 1 redirects
1 api.rlcdn.com ads.pubmatic.com
1 id.crwdcntrl.net ads.pubmatic.com
1 premiumsrv.aniview.com player.aniview.com
1 geo.privacymanager.io ats.rlcdn.com
1 ats.rlcdn.com ads.pubmatic.com
1 player.avplayer.com player.ex.co
1 player.ex.co cdn.mgid.com
1 www.google.de thetruedefender.com
1 www.google.com thetruedefender.com
1 signal-beacon.s-onetag.com get.s-onetag.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 cms.instiengage.com product.instiengage.com
1 get.s-onetag.com d3lcz8vpax4lo2.cloudfront.net
1 public-api.wordpress.com thetruedefender.com
1 lightboxapi.azurewebsites.net www.lightboxcdn.com
1 hb.emxdgt.com df80k0z3fi8zg.cloudfront.net
1 apex.go.sonobi.com df80k0z3fi8zg.cloudfront.net
1 df80k0z3fi8zg.cloudfront.net d3lcz8vpax4lo2.cloudfront.net
1 b2c.insticator.com d3lcz8vpax4lo2.cloudfront.net
1 geoip.insticator.com d3lcz8vpax4lo2.cloudfront.net
1 secure.gravatar.com thetruedefender.com
1 cdn2.lockerdomecdn.com thetruedefender.com
1 d3lcz8vpax4lo2.cloudfront.net thetruedefender.com
1 clientcdn.pushengage.com thetruedefender.com
1 get.optad360.io thetruedefender.com
1 cmp.optad360.io thetruedefender.com
1 www.googletagmanager.com thetruedefender.com
0 global.ib-ibi.com Failed bcp.crwdcntrl.net
566 202
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-12-05 -
2022-12-04		 a year crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
jeeng.com
Cloudflare Inc ECC CA-3		 2021-09-13 -
2022-09-12		 a year crt.sh
*.instiengage.com
Sectigo RSA Organization Validation Secure Server CA		 2021-05-28 -
2022-05-28		 a year crt.sh
*.optad360.io
Amazon		 2021-11-17 -
2022-12-15		 a year crt.sh
ssl1029400.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2021-07-06 -
2022-06-30		 a year crt.sh
*.lockerdomecdn.com
Amazon		 2022-01-25 -
2023-02-23		 a year crt.sh
*.pushengage.com
Amazon		 2022-02-18 -
2023-03-17		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.rumble.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-11 -
2022-12-07		 a year crt.sh
telemetries.jeeng.com
GTS CA 1D4		 2022-02-12 -
2022-05-13		 3 months crt.sh
*.lockerdome.com
Go Daddy Secure Certificate Authority - G2		 2021-09-27 -
2022-10-29		 a year crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-11-16		 2 years crt.sh
*.insticator.com
Sectigo RSA Organization Validation Secure Server CA		 2021-08-11 -
2022-08-25		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
sp.rmbl.ws
R3		 2022-04-02 -
2022-07-01		 3 months crt.sh
*.ingage.tech
Sectigo RSA Organization Validation Secure Server CA		 2021-07-15 -
2022-07-18		 a year crt.sh
*.a-mo.net
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
*.emxdgt.com
Amazon		 2021-07-02 -
2022-07-31		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2022-03-22 -
2022-06-20		 3 months crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
*.azurewebsites.net
Microsoft Azure TLS Issuing CA 01		 2022-03-14 -
2023-03-09		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.wordpress.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-12 -
2022-11-14		 2 years crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-04 -
2022-05-03		 3 months crt.sh
*.s-onetag.com
Amazon		 2022-01-04 -
2023-02-01		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.mgid.com
Go Daddy Secure Certificate Authority - G2		 2021-09-13 -
2022-10-15		 a year crt.sh
*.ex.co
Go Daddy Secure Certificate Authority - G2		 2021-11-06 -
2022-11-06		 a year crt.sh
outstreamedia.com
R3		 2022-02-27 -
2022-05-28		 3 months crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-12-30 -
2023-01-03		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.privacymanager.io
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-05-09		 2 years crt.sh
*.id5-sync.com
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.e-planning.net
R3		 2022-03-09 -
2022-06-07		 3 months crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2022-01-21 -
2023-02-22		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-17 -
2022-10-05		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.audrte.com
Amazon		 2022-02-24 -
2023-03-24		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-29 -
2022-12-30		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-06-07		 a year crt.sh
dmp.theadex.com
R3		 2022-03-16 -
2022-06-14		 3 months crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-11 -
2023-03-10		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-11 -
2022-07-06		 6 months crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2022-02-23 -
2023-02-03		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
truffle.bid
R3		 2022-01-17 -
2022-04-17		 3 months crt.sh
*.iprom.net
R3		 2022-03-24 -
2022-06-22		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.cookieless-data.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-23 -
2023-03-22		 a year crt.sh
*.eyeota.net
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2		 2021-12-30 -
2023-01-31		 a year crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh

This page contains 92 frames:

Primary Page: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Frame ID: 61669BD61150CBF387076A7A2A811496
Requests: 264 HTTP requests in this frame

Frame: https://rumble.com/embed/vrzg9l/?pub=4
Frame ID: 6323EA37EDD06FFE4FF9CE9AF6FB0E0F
Requests: 10 HTTP requests in this frame

Frame: https://auth.instiengage.com/auth/index.html
Frame ID: 693C1CF4E305B30E54C609991A77525A
Requests: 3 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/d56c8b33-6eec-4054-9841-ba2ee261125f/lightbox.js?mb=1649111634834&lv=1
Frame ID: A03C35D78E1A89510DCBDEA508108723
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/14731549484471654?pubid=ld-2653-3530&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Frame ID: 5D179C3FEC1684A8FDCD42541FF87B5F
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13997836195017830?pubid=ld-5318-880&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Frame ID: 4C7E71DB3455FF72100C697D804F3BAF
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/14009642120598886?pubid=ld-183-4563&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Frame ID: B50B4C13C23B7D9BCB2D84F6E7D45952
Requests: 2 HTTP requests in this frame

Frame: https://b2c.insticator.com/v3/pages/usertracking
Frame ID: E281C9BB2BFE9B04BA677F1B0C9F99BC
Requests: 1 HTTP requests in this frame

Frame: https://lockerdome.com/lad/14447308783736934?pubid=ld-14447308783736934&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=1560
Frame ID: A9128E223A0E7A229884956F3881D72D
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.509.0_en.html
Frame ID: 5F805AF3C72EE6606F554E347C144C0B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: C6B8B04166DDAA85B03D94576AF54E5F
Requests: 1 HTTP requests in this frame

Frame: https://product.instiengage.com/ceu-code/82ca0152-0a92-4175-bac5-63889a43274b.js
Frame ID: 2FD0FA617E8CCCAA0EF3F20CCC63FFB9
Requests: 18 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1649111636504482769882
Frame ID: BF4EAC7CA4209411DBD073C70A62092A
Requests: 1 HTTP requests in this frame

Frame: https://comment.instiengage.com/live/comments/api/page?pageUrl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&pageTitle=Angelina%20Jolie%20Admits%20Participation%20In%20Satanic%20Ritual%3F!%20-%20The%20True%20Defender%20!&integrationId=da433b6f-da8b-48a9-a735-7373e57d2199&extPageId={extPageId}&contentId=635d57c6-8f87-4eba-aa3b-b841f6299732&sessionUUID=d4aecf45-fcc6-477d-88d8-b1d4ef214231&frameUuid=e0d484c0-37fa-479c-85d9-662d0cceb6ae
Frame ID: 34A13904032BF7311D9B4711504DDE03
Requests: 27 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Frame ID: C41ECDFF05840FD73EED5D2B375F0944
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1649111638245-943256073884-007731-002-005079%26biddername%3D1%26key%3D
Frame ID: C740E1071F6A31609812963958812354
Requests: 2 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1649111638245-943256073884-007731-002-005079%26biddername%3D42%26key%3D&s=190719&C=1
Frame ID: B6B9E271E600686CA3EFB0B2E915E497
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Frame ID: C3EE7309143B0FBBF2E26DE95473E774
Requests: 4 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1649111638245-943256073884-007731-002-005079%26biddername%3D18%26key%3D%24UID
Frame ID: 6D7C9F3517CFA0D02B366E654AE80EE6
Requests: 1 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Frame ID: 5B2948ABF328F5151E66E1335E298A56
Requests: 1 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Frame ID: A9282ABCEF63970D36890C4AA0BCF896
Requests: 3 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Frame ID: 481FC6CAFD447351E53253D69E7F9087
Requests: 1 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Frame ID: 6E7FAE13B944BB2948370D3E76848366
Requests: 3 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Frame ID: 035450C1F94DB93B77688D08C140429C
Requests: 1 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Frame ID: FB78424DDEDB327B2DEA7EA4195F8802
Requests: 3 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Frame ID: ABA8D5CD2098106A50188C26249C4EDA
Requests: 1 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Frame ID: A4FA44468A0A197190B9302121B84AE2
Requests: 3 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Frame ID: 0965692C4A44B1EA8BF049DCDA895EBA
Requests: 1 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Frame ID: C9CD21244DE8086766966521E8500BCC
Requests: 3 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Frame ID: 1E10D39BEE31D199133863C6F299C6B5
Requests: 1 HTTP requests in this frame

Frame: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Frame ID: A69CEF5A5B5D7E068B327AEE205574D7
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.509.0_en.html
Frame ID: 79EED193E0AD00F4B234A5DB15054EA7
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.509.0_en.html
Frame ID: 171E89AEE29D4A1038DB32E1891E1027
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.509.0_en.html
Frame ID: 29400323357E599DB0E0CC401A3ED2D6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5D6238C1CBB22A0C99A7261C2281DBA7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 1AC3E97F5B2A519CEBEA82F49026354F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 525C4866D5C629D2684858A85791FF75
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Frame ID: F1A5FD1EA5C3193AE7627EACB82D8A97
Requests: 9 HTTP requests in this frame

Frame: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&pageTitle=Angelina%20Jolie%20Admits%20Participation%20In%20Satanic%20Ritual%3F!%20-%20The%20True%20Defender%20!&integrationId=da433b6f-da8b-48a9-a735-7373e57d2199&noAccelerate=true&sessionUUID=d4aecf45-fcc6-477d-88d8-b1d4ef214231&frameUuid=5fb6b2fe-4df8-453e-841e-d492965cddcf
Frame ID: DFA1A7B289793E99725B02BF39581AB6
Requests: 20 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: BA2B06802B3D09CF47D3F4436FC2B878
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Ff80a0650-9f32-4810-a791-ad2eb56e62d3%3Fuid%3D
Frame ID: 9D7AD7D469829617FE687D514AF5FF50
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 292D2B8583E0DC9D7CDA07451D9D66BF
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406715
Frame ID: AB057D0DF610DB5ADC7689026D440B61
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1649111635502
Frame ID: 9DC30ECB0CEAA388DC4BD1E768EE0DCF
Requests: 1 HTTP requests in this frame

Frame: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2Ff80a0650-9f32-4810-a791-ad2eb56e62d3%3Fuid%3D%24UID
Frame ID: 9FA354980A98798CC3D8D342A669134E
Requests: 12 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 9892E0098446FA4BE07C1ED7D53DFB03
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361&cmp=0
Frame ID: 820A01DCBE6918CDC2BE60DB0627D5F3
Requests: 30 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Frame ID: F547B90E301F01D4A91C3C61FDF83229
Requests: 5 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps?m=xch&rt=html&id=0010b00001rrPUnAAM&ru=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2F33across%2Ff80a0650-9f32-4810-a791-ad2eb56e62d3%3Fuid%3D33XUSERID33X
Frame ID: 3A720BC5313B059716A824BE6F4A1F77
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Frame ID: C6D1EB42184D667C573B27D3E10EF43C
Requests: 21 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bAsyo8U7Or6PeLaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 08B64743F2041B802F71C042F55749F4
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5649f68000b2f63&gdpr_consent=%7Cf80a0650-9f32-4810-a791-ad2eb56e62d3&gdpr=0
Frame ID: 4035D2EFA5149214C19BEBC0029083C6
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=atx4xsU7Or6R0PaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 275032E753FDEF78D855090347BAA5A9
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 546C32159D3D16B4430BE2301474B7AF
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D16c709670005682a%26uid%3D
Frame ID: 9B18D80D561FF41F95A44D7E98DAD7AC
Requests: 4 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D16c709670005682a%26uid%3D
Frame ID: ED418000556D37127765DD8E658E3EE8
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: A72ECEF574255ED90788D97C0F8B8901
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 576E807930DB110F478514A75A8062CA
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=438f8644-d869-422d-69ee-936ab5554f2d&zdid=1361&cmp=0
Frame ID: 34014F233115A1A72329969A24AACBBA
Requests: 4 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A1295F5F-02C9-4604-9366-45002358F767
Frame ID: C361AC6EFB121AD66F333A47166A16E8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8031219224026110045
Frame ID: 13C72FA94097BC6F02444E1E94554446
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:49d7624b-7259-4600-b959-966676ca4e53&gdpr=0&gdpr_consent=
Frame ID: E33A34127D50AE7E7EB6824D81DECDA5
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 9008E49C1A4360F93D1889F432DF33FC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7082880565563226266
Frame ID: C208324B687272D6B7690969FD01C76A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YktyVgASWkuzKABH&gdpr=0&gdpr_consent=
Frame ID: 21C4BFD7C9A0B692F710E43E926F212C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 8E92B3F4EE2F67C8DCC5130C5872CFEB
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACDRE7EluUAADWf2PZMsQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Frame ID: 03F1C44CC98AB59B368E75FFDD93C8DE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=upkfSp34RpVekGFYlSdXh8EbDiw
Frame ID: 98CF02B1F237D33C960341726D5AE56F
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 2B751EB705E17B96011B3199A3437848
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: A216B0AFA38DB7CBB89541DE184EBBB4
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=L0pbRrn6WoIdFjOqnO0wYl7K
Frame ID: A368019C0921FF127621B46D5F45867C
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 6405F86BE10F8F7D279651655EC0CE25
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: F1C5AD782F25FDE5DD48036C5D8C1368
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Frame ID: 337DAA27C4D307EFD61FF21DFB63DEB1
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=e13032f3-b54a-4bfc-9747-64898995a261-tuct944f7d9&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: EAB705D6CB8F9353FB19283110231AE9
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 305BAF1A71FF61C73A8B999104DABA01
Requests: 2 HTTP requests in this frame

Frame: https://ex.ingage.tech/v1/sync/eplanning/f80a0650-9f32-4810-a791-ad2eb56e62d3?uid=AG3ygzsXQd8IMMaA
Frame ID: 73D2DFCEE8D8A7676E39893DFC8B7BBF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=e1dc98df-a0a4-40e0-b408-39c25eff58bc
Frame ID: 023F53F4A753B85D68289926D75FF570
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: EE1067E8D230C575A6A47BF2264FC472
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 623BE637083500943A4976B155F2A9B7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:RMGDpqcX1NBvgU5&gdpr=0&gdpr_consent=
Frame ID: B5EEE5CA9FDF8FE9A04AC21D084532A7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2EF48AF89C9F4EFB80BC582F12D1AA59
Frame ID: E5917F47EA9A5C7D5390A7439CFDACB7
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.509.0_en.html
Frame ID: D1A03660EE3072E814C25F705048E3F4
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.509.0_en.html
Frame ID: 58A14055834619B65FCE96A867DC456D
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.509.0_en.html
Frame ID: 36FA4AF45313D7D938BAED994CEF0B84
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.509.0_en.html
Frame ID: C6C75110F7242336FDBF9023DE3573B2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E3ADB8A1D63A6DA881186F84067CAF3B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: AEF416FC9F67871641259789A5504228
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 30ECC809D72A8BD2959FFDD91E40900E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D56C527D1E656BCEF5943661917FC556
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=15238/rand=238291225/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20thetruedefender.com/rt=ifr
Frame ID: 560CAB45A6BC571336CA7E376F87812A
Requests: 7 HTTP requests in this frame

Frame: https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=16c709670005682a&uid=A1295F5F-02C9-4604-9366-45002358F767
Frame ID: AF5F48C0CE936CEEFF8A266F5006BD7C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Angelina Jolie Admits Participation In Satanic Ritual?! - The True Defender !SearchClose search results

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • clientcdn\.pushengage\.\w+/core
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

566
Requests

86 %
HTTPS

24 %
IPv6

119
Domains

202
Subdomains

134
IPs

14
Countries

13643 kB
Transfer

27610 kB
Size

121
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 108
  • https://comment.instiengage.com/live/loader/loader.js HTTP 301
  • https://static.instiengage.com/app-loader/static/loader.js
Request Chain 123
  • https://ads.us.e-planning.net/pbjs/1/25987/1/thetruedefender.com/ROS?rnd=0.17482487082824005&e=300x250_0%3A300x250%2C336x280%2C320x50%2C320x100%2B300x250_1%3A300x250%2C336x280%2C320x50%2C320x100%2B300x250_2%3A300x250%2C336x280%2C320x50%2C320x100%2B300x250_3%3A300x250%2C336x280%2C320x50%2C320x100%2B300x250_4%3A300x250%2C336x280%2C320x50%2C320x100%2B300x250_5%3A300x250%2C336x280%2C320x50%2C320x100&ur=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&pbv=4.43.4&ncb=1&vs=FFFFFF&crs=UTF-8&fr=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F HTTP 302
  • https://ads.us.e-planning.net/hb/1/25987/1/thetruedefender.com/ROS?ct=1&r=pbjs&rnd=0.17482487082824005&e=300x250_0%3A300x250%2C336x280%2C320x50%2C320x100%2B300x250_1%3A300x250%2C336x280%2C320x50%2C320x100%2B300x250_2%3A300x250%2C336x280%2C320x50%2C320x100%2B300x250_3%3A300x250%2C336x280%2C320x50%2C320x100%2B300x250_4%3A300x250%2C336x280%2C320x50%2C320x100%2B300x250_5%3A300x250%2C336x280%2C320x50%2C320x100&ur=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&pbv=4.43.4&ncb=1&vs=FFFFFF&crs=UTF-8&fr=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F
Request Chain 154
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthetruedefender.com%2F&domain=thetruedefender.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=L1bDQnx6dUgyZzlaVHRVaDRLWWtnYXd5anc5OGJpeHVxc1dkc29lcnpxV2FxQ3huZUU1bVg4Z3loVml3TlZvUytZSkdFcElhNGZoYmY2T0YyYldBeFY1K0s5Z1BHZFNVeS93NkN5b0dSMjY2QTF5WXVMbWxrYVIvTkpLcU1jWUxLYUUvNzhLVzNZNkNHL2VEb2Rib25VL2hvMncvWlRHbFJSNDdEZ0d0UGVkcmRUamNqOUtOV1hMWStvRDJWc2ZSS0RHNHF3MXFmNy9rZFhiLy9ZMGx6TEZ1OWxPL3A2OS9nU0JucnJaZHNDcS9iTFYwVDBRRmlQalNSK05rV1NveWxmVy9xfA&cppv=2
Request Chain 256
  • https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1649111638245-943256073884-007731-002-005079%26biddername%3D42%26key%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1649111638245-943256073884-007731-002-005079%26biddername%3D42%26key%3D&s=190719&C=1
Request Chain 257
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Request Chain 299
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YktyVpZBRnjg0Bbiom4IrAAABIYAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YktyVpZBRnjg0Bbiom4IrAAABIYAAAIB&dcc=t
Request Chain 300
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YktyVpZBRnjg0Bbiom4IrAAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YktyVpZBRnjg0Bbiom4IrAAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELUi1cKf3PW61Bs9G____ts&google_cver=1&gdpr=1
Request Chain 303
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACDRE7EluUAADWf2PZMsQ&expiration=1650321238&gdpr=1
Request Chain 304
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YktyVgASWkuzKABH HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YktyVgASWkuzKABH&gdpr=1&_test=YktyVgASWkuzKABH
Request Chain 305
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 306
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7023980391279563944&uid=Q7023980391279563944&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 348
  • https://comment.instiengage.com/live/comments/static/app.js?v=0.0.72 HTTP 301
  • https://static.instiengage.com/app-comments/app.js?v=0.0.72
Request Chain 386
  • https://comment.instiengage.com/live/community/static/app.js?v=0.0.42 HTTP 301
  • https://static.instiengage.com/app-community/app.js?v=0.0.42
Request Chain 408
  • https://cs.admanmedia.com/sync/insticator_ssp?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Facuityads%2Ff80a0650-9f32-4810-a791-ad2eb56e62d3%3Fuid%3D%7B%24UID%7D HTTP 302
  • https://ex.ingage.tech/v1/sync/acuityads/f80a0650-9f32-4810-a791-ad2eb56e62d3?uid=44d17cb904af046e2d709ec8e7a82e43925731c8
Request Chain 409
  • https://x.bidswitch.net/sync?ssp=insticator&custom_data=f80a0650-9f32-4810-a791-ad2eb56e62d3 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=insticator&custom_data=f80a0650-9f32-4810-a791-ad2eb56e62d3 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dinsticator%26bsw_param%3D8fa858c4-3ead-4827-bd8e-a20205159fb9%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=ae4b42bd391840af856b4b83e5d5e34b&ssp=insticator&bsw_param=8fa858c4-3ead-4827-bd8e-a20205159fb9&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://ex.ingage.tech/v1/sync/bidswitch/f80a0650-9f32-4810-a791-ad2eb56e62d3?uid=8fa858c4-3ead-4827-bd8e-a20205159fb9&gdpr=&gdpr_consent=&us_privacy=
Request Chain 413
  • https://prebid.a-mo.net/cchain/0?gdpr=0&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Famx%2Ff80a0650-9f32-4810-a791-ad2eb56e62d3%3Fuid%3D HTTP 302
  • https://ex.ingage.tech/v1/sync/amx/f80a0650-9f32-4810-a791-ad2eb56e62d3?uid=eefe903e-f547-4e12-b160-93eb795c363e&gdpr=0
Request Chain 414
  • https://ex.ingage.tech/v1/syncPage/yahoo?userId=f80a0650-9f32-4810-a791-ad2eb56e62d3&to=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58602%2Focc HTTP 302
  • https://ups.analytics.yahoo.com/ups/58602/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58602/occ?verify=true HTTP 302
  • https://ex.ingage.tech/v1/syncPage/yahoo?uid=y-aoUABRxE2uE7SvKRMbdozmhrgSqpLXP_6NiOX1M-~A HTTP 302
  • https://ex.ingage.tech/v1/sync/yahoo/f80a0650-9f32-4810-a791-ad2eb56e62d3?uid=y-aoUABRxE2uE7SvKRMbdozmhrgSqpLXP_6NiOX1M-~A
Request Chain 419
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D16c709670005682a HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fsync.e-planning.net%2F
Request Chain 420
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D16c709670005682a%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=16c709670005682a&uid=4561750498577447606
Request Chain 424
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df2daaf28-cf87-4bc6-7afb-3bddac0b1aa2%26reqId%3De33d3ca6-ced1-4104-72f2-4cad43ec9374%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df2daaf28-cf87-4bc6-7afb-3bddac0b1aa2%26reqId%3De33d3ca6-ced1-4104-72f2-4cad43ec9374%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=dd6f97d6-002e-46f5-ba40-ab50e5822bd9&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
Request Chain 426
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df2daaf28-cf87-4bc6-7afb-3bddac0b1aa2%26reqId%3De33d3ca6-ced1-4104-72f2-4cad43ec9374%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=b8eb005d-f98a-429e-9a28-2eca98b7a02c&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
Request Chain 430
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=660265f8-7c2e-45f1-9e66-2f0d66fb8da9&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 431
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df2daaf28-cf87-4bc6-7afb-3bddac0b1aa2%26reqId%3De33d3ca6-ced1-4104-72f2-4cad43ec9374%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df2daaf28-cf87-4bc6-7afb-3bddac0b1aa2%26reqId%3De33d3ca6-ced1-4104-72f2-4cad43ec9374%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=90028394726646917450871788997285788326&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
Request Chain 433
  • https://bn01.er.bemail.it/zeotap.php?_bid=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022040500-27977-0.216226001649111621-6dacf9bac3d1baf0ff8c0a5f482a0f9c&zdid=533&env=mWeb
Request Chain 434
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df2daaf28-cf87-4bc6-7afb-3bddac0b1aa2%26reqId%3De33d3ca6-ced1-4104-72f2-4cad43ec9374%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7082880565563226266&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
Request Chain 435
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2
Request Chain 436
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df2daaf28-cf87-4bc6-7afb-3bddac0b1aa2%26reqId%3De33d3ca6-ced1-4104-72f2-4cad43ec9374%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df2daaf28-cf87-4bc6-7afb-3bddac0b1aa2%26reqId%3De33d3ca6-ced1-4104-72f2-4cad43ec9374%26zdid%3D1361&bounce=1&random=115341189 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=pbqzVOhQrmZbf9vbFBoz2e&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
Request Chain 438
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=fb9d6148be821578bfae6bf32c420898&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
Request Chain 439
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-YWCkir5E2opqsiLzi74rMvUBTWvm.nO3oQ--~A&zpartnerid=570&env=mWeb
Request Chain 440
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=5BYANHpBhdxrKdY8ddfrYbG9vqsuQsRd%2BS41iYitP1U%3D
Request Chain 443
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df2daaf28-cf87-4bc6-7afb-3bddac0b1aa2%26reqId%3De33d3ca6-ced1-4104-72f2-4cad43ec9374%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YktyVgASWkuzKABH&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
Request Chain 444
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df2daaf28-cf87-4bc6-7afb-3bddac0b1aa2%26reqId%3De33d3ca6-ced1-4104-72f2-4cad43ec9374%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=a531624b-725a-4c00-918c-7e97be19413b&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
Request Chain 445
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
Request Chain 446
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361&dcc=t
Request Chain 448
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df2daaf28-cf87-4bc6-7afb-3bddac0b1aa2%26reqId%3De33d3ca6-ced1-4104-72f2-4cad43ec9374%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
Request Chain 452
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3527854499195768663
Request Chain 454
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=f035df18-8a5b-4be0-ab93-b3510091b5b2
Request Chain 456
  • https://sync.crwdcntrl.net/qmap?c=6725&tp=INDX&tpid=YktyVpZBRnjg0Bbiom4IrAAA%261158&gdpr=1&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=6725&tp=INDX&tpid=YktyVpZBRnjg0Bbiom4IrAAA%261158&gdpr=1&gdpr_consent=&us_privacy=&ct=y
Request Chain 457
  • https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=vVRBRK0NT2xMwyPpKSCS_MEbDiw
Request Chain 459
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 465
  • https://sync.aralego.com/idsync HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/a6d1eea6-c987-4a3f-ad57-d462b8d19818?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-JE6fw6VE2oWSv3QPTP3rbx8eB.v9BHKHOWuKcP0-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=b8eb005d-f98a-429e-9a28-2eca98b7a02c HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/a6d1eea6-c987-4a3f-ad57-d462b8d19818?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-JE6fw6VE2oWSv3QPTP3rbx8eB.v9BHKHOWuKcP0-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=b8eb005d-f98a-429e-9a28-2eca98b7a02c HTTP 302
  • https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=a6d1eea6-c987-4a3f-ad57-d462b8d19818&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=ucfunnel&bsw_param=8fa858c4-3ead-4827-bd8e-a20205159fb9&google_hm=OGZhODU4YzQtM2VhZC00ODI3LWJkOGUtYTIwMjA1MTU5ZmI5 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEI-zOwS52Ky4853t4SjDikI&google_cver=1&ssp=ucfunnel&bsw_param=8fa858c4-3ead-4827-bd8e-a20205159fb9 HTTP 302
  • https://sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=8fa858c4-3ead-4827-bd8e-a20205159fb9 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=b8eb005d-f98a-429e-9a28-2eca98b7a02c HTTP 302
  • https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=a6d1eea6-c987-4a3f-ad57-d462b8d19818&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8fa858c4-3ead-4827-bd8e-a20205159fb9&ssp=ucfunnel&gdpr=0&gdpr_consent=
Request Chain 467
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?endpoint=us-east&p=insticator HTTP 301
  • https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Request Chain 469
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=30e7624b-7259-4d00-bf87-79838231cfba&gdpr=1&gdpr_consent=
Request Chain 470
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1649198041&gdpr=1
Request Chain 471
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=V3N2_VZzd6ZMJCf5UXdvrlF5IP5Mcyf-WXHZ-WJf
Request Chain 474
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YktyVpZBRnjg0Bbiom4IrAAABIYAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YktyVpZBRnjg0Bbiom4IrAAABIYAAAIB&dcc=t
Request Chain 475
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Request Chain 476
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 478
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df2daaf28-cf87-4bc6-7afb-3bddac0b1aa2%26reqId%3D438f8644-d869-422d-69ee-936ab5554f2d%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=438f8644-d869-422d-69ee-936ab5554f2d&zdid=1361
Request Chain 482
  • https://c1.adform.net/serving/cookie/match?party=14&cid=A1295F5F-02C9-4604-9366-45002358F767 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A1295F5F-02C9-4604-9366-45002358F767
Request Chain 483
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8031219224026110045
Request Chain 484
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:49d7624b-7259-4600-b959-966676ca4e53&gdpr=0&gdpr_consent=
Request Chain 486
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7082880565563226266
Request Chain 487
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YktyVgASWkuzKABH&gdpr=0&gdpr_consent=
Request Chain 488
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 489
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDRFJFN0VsdVVBQURXZjJQWk1zUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACDRE7EluUAADWf2PZMsQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACDRE7EluUAADWf2PZMsQ&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACDRE7EluUAADWf2PZMsQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Request Chain 490
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=upkfSp34RpVekGFYlSdXh8EbDiw
Request Chain 491
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 493
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=L0pbRrn6WoIdFjOqnO0wYl7K
Request Chain 496
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1649111641991 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Request Chain 497
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=e13032f3-b54a-4bfc-9747-64898995a261-tuct944f7d9&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 498
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oSlfXwLJRgSTZkUAI1j3Zw%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 499
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3797624b-7259-4900-8fa6-ad428780ffac
Request Chain 500
  • https://pixel.onaudience.com/?partner=214&mapped=A1295F5F-02C9-4604-9366-45002358F767 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=9c9ca445f1781765/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=fb9d6148be821578bfae6bf32c420898&gdpr=1 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=9c9ca445f1781765
Request Chain 501
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTEyOTVGNUYtMDJDOS00NjA0LTkzNjYtNDUwMDIzNThGNzY3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 502
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP6bgdj8lpnAkCt_8k4RpVg&google_cver=1
Request Chain 504
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2850510323904849933
Request Chain 505
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b8eb005d-f98a-429e-9a28-2eca98b7a02c
Request Chain 506
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4561750498577447606&gdpr=0&gdpr_consent=
Request Chain 507
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=mRltB5gZbFyCTj9VnE50VZ0fa1OCHmtWmkjjryib
Request Chain 509
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A1295F5F-02C9-4604-9366-45002358F767&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-jn0INtBE2uVUwxHpclgMY8CrDXhRBq0-~A&gdpr=0&gdpr_consent=
Request Chain 510
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=8fa858c4-3ead-4827-bd8e-a20205159fb9&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=5ed663ea-5abe-48df-880d-c778755a7e6a&expires=1&user_group=5&ssp=pubmatic&bsw_param=8fa858c4-3ead-4827-bd8e-a20205159fb9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8fa858c4-3ead-4827-bd8e-a20205159fb9&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 511
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:10650246-0073-4cdf-9532-df8e0198ae1c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 513
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3527854499195768663&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 514
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4561750498577447606
Request Chain 528
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=i8iUHl2WaFrQEaNZwn15KSX5g&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=i8iUHl2WaFrQEaNZwn15KSX5g&gdpr=0&gdpr_consent=&google_gid=CAESEKOMSxdoBTQJwhu3v-_izEw&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 529
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=4878786587521698097 HTTP 302
  • https://ps.eyeota.net/match?bid=kh51m51&uid=i8iUHl2WaFrQEaNZwn15KSX5g&gdpr=0&gdpr_consent=
Request Chain 534
  • https://docker.creative-serving.com/cm?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=${UUID} HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=e1dc98df-a0a4-40e0-b408-39c25eff58bc
Request Chain 537
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:RMGDpqcX1NBvgU5&gdpr=0&gdpr_consent=
Request Chain 538
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2EF48AF89C9F4EFB80BC582F12D1AA59
Request Chain 539
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A1295F5F-02C9-4604-9366-45002358F767&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A1295F5F-02C9-4604-9366-45002358F767&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=A1295F5F-02C9-4604-9366-45002358F767&addseg=19,36,42
Request Chain 540
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=A1295F5F-02C9-4604-9366-45002358F767&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A1295F5F-02C9-4604-9366-45002358F767&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 542
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=A1295F5F-02C9-4604-9366-45002358F767 HTTP 302
  • https://a.audrte.com/p
Request Chain 544
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=555975eb-b467-11ec-8565-0101009ce73f&gdpr=0&gdpr_consent=
Request Chain 573
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/fb9d6148be821578bfae6bf32c420898/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=1 HTTP 302
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3527854499195768663/gdpr=1
Request Chain 576
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=fb9d6148be821578bfae6bf32c420898&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=dd6f97d6-002e-46f5-ba40-ab50e5822bd9
Request Chain 579
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=A1295F5F-02C9-4604-9366-45002358F767

566 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/ 		184 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
863fc3c532c55a73bf3c8745a700ac31ed9a44b4cc77fd59f8f5f9fe5c026e5d

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
cf-apo-via
origin,no-cache
cf-cache-status
BYPASS
cf-edge-cache
cache,platform=wordpress
cf-railgun
direct (starting new WAN connection)
cf-ray
6f6d822128a9f923-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 04 Apr 2022 22:33:54 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://thetruedefender.com/wp-json/>; rel="https://api.w.org/", <https://thetruedefender.com/wp-json/wp/v2/posts/51271>; rel="alternate"; type="application/json", <https://thetruedefender.com/?p=51271>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GAFC70ugzRiqPK3WhDCWzglcmeqPBmSi5tR0ESJDpU8Csr5WLUrR%2BR3BTNLj%2Bcx7KYqrcLaEOH1xAhP40eStPE5MRpQlub97a7fyiRpizJZw%2B4WFXInUJ6aBDYKKkKQ00g6DNBIV2nniYBWhI4XBnp0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-pingback
https://thetruedefender.com/xmlrpc.php
this.png
thetruedefender.com/wp-content/uploads/2021/01/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thetruedefender.com/wp-content/uploads/2021/01/this.png
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efd9e824a1e4ebcc1191decc082d4718bc50ca3ac692bb9529753d4cc97c5ecc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4928
cf-polished
origSize=21749
content-length
19502
last-modified
Tue, 05 Jan 2021 23:49:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3sZwvcPGz4WTzqEgkZIkANEF5DP5pmcWswN7frehxea219OoZWRLDuaB0omKpHg%2FKZ8lsv89MuJmIMScKl6axLDf3wSvb1mUFUpR7ASbMDE4yisfLX9AdtJ6krAvDMFkMZexU4NQS0TXt5ziHQRgYU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6f6d82270e7af923-MXP
cf-bgj
imgq:100,h2pri
Untitled-34.png
i0.wp.com/thetruedefender.com/wp-content/uploads/2022/04/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/thetruedefender.com/wp-content/uploads/2022/04/Untitled-34.png?resize=613%2C358&ssl=1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
3c086a6d21a6d4accb512b7fe4800280f35574845cbd9eb4ca151814e04f59ef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Mon, 04 Apr 2022 22:33:55 GMT
x-content-type-options
nosniff
last-modified
Mon, 04 Apr 2022 15:04:32 GMT
server
nginx
etag
"b510d01950f5ae41"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://thetruedefender.com/wp-content/uploads/2022/04/Untitled-34.png>; rel="canonical"
content-length
79186
expires
Thu, 04 Apr 2024 03:04:32 GMT
tielabs-fonticon.woff
thetruedefender.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82649ad7d4ec9c61f1e525b2dade75153ffb03610b88d22e1ba3ba98fd55de81

Request headers

Referer
https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
4928
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bvUJq0CtphzB2n3S5ygZaZy2JRCDMnIm4YH3W6cRhNeEmdft3oQPVvnmmiwkFKYEKRvSaK4s3UMq%2BYyxfG5kROt4A3JVwTczfufDnyVCQyr1AmauZY8CMmMDuqUwCS0Tyux6s3JfHDUTwLQ5NS%2B6TPo%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f6d82270e7ff923-MXP
fa-solid-900.woff2
thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/ 		78 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-solid-900.woff2
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Request headers

Referer
https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
4926
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zd5YdTZm8JksyPP%2FKGPQvQcVj78dRrHyJU36VVx2TurjWN8fzRZjJR4n6GoGyrYe%2BvoB3K%2Bq3UANHkhUTX0kqanLEC9P6TLgJoCKoW0XrHXG4hGy7ngOQ9fDAfbF6%2F4pNS7nj75z0YpHzhx5tpq%2F6I0%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f6d82270e82f923-MXP
fa-brands-400.woff2
thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-brands-400.woff2
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29

Request headers

Referer
https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
4925
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ceKqSZSQ9%2FeoMJOnXLnjPI9rlX%2BfJO%2BkzBhCEkj1%2FokytsgaR146VQSYdcfeD%2FltT%2BNa%2BN19OMSmByDZvuzElLrQQQJT30zifypqD5Y8sPB%2FJIEdeqZzFHwAdfPPVmSgx6MZTKH9oTSx5uT53MR9IaM%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f6d82270e87f923-MXP
fa-regular-400.woff2
thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-regular-400.woff2
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65

Request headers

Referer
https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
4925
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iIvn%2FjBaxeFuG3zc3GU2%2FyKdgjpunPGGCy5hhLEReS9JO7FexgtVE%2FLv3JAodWmFnc4x5z9R6%2B5jOL9%2BZebFV3arOxV9GksOXITOHMxbEb3KondXixHJhP2bFoCjJBoXryRRmQbsu%2B5ehDLL7Iezcvg%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f6d82270e88f923-MXP
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-186892928-1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2b9a0d5329c389e193ed2fae53565c29490424a21402dfd02b35878841d932eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38067
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 04 Apr 2022 22:33:55 GMT
mediaelementplayer-legacy.min.css
c0.wp.com/c/5.8.4/wp-includes/js/mediaelement/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.4/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
last-modified
Tue, 29 Sep 2020 15:53:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 04 Apr 2023 22:33:55 GMT
wp-mediaelement.min.css
c0.wp.com/c/5.8.4/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.4/wp-includes/js/mediaelement/wp-mediaelement.min.css
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
last-modified
Fri, 07 Jun 2019 20:45:02 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 04 Apr 2023 22:33:55 GMT
base.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/base.min.css?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aae68d7418f7820c7267d6dc0ec4f3f0935d15e965d5dfd0730ee15265cb932e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
4927
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mqW9SXzCICkJIFURT4aKYZoHIfBqLwWDHmR7e0ojJNUML9ruFky39yFJDR2g6I46b0qcH43LQABxBpsa1uAne8KroWs5rSJCulC87gv0Fcqk1kETkAe6tMkoJo3YEbM07EPmCIIfFIHlHQhQMVRE3%2FY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f6d82270e8af923-MXP
style.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 		171 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/style.min.css?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4e54900492e7fa37b1da9dfb701b52ce20eb8709219e48f9db66b9fd547c429

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
4927
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tnea4pjfb3Q%2FQ4nJSpSwu8fnGPbMCwwivp06d17euIUPNsPmOpUXDWsaZcDse3pQd1blrrqNe3WnkS3T2CLKgOj8D34q5EV82dRCaveiPdjt0QB%2FZJgzzpXjRsxStZQJK6wPjMNk9D8fdT0raoZKzuA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f6d82270e8bf923-MXP
widgets.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 		53 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/widgets.min.css?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
300c2a57d0ed169063b3daaff0550227cf8be6e702a58ab79f40a351df655243

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
4927
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tHCkbhlEwgNsqBqUeUNYzpaKo4a4iUSS3NxpaiZt9XnEazZtDIlmSHIgwldebrixFHOr9CGFxWuMvKIwOGwVeh3R4LRre%2FzWHZcJf%2B9pezJ81g%2FR3bayo2ftsrbSGnHjO9xUJpDFVbnNPC72%2FzDph4k%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f6d82270e8cf923-MXP
helpers.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efd5ad608d8f3603b3eb9ca9f2c65ed45d7ca18acd0296fe5fc24b150eb4c4e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
4927
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=19oxcE%2BLrMCMmd8vQbiUGpchHtA1J6e4VjsWTGUFpBsmkBtMN7dtj3wfw8UGTqZhnSAj43Q7B4VkycWrO7RhXfk7OmJp4pftKY5ZFLbB%2BFD1OgigipIzXgUrplvUB0bWxJBAz7mb9L2KPbS%2FdLlsUyA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f6d82270e8ef923-MXP
fontawesome.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 		57 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/fontawesome.css?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e994c6b869ce31ac6a8997cfcdaca22ac6c47f137ec735b2ac413e466b7ca0c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
4927
cf-polished
origSize=58662
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O1dTct5H4WKenGYrgAKIBFbW8%2B6s0pHaFeIsVEEOprkA5xuxTnw1hxk9JjwISTVOUHdB8rUYA4kfES4zqAx%2Fcba8Ow3%2Blc08NWzefzOMQI0pl4VcXe5h8G55jNo6VQgKEW7XgBZMmxSreUps4AKonlo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f6d82270e90f923-MXP
cf-bgj
minify
skin.css
thetruedefender.com/wp-content/themes/jannah/assets/ilightbox/dark-skin/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/ilightbox/dark-skin/skin.css?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff17f08db808e813e0f3270329ce38e06376065502acddb467d39eea8d84d67c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
4927
cf-polished
origSize=12018
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ZPQ2M4Y50M92GzTEF7LpqzVcEEQkx8yERsbuuW7eP77IINS4Wa9%2FevqZPE4Sibq%2B%2Fdp5K%2FzYG%2BDA5ZyWvmgFrnil%2FFsD914f6bkl8GC0WKTkj01CSoCM5AMhS0D%2FbH0cv1QIDMKnYHiOyi4XHx%2BI8E%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f6d82272eb9f923-MXP
cf-bgj
minify
shortcodes.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/plugins/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/plugins/shortcodes.min.css?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf3b52f874aebd7cfc4c49cc840977ec1fa179df6026c7cbb23794a3ccbde172

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
4926
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QsnoKCmF7zy9E9DfVfAhNAOBvYmRGj%2BKhTxCQhArc4CSZSQhH01Mv7Y%2BpBO%2FqRJqGrQh7kp3JhDUctTTjzlnj1wIUw%2B0PueSxgxnbeH%2B18iPPWm0dnM7MpTyTAznvcc%2Bvi1pgnUUyspLWNP8XWltwno%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f6d82272ebbf923-MXP
single.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 		40 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/single.min.css?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5010764339d94d1fa6a5cc219dd0ab07cfca326a11e866768b80d6081773950

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
4926
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9VBs6fPLjcH6N0CszmDyLalYeter6j3vSGcBdM0XBxFCPlntFx929BTJveSXvDCF0piMn4hJi8EjnxZmqnn0eOnM%2FJKkkXikJ5RqMQLfqfK7fGZC%2FNuDGXJ5X3uLrTFWoiujcBFdq5dGi%2BAKcsL7mfM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f6d82272ebdf923-MXP
wp-emoji-release.min.js
thetruedefender.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.4
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 12:55:33 GMT
server
cloudflare
age
4176
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2FFE%2FxpKLBQhWI8fOGhj51ZexB6VAXBRQFuVrF9cS8rV7bywvszBs%2B4kd0vxleevVfC%2BdMy%2FsZimXzBqIcEsmt1sm9BYz9daMAJ1zCm4waLwA839zDm%2F0By0H7EVtonMMmHuQ5TUQzOCRoMKmBzmlys%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f6d82281f9bf923-MXP
print.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 		2 KB
936 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/print.css?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1672b6adb575ab5321d426ebcca1e8b00217bfb2704fb41797f0dc91f5f5061

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
4919
cf-polished
origSize=2175
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ye2HRaJ2BqJ9GAEja1glpWsEsPBz7%2B4Mjb1C9p5Wl%2BlnfvKz7WqyckoTTci3pakc7rHW%2FhJpTZu4iLTT841Fc1DwC%2BqiuIUmNiVcewdGNrW%2Fp1r6BjURYEmI2AEeSEMtYfBnyc2LXZ%2BJu6muPRV1nZ4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f6d82284fc1f923-MXP
cf-bgj
minify
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-186892928-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1749
date
Mon, 04 Apr 2022 22:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 05 Apr 2022 00:04:46 GMT
jetpack.css
c0.wp.com/p/jetpack/10.3/css/ 		85 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/10.3/css/jetpack.css
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
41b60d2262cffca90f6cd644983a2d813336dc959558bdd6ae54b35ef06dd9fb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
last-modified
Tue, 28 Sep 2021 19:34:54 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 04 Apr 2023 22:33:55 GMT
frontend-gtag.min.js
thetruedefender.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.2.1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed748eabea3237e3fa0cac6fb04d0b8e64f937cf5a717105ed3dc1f3c6e0e20d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:45:18 GMT
server
cloudflare
age
2654
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h1tNU%2B7aC8Dks3k7pibD8CAUEcypdPuXOyppWWiEzNxyPGRpRHePV%2Bl6SoNPHEJxs6pKoSd6W14DFlStjdrZeJ7hxb1gqecxjeUCTdB9mk%2Fsb8w5ZJFsnkdI8YcnLV6%2FFzm2ZLv8sB1F9BkcV6IVKRY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f6d8228a81bf923-MXP
jquery.min.js
c0.wp.com/c/5.8.4/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.4/wp-includes/js/jquery/jquery.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 04 Apr 2023 22:33:55 GMT
jquery-migrate.min.js
c0.wp.com/c/5.8.4/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.4/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 04 Apr 2023 22:33:55 GMT
frontend.js
thetruedefender.com/wp-content/plugins/fullworks-anti-spam-pro/frontend/js/ 		439 B
734 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/fullworks-anti-spam-pro/frontend/js/frontend.js?ver=1.2.4
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c84b15475645a583ebcacf9dce3e2ac8ada4feacf3640b2ba60c9139dc9e382

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:45:16 GMT
server
cloudflare
age
4176
cf-polished
origSize=1539
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2Fv58wjf8ijJGTwxzTMIUx3UkdiHiV1uatm5rHaUbr8LemfQmLlkOJWq85VHN5DodjSaRfHzAzrhcvVL3YoH1uAvMiF1UPBWISr6XwfRrsEX%2BANg%2BQtvKm5wwubLm6TdVYT1BMVDZ7xuXLA1Wv%2F4b9M%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f6d8228a81cf923-MXP
cf-bgj
minify
jquery.form.min.js
c0.wp.com/c/5.8.4/wp-includes/js/jquery/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.4/wp-includes/js/jquery/jquery.form.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
7dcbd9ddb813cf06084d60b6158da5289b9e33ba3f9e7c463fd20e7ec8462014
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
last-modified
Thu, 18 Mar 2021 17:53:19 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 04 Apr 2023 22:33:55 GMT
just-contact-form-ajax-script.js
thetruedefender.com/wp-content/plugins/just-contact-form/js/ 		388 B
502 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/just-contact-form/js/just-contact-form-ajax-script.js?ver=5.8.4
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae5df397c5c0dac0b9a5156343d18306f38b277664010be4121bd082f795131c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 22 Nov 2020 12:53:32 GMT
server
cloudflare
age
4176
cf-polished
origSize=463
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ww1xT05TyANYLH6GF8T9M5ExcN2qoIq6Q0Lzc3E76cspL9P5G3KN07wKCh%2B%2FC2QUGlRLGV7hQr6ppqwttvclJgtmb68DA36AH7ZQ9X3K3PpurFIoWLcAnh8KJqvsx1PeW3exkJP3kuvWKbHzRDydPZw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f6d8228a81ef923-MXP
cf-bgj
minify
/
users.api.jeeng.com/users/domains/0Lvxx4MBY1/sdk/ 		354 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://users.api.jeeng.com/users/domains/0Lvxx4MBY1/sdk/
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:264e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e6043999a1ec95206f0f922357e70d544fa9da191a363fa267372605977fe001

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
age
1269
x-powered-by
Express
x-cache
Hit from cloudfront
access-control-allow-origin
*
server
cloudflare
etag
W/"58755-VY4lyG9IlRYDKL29v8Xdbk2V3h0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 acf8dc23ea92f292049638fbd5d718e2.cloudfront.net (CloudFront)
x-cloud-trace-context
aa1d9094afd34a064931ad1678cf1baf
cache-control
max-age=3600
x-amz-cf-pop
DUS51-P1
cf-ray
6f6d822958fa01df-ZRH
x-amz-cf-id
b3xSHCICCdkx4-2q-hORK0VxbktxPESkbsKqMekcUKeuDn9gey-HoQ==
bb28d960-28c3-46bc-ac88-49bbb3388212.js
product.instiengage.com/product-loader-code/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://product.instiengage.com/product-loader-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:2c00:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
edc7421be3d8be848703191314fe053532fb8736678ba596cc9a505a0a54720f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
J4ttIhDyztUzzV6u36gP3oxBJ9.3sR7O
content-encoding
br
last-modified
Tue, 29 Mar 2022 03:18:06 GMT
server
AmazonS3
age
2122
etag
W/"6b2693b0f0f95b246bf4fa0fa60b0bf5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
date
Mon, 04 Apr 2022 22:00:04 GMT
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
tbDyVUtpZIO55Rkuu6iuQSVnDdS0PXgqiNSSba2y799C_FGFLoLuZA==
f8ec1629-32c3-44fb-be24-9764b22efcd2.min.js
cmp.optad360.io/items/ 		2 B
361 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.optad360.io/items/f8ec1629-32c3-44fb-be24-9764b22efcd2.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:6400:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:24:31 GMT
via
1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
last-modified
Thu, 28 Oct 2021 09:48:14 GMT
server
AmazonS3
age
565
etag
"99914b932bd37a50b983c5e7c90ae93b"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
2
x-amz-cf-id
YksBjlGb73ZpWuxoD0RwvFp7dneKEXOOfW0gk7YYUylAagULxfgaHQ==
plugin.min.js
get.optad360.io/sf/ab4db02e-f004-4923-8d56-ed722ad49704/ 		2 B
360 B 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/ab4db02e-f004-4923-8d56-ed722ad49704/plugin.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:5000:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 21:53:41 GMT
via
1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
last-modified
Tue, 14 Dec 2021 08:34:55 GMT
server
AmazonS3
age
2415
etag
"99914b932bd37a50b983c5e7c90ae93b"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
2
x-amz-cf-id
xcAQNp75PDMjZOv6SDLUopNwcN7OAucnvMPnOH0frUTdpz2B70k_Ug==
lightbox_inline.js
www.lightboxcdn.com/vendor/d56c8b33-6eec-4054-9841-ba2ee261125f/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/vendor/d56c8b33-6eec-4054-9841-ba2ee261125f/lightbox_inline.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:4fa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3372afc57b6c3cbc817b01d0aa4690b372cb55c6021266048ebef5141fd87b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
AIuCN8rPaYWiXdzPPd1cEA==
age
108
cf-polished
origSize=2379
x-ms-lease-status
unlocked
last-modified
Mon, 14 Mar 2022 21:09:57 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
eade3efa-901e-000c-11e8-37f6c1000000
x-ms-version
2009-09-19
cf-ray
6f6d822948a90208-ZRH
cf-bgj
minify
thetruedefender.com.1229464.js
jsc.mgid.com/t/h/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/t/h/thetruedefender.com.1229464.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9d343914b0f12c2a1adcc93428cc4945c9d01d2eee000642b38ca5c22fd1501

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
cf-cache-status
HIT
age
3800
last-modified
Thu, 31 Mar 2022 13:03:33 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
Q6RC1YMJ347BGY4H
x-amz-id-2
50SYXJ6L7EqWt7OgmvdnoGaz8hDT3HEFUvKuPH0oaDN62jSP+Kw/HcTKxKn834gEqZbgrahnN6k=
cf-bgj
minify
server
cloudflare
etag
W/"09cb95f4506099235b355eb65af5a4f2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6f6d82293a729bb2-FRA
expires
Tue, 05 Apr 2022 01:33:55 GMT
thetruedefender.com.1229463.js
jsc.mgid.com/t/h/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/t/h/thetruedefender.com.1229463.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33691f2272bc468aed5a87b2e74f92e195d31077061595017f06137064a3fe0f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
cf-cache-status
HIT
age
4879
last-modified
Mon, 04 Apr 2022 21:12:04 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
V2GWC1MDB3YSXNJ0
x-amz-id-2
32Qce4ffqUfpqo3ungBTl08MXOVNvKKv0f05ihri+sw+2m585TQZ0XOIbYfmsVftLpSxKWqUJOo=
cf-bgj
minify
server
cloudflare
etag
W/"a574830018e761e752299157cc82b874"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6f6d82293a749bb2-FRA
expires
Tue, 05 Apr 2022 01:33:55 GMT
email-decode.min.js
thetruedefender.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 24 Mar 2022 11:29:35 GMT
server
cloudflare
etag
W/"623c561f-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B2cXUmRvCLXwpG58mnBrWqt051OTF3KqIg9bNR9U32BNVaAUD6FEXxJVBPsdBZy%2F78C0L8AOISFipIeJax3xf2IhhxgAULOgcYh9WO%2Fdc5MnUdHT4Q7eVcN0SFogaVLuhWPNBd360Sm7MMr94ZP95qc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f6d8229086af923-MXP
vary
Accept-Encoding
expires
Wed, 06 Apr 2022 22:33:55 GMT
300x250x2.jpeg
thetruedefender.com/wp-content/uploads/2022/03/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thetruedefender.com/wp-content/uploads/2022/03/300x250x2.jpeg
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bff5f0e1d70317e19a8a5e44c239fb411011db6a8667c0abf8b0a2be9370ba80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4920
cf-polished
origSize=18819
content-length
17750
last-modified
Tue, 15 Mar 2022 13:42:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=18U2kEe43ZkFKNUToSjzfwnYumVxaQ7KynF8kxssFGsgRSncQ6ELG46LVbsR5rq925mWcSQ%2BNiWklUCFjCK789UJbElC96ot3Ex%2FejSQt8CHSPp0QBJDDuPEugqaWTebp66P%2FXa%2FHsq1klApM869xf0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6f6d822928a2f923-MXP
cf-bgj
imgq:100,h2pri
thetruedefender.com.1229983.js
jsc.mgid.com/t/h/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/t/h/thetruedefender.com.1229983.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b07d4df6a5cdfbafda3066f6884fa9d7b141897e39a5f72efd40742762624eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
cf-cache-status
HIT
age
3800
last-modified
Thu, 31 Mar 2022 13:07:08 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
Q6RCGV36WMH5W8YH
x-amz-id-2
u1/XHkTmf457B/B/bU9TeYiIluKw+bsghpdBD/YsOOik7eCuTTeoUnlJOskh3MIPr3IfNpLDS98=
cf-bgj
minify
server
cloudflare
etag
W/"225331f347af5d8cd3f25f36545eba81"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6f6d82293a759bb2-FRA
expires
Tue, 05 Apr 2022 01:33:55 GMT
160x600x6.png
thetruedefender.com/wp-content/uploads/2022/03/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thetruedefender.com/wp-content/uploads/2022/03/160x600x6.png
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b125c2e7291fba7e7954efe2085e4b7d7ab9a2000e39db8a9e720364c360431

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4175
cf-polished
origSize=22415
content-length
22391
last-modified
Tue, 15 Mar 2022 13:45:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOW64s%2F1z6POEM7vwdU6yesYSyrEmFtSgBp2sEIU891XVF79YUth2DVWXWt1Z1%2FqZt9Jw9dunUK5HYPE%2BHbAg%2Btpg3BuCelw%2BXkiZIFuSTXX9Jpw3itwf0fpu7enldZ7xXdrFLnQ%2FD%2Bou1M4u4SyfNo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6f6d822928a3f923-MXP
cf-bgj
imgq:100,h2pri
thetruedefender_thetruedefender_sticky.js
cdn1.lockerdomecdn.com/embeds/ 		1020 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.lockerdomecdn.com/embeds/thetruedefender_thetruedefender_sticky.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:f400:b:6268:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6990ea232bb26e9f419f1c364efc4d46ab62288a58f57aff6f289f4a98459240

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
5SJgwcOSQVDADRfSedXeHumqp.bTbaay
via
1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
last-modified
Tue, 05 Oct 2021 16:39:44 GMT
server
AmazonS3
age
65469
etag
"5bc9056f1e2006913082934b4e7f8720"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 04 Apr 2022 04:48:10 GMT
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
1020
x-amz-cf-id
ICvQ2qKTX-8jjlVaoebSdNuNwzkC3qUhhrETTaOjBK2eyfijjQLh8A==
frontend.min.css
thetruedefender.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/css/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/css/frontend.min.css?ver=7.2.1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7145e35459692778d48ee4720e0897425811356b8e60ecdf87decaa8db0fdd6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:45:18 GMT
server
cloudflare
age
2654
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tLF5O81F02xmg1qt%2BrRqsnV2KYOovA5atx2v6AZBtFJt6nc%2Bb4oFyaprHfRerVjKXCsQGcOaEyu%2F6yTZSMyfBJ%2FwCMTThwipZeneHzHx5rn%2FOgaLZJ2mBa2YiTEQ7YkPQK6ANDDne0seMcDQ40RagFY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f6d8229086bf923-MXP
photon.min.js
c0.wp.com/p/jetpack/10.3/_inc/build/photon/ 		758 B
425 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/10.3/_inc/build/photon/photon.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
last-modified
Tue, 31 Mar 2020 17:26:38 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 04 Apr 2023 22:33:55 GMT
6aee8e32-15aa-46b8-b94d-8d12cf53c25c.js
clientcdn.pushengage.com/core/ 		91 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientcdn.pushengage.com/core/6aee8e32-15aa-46b8-b94d-8d12cf53c25c.js?ver=5.8.4
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-34.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
05ecb098b0380cf751745d81f0c9aa3786e56c2f6bb1275a9e05ab894e3c087c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:42 GMT
content-encoding
gzip
server
nginx
age
13
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=120
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
OO7xlkJTlNfHMDA1Ub6KWrjVw_gC7I7IcUBJ-_h6L0THUmOlrSf5Ug==
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
regenerator-runtime.min.js
c0.wp.com/c/5.8.4/wp-includes/js/dist/vendor/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.4/wp-includes/js/dist/vendor/regenerator-runtime.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
last-modified
Wed, 23 Jun 2021 00:06:13 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 04 Apr 2023 22:33:55 GMT
wp-polyfill.min.js
c0.wp.com/c/5.8.4/wp-includes/js/dist/vendor/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.4/wp-includes/js/dist/vendor/wp-polyfill.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
last-modified
Mon, 14 Jun 2021 23:18:11 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 04 Apr 2023 22:33:55 GMT
hooks.min.js
c0.wp.com/c/5.8.4/wp-includes/js/dist/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.4/wp-includes/js/dist/hooks.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
last-modified
Thu, 27 May 2021 00:17:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 04 Apr 2023 22:33:55 GMT
i18n.min.js
c0.wp.com/c/5.8.4/wp-includes/js/dist/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.4/wp-includes/js/dist/i18n.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
dceda745a0fb58233a95eff6d10796026df6792cb960cdf675eb7b8a6750a2d2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
last-modified
Thu, 27 May 2021 00:17:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 04 Apr 2023 22:33:55 GMT
jp-search-main.bundle.min.js
c0.wp.com/p/jetpack/10.3/_inc/build/instant-search/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/10.3/_inc/build/instant-search/jp-search-main.bundle.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5eaddb09f331de307e587736737c57d129e68160aa2f6bab695635d054155ec2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
last-modified
Tue, 26 Oct 2021 14:48:38 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 04 Apr 2023 22:33:55 GMT
w.js
stats.wp.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/w.js?ver=202214
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ec7c4c90e31092c6253cddb718655a1e3ac5f4f83425b1e16d54b25ff80f263f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc
HIT hhn
date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
server
nginx
etag
W/"61dc645f-2a3d"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 03 Apr 2023 19:30:29 GMT
intersection-observer.js
thetruedefender.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?ver=1.1.3
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba58ed4e8dd5b19dda4a55b9ea0e7561c8365d5999673ddbcbb7269fca2d3dd0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:45:20 GMT
server
cloudflare
age
4176
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hLgHsHrKYErQ95y20J55NKKPp2aVksvJ5PE1RoSlmLEclZgawODqyNnMlEXl%2FKuWpScl9JvNfkvVlBdekgUnfBq8RyTKrv29YmUdNQNn9xk4KDVXvX%2Fr9vtmYp7uMGKzbgclHCZh%2B1yLM2U44%2F0A%2FJI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f6d8229288cf923-MXP
cf-bgj
minify
lazy-images.js
thetruedefender.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?ver=1.1.3
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c97c6ce5fdeb2d91e4bc6263d3714ca800b990c1994cf0b6dac0f23c8fbabfe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:45:20 GMT
server
cloudflare
age
4176
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=riwHEaMwryGQj2LyRFnsXQNtq7XfwKSNbs5uyXWPe7RC1HuNp7We4u9N%2FTzyqDFiFCfB0xyPnaFN9eFOKYc2%2FYVjE4b7M6xEoNu1sxB%2FuqSZOv2XG90zwdsyFG%2Bk7LpC%2F%2BVhSg0CGgVW62vuBC6YpkI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f6d8229288ef923-MXP
cf-bgj
minify
scripts.min.js
thetruedefender.com/wp-content/themes/jannah/assets/js/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/js/scripts.min.js?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d90a92a7cfa091e8b08b8a24572b8c67d1aa35d4e2a9b09887cfb412acc3adfc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
4176
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rp1MBkpyKYVaFmWOh8ue51V8d6ZM%2BESWZbG8rK51T1Co3eLYdCrox3RtRKCgfnVLmGbdZu2ReeqCJ7NHKTvI1XoIRIa4cLdcF485Rsyzk16mhC39afwiVT8wtmdNiFozzz%2FY0olba0a7%2FSJACMJ8jQ8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f6d8229288ff923-MXP
lightbox.js
thetruedefender.com/wp-content/themes/jannah/assets/ilightbox/ 		79 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
545f7284439440fac6a2ce4a53a16cf7e9c7f9f6dc7a6f09877bd2af7c85e3b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
4176
cf-polished
origSize=81423
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KVYrCoLmCk35Rxv4P3pCvLd%2BGxBzidsqWfHbQlkZvGQ76bwLiHsBRGYZsB1kUBPJvKILCxiTw3UbtURdlBZesiT9VcUu%2B8lTtoNpZKMXMr8Z1n7UWjWlvjBBQbGfBs3IXApFijssY11We71mm6Kr1yo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f6d82292892f923-MXP
cf-bgj
minify
sliders.min.js
thetruedefender.com/wp-content/themes/jannah/assets/js/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/js/sliders.min.js?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4aedd618e5afdcceeaeb82c1d6926175a4bb43dd363e9c64eacfca2ae80c9b60

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
4176
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=64zkW3XFB4xRcOW13jE9ElllWWAAriUhepRqvU7nWCGNZvNrI5TGQ3G%2BChqRexrzefpQkGY0Ip8aE2LD1vpxJTZkTxoc0Kyi7asYZkQc47DLQfqsh29FYQWTWfvm2hWqWMeaAQuueR1msAxA%2FvypUmY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f6d82292894f923-MXP
shortcodes.js
thetruedefender.com/wp-content/themes/jannah/assets/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/js/shortcodes.js?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a211890e04f6342daafeab7c7d11cd15419e8a4830f530176b28d872e6a1d9a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
4176
cf-polished
origSize=11181
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hpAhXT44ji8RSoaAmnYLgBDi447ZRtWh9LCVLdLJJknNGK0oLzR%2FWqt0az9HEIY%2FJSSNHgpKr3dXjI3aARWVQts0mhiA6TIFS%2F7WbB82Qt7qW0ZTRBDcvm%2F1jt738I1FWtXPggCZced%2FkDsYhOcZGjw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f6d82292895f923-MXP
cf-bgj
minify
desktop.min.js
thetruedefender.com/wp-content/themes/jannah/assets/js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/js/desktop.min.js?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7462bdf789a89db34e26ce9deeb27e2d532113145d71bb560aad30c67dceaf88

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
4176
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BLpjPgnkk%2FY1zjt%2FnEUjlKVbeloxcHbom2jc%2BSxNfgLGMedAzmGh8fggSWL9H49tEuDmAHkymVGgk9U6b03QbSWsqOhcG8CZdY1ytM%2B8AuE57s%2Fj0JFli64s0Dd%2BLohY3NJS%2BVyHvrHNj1oCtoBTZNs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f6d82292897f923-MXP
live-search.js
thetruedefender.com/wp-content/themes/jannah/assets/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/js/live-search.js?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ebe3ff6e3d8d47304ff7bbcb28cc0579ca64c2cd7989015db2fbdb08ec8dd92

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
4176
cf-polished
origSize=14601
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JwQBQRe%2F8ttSIGU8%2FcwvAMep2VfWHNnYP%2BoDr0k8z2uqh8gpAxigTc%2FgNTBCWYMvyB9yPMKewqNOpJgVMSCmwuhyE%2BrPwcLPH1FsrIk%2Fhmu6vCrTYf2D273zn%2BeEmmSKW6owdJcCO9bJ16yr31do%2BE4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f6d82292899f923-MXP
cf-bgj
minify
single.min.js
thetruedefender.com/wp-content/themes/jannah/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/js/single.min.js?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e84a340caf47fb7f52d6d4eef3db512e84c911268acf1c5eb66b44887f343457

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
4176
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dCkQz8QIQX1XyNgAvBX62%2BjZkvxv%2FN3FBUrhZWOKZ3Bg5%2FCGlDshPxdneWVj1pegA%2B7GtzngCX%2F3zvNp5fJZluqU5Ozlzn2bzVQ1VndO0EDnGaTXCQjk2LyaXN%2BvUtP5lqozIsT6wa7pIg5p%2BW73h1o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f6d8229289cf923-MXP
comment-reply.min.js
c0.wp.com/c/5.8.4/wp-includes/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.4/wp-includes/js/comment-reply.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
last-modified
Thu, 18 Mar 2021 17:48:23 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 04 Apr 2023 22:33:55 GMT
wp-embed.min.js
c0.wp.com/c/5.8.4/wp-includes/js/ 		1 KB
719 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.4/wp-includes/js/wp-embed.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 04 Apr 2023 22:33:55 GMT
br-news.js
thetruedefender.com/wp-content/themes/jannah/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/js/br-news.js?ver=5.4.10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
360cb757953c12a86e5cab86a14bc19f343fae4b09fa758b1a0535dca3c5f26f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:56:49 GMT
server
cloudflare
age
4176
cf-polished
origSize=5594
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kv54J50ltRupzZlQSNinWR1Eo9NaTbfPIuPTTrZ96RQkWCJE8uCUu%2FGVHJD1lNGSyNyUyD9YPThp%2BzlJIzfweh%2FPFIG4P1g9iM4ERD%2Bm4A%2FuWArBRh8dzROjzM9%2BgKFLMdNIwyIUaEzAvqP7Kh3K49M%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f6d822928a1f923-MXP
cf-bgj
minify
e-202214.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202214.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc
HIT hhn
date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 27 Mar 2023 05:14:24 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 21:58:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2105
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 04 Apr 2022 22:58:50 GMT
bb28d960-28c3-46bc-ac88-49bbb3388212.js
d3lcz8vpax4lo2.cloudfront.net/ads-code/ 		140 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:4e00:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
74248e123d313a91788febd533fe7c81970a7b9a145cdaf6a71c3ab27fd62a77

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
PwVLbwb.23vfZrgpZo5dqy.U31LmU34i
content-encoding
gzip
last-modified
Thu, 31 Mar 2022 14:26:24 GMT
server
AmazonS3
age
39
etag
W/"dedc0afd6154d48d3081ee6e2128bdce"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Mon, 04 Apr 2022 22:33:42 GMT
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
qp6DP1QD4gQZrBiLZB_f_-yzIsdD5XpbsxxVPDi4P1h6NZ4jCv3eNQ==
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/gif
ajs.js
cdn2.lockerdomecdn.com/_js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.lockerdomecdn.com/_js/ajs.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:4600:a:cbb7:a940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
032748afc697ad6c81591cf5304a1395a1045dff8604fdfeaaa06d8365ea92bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 11:32:48 GMT
content-encoding
gzip
last-modified
Fri, 01 Apr 2022 22:00:18 GMT
age
39667
etag
W/"14de-17fe724b98d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-amz-cf-id
XVbnJlQmErOeH9GoTqSPbEYKFQkE4wnIbiolf5pTQNrewim88uYjpQ==
/
rumble.com/embed/vrzg9l/ Frame 6323 		17 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rumble.com/embed/vrzg9l/?pub=4
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.59.64.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.40.3ba9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
106e00f12d7d9f23a00ea0db58be0a367eba9607194181af2c0e86117d0ac2f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 04 Apr 2022 22:33:55 GMT
link
<https://rumble.com/vulmc3-angelina-jolie-admits-to-participating-in-satanic-rituals..html>; rel="canonical"
server
nginx
strict-transport-security
max-age=31536000;includeSubDomains;preload
vary
Accept-Encoding
Untitled-33.png
i2.wp.com/thetruedefender.com/wp-content/uploads/2022/04/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/thetruedefender.com/wp-content/uploads/2022/04/Untitled-33.png?resize=390%2C220&ssl=1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
c1b5edcb4325a1e9825a3dfeda051c8e5fbd285eaaf3475c597eb04eab23cff9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Mon, 04 Apr 2022 22:33:55 GMT
x-content-type-options
nosniff
last-modified
Mon, 04 Apr 2022 18:52:39 GMT
server
nginx
etag
"7ed91780f177e6a5"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://thetruedefender.com/wp-content/uploads/2022/04/Untitled-33.png>; rel="canonical"
content-length
51028
expires
Thu, 04 Apr 2024 06:52:39 GMT
Untitled-35.png
i2.wp.com/thetruedefender.com/wp-content/uploads/2022/04/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/thetruedefender.com/wp-content/uploads/2022/04/Untitled-35.png?resize=390%2C220&ssl=1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
9f090a586c1218b4e90fa8717695844297f6284439071c8688e0db1e5062c03e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Mon, 04 Apr 2022 22:33:55 GMT
x-content-type-options
nosniff
last-modified
Mon, 04 Apr 2022 15:42:52 GMT
server
nginx
etag
"c99aa141d6460b46"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://thetruedefender.com/wp-content/uploads/2022/04/Untitled-35.png>; rel="canonical"
content-length
71030
expires
Thu, 04 Apr 2024 03:42:52 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1011984955&t=pageview&_s=1&dl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&ul=en-us&de=UTF-8&dt=Angelina%20Jolie%20Admits%20Participation%20In%20Satanic%20Ritual%3F!%20-%20The%20True%20Defender%20!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUIhAAAAAC~&jid=1105849224&gjid=1882337296&cid=887997127.1649111635&tid=UA-186892928-1&_gid=353712049.1649111635&_r=1&gtm=2ou3u0&did=dNDMyYj&gdid=dNDMyYj&z=225055249
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:33:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
g.gif
pixel.wp.com/ 		50 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.449164458449002
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Apr 2022 22:33:55 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
thetruedefender.com.1229464.es6.js
jsc.mgid.com/t/h/ 		240 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/t/h/thetruedefender.com.1229464.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thetruedefender.com.1229464.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9a2efb586384abd3f38091b00ddc5a8686be44da7edd7ea28ec1d0ec4958cbd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
cf-cache-status
HIT
age
4550
last-modified
Thu, 31 Mar 2022 13:03:33 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
0K35ECJ04CC1RQM4
x-amz-id-2
dYuahxxxnm6/S2kSzfn8tbY9b3MvdICGNS0ueiKA643WOOIgGYPpqGpLAJewmpyFoWdlv6YyoBg=
cf-bgj
minify
server
cloudflare
etag
W/"00eefafc3c6891d88435bff7b9d4b4d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6f6d8229edb0693a-FRA
expires
Tue, 05 Apr 2022 01:33:55 GMT
thetruedefender.com.1229983.es6.js
jsc.mgid.com/t/h/ 		240 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/t/h/thetruedefender.com.1229983.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thetruedefender.com.1229983.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9e7ede5239908c5fcbd6de89b4825812d26371ec318f93f458024e7250582be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
cf-cache-status
HIT
age
4550
last-modified
Thu, 31 Mar 2022 13:07:08 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
0K37CSFVY10M1NQF
x-amz-id-2
anVh2UivOpyWn8bTojXxN5Bf8Zo+jEdezWZ3FIGMcXV1btaCJwCkN9B/c6ABaSjglr65flskG/U=
cf-bgj
minify
server
cloudflare
etag
W/"6f21fdffe06fe6ed5863ea53b642d6ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6f6d8229edad693a-FRA
expires
Tue, 05 Apr 2022 01:33:55 GMT
thetruedefender.com.1229463.es6.js
jsc.mgid.com/t/h/ 		235 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/t/h/thetruedefender.com.1229463.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thetruedefender.com.1229463.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abe42187e43a02b8f2b80b04583ffbf215b2b39dd605df9fcb2bdc0508be91ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
cf-cache-status
HIT
age
4895
last-modified
Mon, 04 Apr 2022 21:12:04 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
B5AWTTBRYZ1W4DE4
x-amz-id-2
C3lEmroJ4EZW92y6g5h3l5KSlUU65EAWKuRCWsIsZGjlclvz1CDItBMiLBNO7glopHvt6FjoALM=
cf-bgj
minify
server
cloudflare
etag
W/"a989d9c10778f3b1de33997f24d7188a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6f6d8229edb1693a-FRA
expires
Tue, 05 Apr 2022 01:33:55 GMT
mgWidget_1.11.89.es6.js
cdn.mgid.com/js/wglibs/ 		320 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mgid.com/js/wglibs/mgWidget_1.11.89.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thetruedefender.com.1229463.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d5f7527112a0fa7229a14a053ffb3e93f902baa4497b8dc60e60f6683118326

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
cf-cache-status
HIT
age
2299
last-modified
Tue, 29 Mar 2022 11:17:47 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
7C4H27HMZ6VF6F9F
x-amz-id-2
nVOZ4Nd2SoexVdhOrRzZ2iVXZ7iUpZDEosCJJuYMvk7Fl9Lit7ZgeAK0RaXzGg7wfsPAThRbwIw=
cf-bgj
minify
server
cloudflare
etag
W/"c97fe92d8fab27b4b4a2a7424f873aa9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=86400
cf-ray
6f6d8229db959bb2-FRA
expires
Tue, 05 Apr 2022 22:33:55 GMT
sjs.js
cdn1.lockerdomecdn.com/embeds/ 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.lockerdomecdn.com/embeds/sjs.js
Requested by
Host: cdn1.lockerdomecdn.com
URL: https://cdn1.lockerdomecdn.com/embeds/thetruedefender_thetruedefender_sticky.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:f400:b:6268:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a4cc6696aa07f6d30c40b78120630256a4dc0253fa916d6f8662874c52c31bfb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
JlrJxrw4PUHBe5vaYNP.8A_1stk_uR92
via
1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
last-modified
Tue, 16 Nov 2021 02:51:44 GMT
server
AmazonS3
age
71082
etag
"1be285356b5d9ac3d0319cc622757910"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 04 Apr 2022 02:52:15 GMT
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
17333
x-amz-cf-id
HjdY0CezOism-pi2nkLF-mpbJr5aCfg4kdvVSTWaoEADbncsbXdLTw==
/
geoip.instiengage.com/json/ 		240 B
428 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.instiengage.com/json/
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/product-loader-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.110.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-110-18.compute-1.amazonaws.com
Software
/
Resource Hash
4f1c901b02ff5cc2f49aa931b1bec9610f5cab6481c15fcef1fa353d4005eef0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Mon, 04 Apr 2022 22:33:55 GMT
access-control-allow-credentials
true
x-database-date
Mon, 04 Apr 2022 02:42:26 GMT
content-length
240
vary
Origin
content-type
application/json
index.html
auth.instiengage.com/auth/ Frame 693C 		73 B
435 B 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/index.html
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/product-loader-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:2c00:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb7e70becd9b9f29c4afe8b2b82eef24739e120c0abafc812e24c8362657f37d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
42
content-length
73
content-type
text/html
date
Mon, 04 Apr 2022 22:33:14 GMT
etag
"d143b1e94cfb2dcb20bcad0f44fd1f0a"
last-modified
Thu, 28 Oct 2021 14:58:38 GMT
server
AmazonS3
via
1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
x-amz-cf-id
93OCvzcCmBspgQinZNSj02PPQ_iUbobZn74ad3mliKeQpBiYDrveRA==
x-amz-cf-pop
FRA56-P3
x-amz-version-id
Z_9pWwT0klc7emOur8LDxIaKOSvjAB6l
x-cache
Hit from cloudfront
lightbox.js
www.lightboxcdn.com/vendor/d56c8b33-6eec-4054-9841-ba2ee261125f/ Frame A03C 		326 B
310 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/vendor/d56c8b33-6eec-4054-9841-ba2ee261125f/lightbox.js?mb=1649111634834&lv=1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:4fa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
dea6c93bbc5eb2ca724555eeccb47056becfdc84687400f28d38154a2ebc5fb1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 04 Apr 2022 22:18:16 GMT
server
cloudflare
age
939
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
6f6d8229f92b0208-ZRH
cf-bgj
minify
g.gif
pixel.wp.com/ 		50 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A10.3&blog=189343063&post=51271&tz=0&srv=thetruedefender.com&host=thetruedefender.com&ref=&rand=0.3334271092734562
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Apr 2022 22:33:55 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
user_visited_page
telemetries.jeeng.com/api/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://telemetries.jeeng.com/api/events/user_visited_page
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.247.19 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
19.247.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://thetruedefender.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
alt-svc
clear
content-length
0
date
Mon, 04 Apr 2022 22:33:55 GMT
vary
Access-Control-Request-Headers
via
1.1 google
x-powered-by
Express
user_visited_page
telemetries.jeeng.com/api/events/ 		15 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://telemetries.jeeng.com/api/events/user_visited_page
Requested by
Host: users.api.jeeng.com
URL: https://users.api.jeeng.com/users/domains/0Lvxx4MBY1/sdk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.247.19 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
19.247.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-type
application/json

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
via
1.1 google
etag
W/"f-v/Y1JusChTxrQUzPtNAKycooOTA"
x-powered-by
Express
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
clear
content-length
15
jp-search.chunk-270.e200588ee02c9e4e229e.min.js
thetruedefender.com/wp-content/plugins/jetpack/_inc/build/instant-search/ 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/jetpack/_inc/build/instant-search/jp-search.chunk-270.e200588ee02c9e4e229e.min.js
Requested by
Host: c0.wp.com
URL: https://c0.wp.com/p/jetpack/10.3/_inc/build/instant-search/jp-search-main.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff033508b8624a0129f8ea258ac6173094026133ce8bc8a33aeb7bddcf7ab33d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:45:20 GMT
server
cloudflare
age
4175
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b1%2F0QqviLj0qwREvPZ%2Fp0UEVdet6ZP63oMUmu1msFJBRBcToj7WmBgislVG2P26ia3v%2BPt3MfETBdPOCMd04%2BPK2IKscssToMNHS%2FJmGdTSoH7Y3k%2BIH%2FB46lw5p85FjegRG6pcCMKYlTENILwpWOoA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f6d822a8a35f923-MXP
jp-search.chunk-main-payload.cfde3805b7883db5efb7.min.css
thetruedefender.com/wp-content/plugins/jetpack/_inc/build/instant-search/ 		31 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/jetpack/_inc/build/instant-search/jp-search.chunk-main-payload.cfde3805b7883db5efb7.min.css
Requested by
Host: c0.wp.com
URL: https://c0.wp.com/p/jetpack/10.3/_inc/build/instant-search/jp-search-main.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf59871c87ce926991eb9b430d0ed68972fab10078e539342186fb4986066c6b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:45:20 GMT
server
cloudflare
age
4175
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XlKPG8yxugoNV7bkxaPA37%2B1cJbbuVhBafmKB9W%2FkX0VfIT6s%2F6Mj3gr19g8qUKaXoDZ8KOx3XW%2Fx0%2F4%2Ft%2FvrJrnv%2BPRXqkkbmcwBc3Yesrxc7rfyr8XTyy6iamLOCdhpbYhIs4qGHyf%2FAQ92XdOzw8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f6d822a8a37f923-MXP
jp-search.chunk-main-payload.885bc75706af563a7288.min.js
thetruedefender.com/wp-content/plugins/jetpack/_inc/build/instant-search/ 		69 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/jetpack/_inc/build/instant-search/jp-search.chunk-main-payload.885bc75706af563a7288.min.js
Requested by
Host: c0.wp.com
URL: https://c0.wp.com/p/jetpack/10.3/_inc/build/instant-search/jp-search-main.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f6eeba7d41a74f215acdecfb35980cdf37fbba10119b999992fb4f79e9cd16e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Nov 2021 22:45:20 GMT
server
cloudflare
age
4175
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HtUtsRzFnbdFdAQ2EodbmHNG1LtuPb9W9P9t8I3ARr4IkXHb%2ByneDYyOHfwdbVxadKDFLqfpeP408FFKqi2v8iEeDES1yOAPBulpL95MTs1kQOVdCQqx5BNZyS2qXo%2BLheYM4bI2BrxnOpmgMW2zHEw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f6d822a8a38f923-MXP
bundle.js
auth.instiengage.com/auth/ Frame 693C 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/bundle.js
Requested by
Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:2c00:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
454e275a24548d7c90f785185bef0f45a1a31227dbdf262e23663d3a1c893d34

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://auth.instiengage.com/auth/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
z9_dsDhFEXvmKWuBLcY14W3grjGzZbNe
content-encoding
br
last-modified
Fri, 11 Feb 2022 18:07:15 GMT
server
AmazonS3
age
78
etag
W/"9bea1145c763a33ae96eac3f3997743f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
date
Mon, 04 Apr 2022 22:32:37 GMT
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
sNcwNEErSvKfD9bc9DrXCufIGz-zsQquvQ8Ra7Qk5iu-u3HtB6jKmg==
entities
users.api.jeeng.com/ 		197 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://users.api.jeeng.com/entities?description_md5=&domain_id=0Lvxx4MBY1&image_url_encoded_md5=&image_url_md5=&published_at_md5=&read_only=false&sdk_version=5.8&title_md5=&url=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F
Requested by
Host: users.api.jeeng.com
URL: https://users.api.jeeng.com/users/domains/0Lvxx4MBY1/sdk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:264e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
18f838d2d7fcdb0cc2bf11e8c016ec130a027a931c604524b60aafb87c98808c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
via
1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
age
2772
x-powered-by
Express
x-cache
Hit from cloudfront
content-encoding
gzip
server
cloudflare
etag
W/"c5-LKjNXWSFYlVvRke1b+CuRltIiAo"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
ee8725f115cebd02b5d031cc4ca8eaf0
cache-control
max-age=3600
x-amz-cf-pop
DUS51-P1
cf-ray
6f6d822adb0801e7-ZRH
x-amz-cf-id
iNAvMng_JShYADnrXoPdJ72goos-6G1Uhuzb8MG1rtp19WygXWgJWA==
14731549484471654
lockerdome.com/lad/ Frame 5D17 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/14731549484471654?pubid=ld-2653-3530&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Length
1376
Content-Type
text/html; charset=utf-8
Date
Mon, 04 Apr 2022 22:33:56 GMT
13997836195017830
lockerdome.com/lad/ Frame 4C7E 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/13997836195017830?pubid=ld-5318-880&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Length
1376
Content-Type
text/html; charset=utf-8
Date
Mon, 04 Apr 2022 22:33:56 GMT
14009642120598886
lockerdome.com/lad/ Frame B50B 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/14009642120598886?pubid=ld-183-4563&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Length
1376
Content-Type
text/html; charset=utf-8
Date
Mon, 04 Apr 2022 22:33:56 GMT
e72a8036daedc055e34e45e4989680b2
secure.gravatar.com/avatar/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/e72a8036daedc055e34e45e4989680b2?s=140&d=mm&r=g
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
028f30bdbf06b77047c332af8464a6d7843dd0afe214b8ebe912482fd84ab460

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 04 Apr 2022 22:33:55 GMT
last-modified
Sun, 14 Feb 2021 20:09:30 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="e72a8036daedc055e34e45e4989680b2.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/e72a8036daedc055e34e45e4989680b2?s=140&d=mm&r=g>; rel="canonical"
content-length
36733
expires
Mon, 04 Apr 2022 22:38:55 GMT
Untitled-34.png
i0.wp.com/thetruedefender.com/wp-content/uploads/2022/04/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/thetruedefender.com/wp-content/uploads/2022/04/Untitled-34.png?w=613&ssl=1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
3c086a6d21a6d4accb512b7fe4800280f35574845cbd9eb4ca151814e04f59ef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Mon, 04 Apr 2022 22:33:55 GMT
x-content-type-options
nosniff
last-modified
Mon, 04 Apr 2022 18:52:43 GMT
server
nginx
etag
"b82677757bbe126c"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://thetruedefender.com/wp-content/uploads/2022/04/Untitled-34.png>; rel="canonical"
content-length
79186
expires
Thu, 04 Apr 2024 06:52:43 GMT
Capture-36.png
i0.wp.com/thetruedefender.com/wp-content/uploads/2022/04/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/thetruedefender.com/wp-content/uploads/2022/04/Capture-36.png?resize=220%2C150&ssl=1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
07fb5599beabbcde358a65f89854578c707de793733296d5b22dd35677cf2cb0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Mon, 04 Apr 2022 22:33:55 GMT
x-content-type-options
nosniff
last-modified
Mon, 04 Apr 2022 22:32:38 GMT
server
nginx
etag
"a85bc893f248aa82"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://thetruedefender.com/wp-content/uploads/2022/04/Capture-36.png>; rel="canonical"
content-length
33768
expires
Thu, 04 Apr 2024 10:32:38 GMT
623f6483093c4d00180524ef.webp
i1.wp.com/thetruedefender.com/wp-content/uploads/2022/04/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/thetruedefender.com/wp-content/uploads/2022/04/623f6483093c4d00180524ef.webp?resize=220%2C150&ssl=1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
d3890ac24302a21e7eb190eab6d9cc0df3840c76e722cbd0dbfa8e4d4b78611a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Mon, 04 Apr 2022 22:33:55 GMT
x-content-type-options
nosniff
last-modified
Mon, 04 Apr 2022 22:14:51 GMT
server
nginx
etag
"d2d9cb5df92e15bf"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://thetruedefender.com/wp-content/uploads/2022/04/623f6483093c4d00180524ef.webp>; rel="canonical"
content-length
3536
expires
Thu, 04 Apr 2024 10:14:51 GMT
Untitled-40.png
i2.wp.com/thetruedefender.com/wp-content/uploads/2022/04/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/thetruedefender.com/wp-content/uploads/2022/04/Untitled-40.png?resize=220%2C150&ssl=1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
2096841c3410e85005c5a2a96c400bef02412ec9c73ee35cbc97d80d0279b980
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Mon, 04 Apr 2022 22:33:55 GMT
x-content-type-options
nosniff
last-modified
Mon, 04 Apr 2022 19:11:54 GMT
server
nginx
etag
"590008afeb461431"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://thetruedefender.com/wp-content/uploads/2022/04/Untitled-40.png>; rel="canonical"
content-length
39284
expires
Thu, 04 Apr 2024 07:11:54 GMT
Untitled-39.png
i1.wp.com/thetruedefender.com/wp-content/uploads/2022/04/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/thetruedefender.com/wp-content/uploads/2022/04/Untitled-39.png?resize=220%2C150&ssl=1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
9feea3fef7e224f01c5e035fa45418845b6113b053523fb2bdfd04fa33d2aed7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Mon, 04 Apr 2022 22:33:55 GMT
x-content-type-options
nosniff
last-modified
Mon, 04 Apr 2022 19:11:54 GMT
server
nginx
etag
"7a4ba7af8bc91ebd"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://thetruedefender.com/wp-content/uploads/2022/04/Untitled-39.png>; rel="canonical"
content-length
40386
expires
Thu, 04 Apr 2024 07:11:54 GMT
Untitled-38.png
i2.wp.com/thetruedefender.com/wp-content/uploads/2022/04/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/thetruedefender.com/wp-content/uploads/2022/04/Untitled-38.png?resize=220%2C150&ssl=1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
65564d9d96dc3284cd96fee47dff1169c6d9fba70f9563884e8272ac02cbf6d1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Mon, 04 Apr 2022 22:33:55 GMT
x-content-type-options
nosniff
last-modified
Mon, 04 Apr 2022 19:11:54 GMT
server
nginx
etag
"e7eef215f6907e3a"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://thetruedefender.com/wp-content/uploads/2022/04/Untitled-38.png>; rel="canonical"
content-length
35692
expires
Thu, 04 Apr 2024 07:11:54 GMT
/
geoip.insticator.com/json/ 		240 B
428 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.240.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-240-56.compute-1.amazonaws.com
Software
/
Resource Hash
4f1c901b02ff5cc2f49aa931b1bec9610f5cab6481c15fcef1fa353d4005eef0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Mon, 04 Apr 2022 22:33:56 GMT
access-control-allow-credentials
true
x-database-date
Mon, 04 Apr 2022 16:06:38 GMT
content-length
240
vary
Origin
content-type
application/json
usertracking
b2c.insticator.com/v3/pages/ Frame E281 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b2c.insticator.com/v3/pages/usertracking
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.240.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-240-56.compute-1.amazonaws.com
Software
/
Resource Hash
984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
max-age=3600
content-encoding
gzip
content-length
2821
content-type
text/html; charset=UTF-8
date
Mon, 04 Apr 2022 22:33:55 GMT
etag
549e7cca-645f-4187-b9a4-e302b7c40c45
pragma
max-age=3600
vary
Accept-Encoding,Origin
bb28d960-28c3-46bc-ac88-49bbb3388212.js
df80k0z3fi8zg.cloudfront.net/files/instibid/ 		282 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:6800:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc67a0da87266fb0a131fadf1c593c71f2c20cc2b4f0263e256e742f36275502

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
9P81xVbGnrnO99RWSI2Y3vlxlC8eCSfF
content-encoding
br
last-modified
Thu, 31 Mar 2022 14:26:13 GMT
server
AmazonS3
age
64063
etag
W/"8ae780b9ee378569d8f8337e2618f9e4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
date
Mon, 04 Apr 2022 04:46:12 GMT
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
Q3B-NzRb2QS7WO4nEPIH_cZ1Tt2KAmEREMOGZd9eR1L-aetUrIuCqw==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/95054/2912/ 		199 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3d7a3dca6cb4bccb97b70de73a8246ca11e1945aa69114a16df27df7ade0102a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:56 GMT
content-encoding
gzip
last-modified
Mon, 28 Mar 2022 20:41:28 GMT
server
Apache/2.2.15 (CentOS)
etag
"1121321-31c24-5db4d56343065"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=27618
accept-ranges
bytes
content-type
text/javascript
content-length
63950
expires
Tue, 05 Apr 2022 06:14:14 GMT
config.js
confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/ 		81 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f70f5abc18bf684f6addecfea3e23698643d31a4aed6d1fff2f336097aa1172e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 22:33:55 GMT
Content-Encoding
gzip
Age
2067
X-Cache
HIT
Connection
keep-alive
Content-Length
19513
x-amz-id-2
XuIkXHWr7tX3QWTH0bbJ3fcUcdlLBrIMqPot3pTYmqUH48E4WF2TEEZwnmb0Etj+jgr3aYwOEf4=
X-Served-By
cache-hhn4049-HHN
Last-Modified
Mon, 04 Apr 2022 20:18:36 GMT
Server
AmazonS3
X-Timer
S1649111636.718011,VS0,VE0
ETag
"fc5eec83c09fe7c8154f685db31e32a3"
x-amz-request-id
DJNCC2QXAQ3VMB9D
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
84
user.js
www.lightboxcdn.com/vendor/d56c8b33-6eec-4054-9841-ba2ee261125f/ Frame A03C 		652 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/vendor/d56c8b33-6eec-4054-9841-ba2ee261125f/user.js?cb=637839550792813567
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/d56c8b33-6eec-4054-9841-ba2ee261125f/lightbox.js?mb=1649111634834&lv=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:4fa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
648a63712061b4375896432b5d7a5408ea81a4c3a0037107876e229450c33278

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
pFmeUzH2A0BKQLBVBAQCYw==
age
144010
cf-polished
origSize=1113024
last-modified
Mon, 14 Mar 2022 21:09:57 GMT
x-ms-lease-status
unlocked
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
d7d67439-b01e-005f-6aa3-41eace000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
cf-ray
6f6d822b2a5d0208-ZRH
expires
Tue, 04 Apr 2023 22:33:55 GMT
event
event.insticator.com/v1/ 		0
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.240.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-240-56.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin
*
Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Mon, 04 Apr 2022 22:33:56 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.240.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-240-56.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type
Access-Control-Request-Method
POST
Origin
https://thetruedefender.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
access-control-allow-origin,content-type
access-control-allow-methods
POST
access-control-allow-origin
https://thetruedefender.com
access-control-max-age
3600
content-length
0
date
Mon, 04 Apr 2022 22:33:55 GMT
vary
Origin
14447308783736934
lockerdome.com/lad/ Frame A912 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/14447308783736934?pubid=ld-14447308783736934&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=1560
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Length
1376
Content-Type
text/html; charset=utf-8
Date
Mon, 04 Apr 2022 22:33:56 GMT
ui.r2.js
rumble.com/j/p/ Frame 6323 		69 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumble.com/j/p/ui.r2.js?_v=308
Requested by
Host: rumble.com
URL: https://rumble.com/embed/vrzg9l/?pub=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.59.64.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.40.3ba9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
eb0b44522322e3379c9c3519c63813eab096880b9860a50a17712c5f085580e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
last-modified
Thu, 30 Dec 2021 22:20:00 GMT
server
nginx
etag
W/"61ce3090-11246"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=31536000,immutable,stale-if-error=31536000,stale-while-revalidate=31536000
strict-transport-security
max-age=31536000;includeSubDomains;preload
tjeed.OvCc.jpg
sp.rmbl.ws/s8/6/t/j/e/e/ Frame 6323 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.rmbl.ws/s8/6/t/j/e/e/tjeed.OvCc.jpg
Requested by
Host: rumble.com
URL: https://rumble.com/embed/vrzg9l/?pub=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff7bd2e700fb2c3b244648edafccb3871300629d5fb042a2110fef675aab3ebe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
last-modified
Thu, 10 Feb 2022 17:22:10 GMT
server
nginx
etag
"3804341d7f93f72cede50474db35e646"
x-hw
1649111635.cds218.lo4.hn,1649111635.cds082.lo4.c
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=322
accept-ranges
bytes
content-length
17584
tjeed.caa.mp4
sp.rmbl.ws/s8/2/t/j/e/e/ Frame 6323 		358 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://sp.rmbl.ws/s8/2/t/j/e/e/tjeed.caa.mp4?u=4&b=0
Requested by
Host: rumble.com
URL: https://rumble.com/embed/vrzg9l/?pub=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 04 Apr 2022 22:33:55 GMT
last-modified
Thu, 10 Feb 2022 17:22:02 GMT
server
nginx
access-control-allow-origin
*
etag
"eae12bd72750042fa89d050f4b9ef3ca"
x-hw
1649111635.cds218.lo4.hn,1649111635.cds251.lo4.c
content-type
video/mp4
Content-Range
bytes 0-23719680/23719681
cache-control
max-age=322
accept-ranges
bytes
Content-Length
23719681
loader.js
static.instiengage.com/app-loader/static/
Redirect Chain
  • https://comment.instiengage.com/live/loader/loader.js
  • https://static.instiengage.com/app-loader/static/loader.js
125 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.instiengage.com/app-loader/static/loader.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Server
2600:9000:2315:4400:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5d69634ffd80c606e7a6c37606f7a13e10c9c5eee694a8024df29a32487c62ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
KmgSPa_wgq2tun9O3PhvX4YlCSzp15sY
content-encoding
br
last-modified
Tue, 29 Mar 2022 11:52:44 GMT
server
AmazonS3
age
133
etag
W/"ba770160406e16498bd36794a0845e76"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
date
Mon, 04 Apr 2022 22:32:09 GMT
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
pNA2MfLIDS_LhvMZPG_b9YwPI6ajKtZN36enPTqA9hTOU4aw7SoAMA==

Redirect headers

date
Mon, 04 Apr 2022 22:33:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
location
https://static.instiengage.com/app-loader/static/loader.js
cache-control
max-age=3600
cf-ray
6f6d822c2bc20229-ZRH
expires
Mon, 04 Apr 2022 23:33:55 GMT
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/ 		192 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202203291145/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
217b9e539bd55ad03f86545c4afc436c1d61f04aa131a4679181a3d30bde9480

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 22:33:55 GMT
Content-Encoding
gzip
Fastly-Original-Body-Size
62535
Age
454
X-Cache
HIT
Connection
keep-alive
Content-Length
62535
x-amz-id-2
Yk686UX3tf+sfw6s00j+izfI0JrqyGDELTeuED0o6vdJRolZ5EiShW+T+zVfuBcB3LCtNA9qHNs=
X-Served-By
cache-hhn4049-HHN
Last-Modified
Tue, 29 Mar 2022 15:47:05 GMT
Server
AmazonS3
X-Timer
S1649111636.833364,VS0,VE0
ETag
"52d00808545427ec106d5efaf477f68a"
x-amz-request-id
9PNTNSCKC5Z77DFH
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
580
openrtb
ex.ingage.tech/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:efc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://thetruedefender.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://thetruedefender.com
access-control-max-age
3600
cf-cache-status
DYNAMIC
cf-ray
6f6d822ca9f1cc36-ZRH
content-length
0
date
Mon, 04 Apr 2022 22:33:56 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin, Access-Control-Request-Headers
c
prebid.a-mo.net/a/ 		0
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Mon, 04 Apr 2022 22:33:56 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
121
vary
origin, Accept-Encoding
openrtb
ex.ingage.tech/v1/ 		2 KB
1015 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:efc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b66dee0a29302defc25d9de45dccad5911f133ac34fd0f0730d60c4b349bc14a

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 04 Apr 2022 22:33:56 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
cf-ray
6f6d822f3dc10208-ZRH
prebid-request
onetag-sys.com/ 		15 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://thetruedefender.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
trinity.json
apex.go.sonobi.com/ 		200 B
780 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2223f607a54e6facf%22%3A%22925297bfa73ea1d1480f%7C336x280%2C320x50%2C300x250%2C320x100%22%2C%222467a83b3db3d75%22%3A%22e39607ea179adf617233%7C336x280%2C320x50%2C300x250%2C320x100%22%2C%22252efa037eabab8%22%3A%22925297bfa73ea1d1480f%7C336x280%2C320x50%2C300x250%2C320x100%22%2C%22260f649a8c6d0cd%22%3A%22e39607ea179adf617233%7C336x280%2C320x50%2C300x250%2C320x100%22%2C%22270a4f8657a21ed%22%3A%2290b4426760cc80fe2373%7C336x280%2C320x50%2C300x250%2C320x100%22%2C%22285e5c34b6ee55f%22%3A%2205164074ab766f531967%7C336x280%2C320x50%2C300x250%2C320x100%22%7D&ref=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&s=ec96fd98-dc36-4652-9c93-5879d99f800c&pv=7b48b533-888b-4c54-8bdc-7e6a368c36c6&vp=desktop&lib_name=prebid&lib_v=4.43.4&us=50&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%229ccc38e7-6410-49a8-8d63-8c284952d1a9%22%2C%22hp%22%3A1%2C%22rid%22%3A%2287be13da1b1d34%22%7D%5D%7D&coppa=0
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
0979e97fa96897d21508fc15698ed30abd08f8492a37a2aabc55bdb637899f2a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 22:33:55 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-128
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://thetruedefender.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
162
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Mon, 04 Apr 2022 22:33:57 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
header
hb.aralego.com/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-BE78B8AA744E28DE17DE2D2D6DB6BA87&tdid=&schain=1.0%2C1!insticator.com%2C9ccc38e7-6410-49a8-8d63-8c284952d1a9%2C1%2C87be13da1b1d34%2C%2C&eids=&host=thetruedefender.com&u=https%3A%2F%2Fthetruedefender.com&xr=0&ucfUid=a6d1eea6-c987-4a3f-ad57-d462b8d19818&w=336&h=280
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://thetruedefender.com
Date
Mon, 04 Apr 2022 22:33:56 GMT
Access-Control-Allow-Credentials
true
Connection
close
header
hb.aralego.com/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-BE78B8AA744E28DE17DE2D2D6DB6BA87&tdid=&schain=1.0%2C1!insticator.com%2C9ccc38e7-6410-49a8-8d63-8c284952d1a9%2C1%2C87be13da1b1d34%2C%2C&eids=&host=thetruedefender.com&u=https%3A%2F%2Fthetruedefender.com&xr=0&ucfUid=a6d1eea6-c987-4a3f-ad57-d462b8d19818&w=336&h=280
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://thetruedefender.com
Date
Mon, 04 Apr 2022 22:33:56 GMT
Access-Control-Allow-Credentials
true
Connection
close
header
hb.aralego.com/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-BE78B8AA744E28DE17DE2D2D6DB6BA87&tdid=&schain=1.0%2C1!insticator.com%2C9ccc38e7-6410-49a8-8d63-8c284952d1a9%2C1%2C87be13da1b1d34%2C%2C&eids=&host=thetruedefender.com&u=https%3A%2F%2Fthetruedefender.com&xr=0&ucfUid=a6d1eea6-c987-4a3f-ad57-d462b8d19818&w=336&h=280
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://thetruedefender.com
Date
Mon, 04 Apr 2022 22:33:56 GMT
Access-Control-Allow-Credentials
true
Connection
close
header
hb.aralego.com/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-BE78B8AA744E28DE17DE2D2D6DB6BA87&tdid=&schain=1.0%2C1!insticator.com%2C9ccc38e7-6410-49a8-8d63-8c284952d1a9%2C1%2C87be13da1b1d34%2C%2C&eids=&host=thetruedefender.com&u=https%3A%2F%2Fthetruedefender.com&xr=0&ucfUid=a6d1eea6-c987-4a3f-ad57-d462b8d19818&w=336&h=280
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://thetruedefender.com
Date
Mon, 04 Apr 2022 22:33:56 GMT
Access-Control-Allow-Credentials
true
Connection
close
header
hb.aralego.com/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-BE78B8AA744E28DE17DE2D2D6DB6BA87&tdid=&schain=1.0%2C1!insticator.com%2C9ccc38e7-6410-49a8-8d63-8c284952d1a9%2C1%2C87be13da1b1d34%2C%2C&eids=&host=thetruedefender.com&u=https%3A%2F%2Fthetruedefender.com&xr=0&ucfUid=a6d1eea6-c987-4a3f-ad57-d462b8d19818&w=336&h=280
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://thetruedefender.com
Date
Mon, 04 Apr 2022 22:33:56 GMT
Access-Control-Allow-Credentials
true
Connection
close
header
hb.aralego.com/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-BE78B8AA744E28DE17DE2D2D6DB6BA87&tdid=&schain=1.0%2C1!insticator.com%2C9ccc38e7-6410-49a8-8d63-8c284952d1a9%2C1%2C87be13da1b1d34%2C%2C&eids=&host=thetruedefender.com&u=https%3A%2F%2Fthetruedefender.com&xr=0&ucfUid=a6d1eea6-c987-4a3f-ad57-d462b8d19818&w=336&h=280
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://thetruedefender.com
Date
Mon, 04 Apr 2022 22:33:56 GMT
Access-Control-Allow-Credentials
true
Connection
close
/
hb.emxdgt.com/ 		0
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1649111635259&src=pbjs
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.101.33 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-101-33.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Mon, 04 Apr 2022 22:33:55 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
ROS
ads.us.e-planning.net/hb/1/25987/1/thetruedefender.com/
Redirect Chain
  • https://ads.us.e-planning.net/pbjs/1/25987/1/thetruedefender.com/ROS?rnd=0.17482487082824005&e=300x250_0%3A300x250%2C336x280%2C320x50%2C320x100%2B300x250_1%3A300x250%2C336x280%2C320x50%2C320x100%2B...
  • https://ads.us.e-planning.net/hb/1/25987/1/thetruedefender.com/ROS?ct=1&r=pbjs&rnd=0.17482487082824005&e=300x250_0%3A300x250%2C336x280%2C320x50%2C320x100%2B300x250_1%3A300x250%2C336x280%2C320x50%2C...
466 B
884 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/hb/1/25987/1/thetruedefender.com/ROS?ct=1&r=pbjs&rnd=0.17482487082824005&e=300x250_0%3A300x250%2C336x280%2C320x50%2C320x100%2B300x250_1%3A300x250%2C336x280%2C320x50%2C320x100%2B300x250_2%3A300x250%2C336x280%2C320x50%2C320x100%2B300x250_3%3A300x250%2C336x280%2C320x50%2C320x100%2B300x250_4%3A300x250%2C336x280%2C320x50%2C320x100%2B300x250_5%3A300x250%2C336x280%2C320x50%2C320x100&ur=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&pbv=4.43.4&ncb=1&vs=FFFFFF&crs=UTF-8&fr=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Server
5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
b68e79f20dd12410c58c35be5038fe8fb34b9c64bcecc6c2621b7a89be8d263a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:56 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://thetruedefender.com
expires
Mon, 04 Apr 2022 22:33:56 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
466
x-sid
AMS-603

Redirect headers

date
Mon, 04 Apr 2022 22:33:55 GMT
server
openresty
access-control-allow-origin
https://thetruedefender.com
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/25987/1/thetruedefender.com/ROS?ct=1&r=pbjs&rnd=0.17482487082824005&e=300x250_0%3A300x250%2C336x280%2C320x50%2C320x100%2B300x250_1%3A300x250%2C336x280%2C320x50%2C320x100%2B300x250_2%3A300x250%2C336x280%2C320x50%2C320x100%2B300x250_3%3A300x250%2C336x280%2C320x50%2C320x100%2B300x250_4%3A300x250%2C336x280%2C320x50%2C320x100%2B300x250_5%3A300x250%2C336x280%2C320x50%2C320x100&ur=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&pbv=4.43.4&ncb=1&vs=FFFFFF&crs=UTF-8&fr=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
AMS-603
prebid
ib.adnxs.com/ut/v3/ 		721 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c55d9b3489d33b7ba1907cbb7c0e20ea0f4b4db804300dda1ed32c5edb9159df
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 04 Apr 2022 22:33:56 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
193.27.14.44; 193.27.14.44; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
3c356069-95a6-4de2-9885-1ac82a4b4bda
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://thetruedefender.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		94 B
750 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.4
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
8ce4cfaffdd9e11b62043557ba2744d5d99a885181c6250d6dcc890ce49d5c2b

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 04 Apr 2022 22:33:56 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://thetruedefender.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=atx4xsU7Or6R0PaKlId8sQ
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
b5bc1db7ed60018d990a297991ab95786d756c6eb9f7c8d04648eae382eddb36

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Apr 2022 22:33:56 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		66 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=atx4xsU7Or6R0PaKlId8sQ
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
cf7de8c404695b58f78c458dedc6d73ad88a5f69b0174789946010230c79d8f2

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Apr 2022 22:33:56 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bAsyo8U7Or6PeLaKkv7mNO
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
9b706436e7668d34e9e2b2e7cbaf2aff8ca6c0d07bbdb4b1bfe328fcc02f92cb

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Apr 2022 22:33:56 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bAsyo8U7Or6PeLaKkv7mNO
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
7731e3105eac21392a0e469d856150542f164d885ba20b00f465986705866ea3

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Apr 2022 22:33:56 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		66 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bAsyo8U7Or6PeLaKkv7mNO
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
bdb4379d36bd89b8f42933e63230ed7c56a579304c63bab8dffc6f2acefc0865

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Apr 2022 22:33:56 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		66 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bAsyo8U7Or6PeLaKkv7mNO
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
8fb9b46fcb5342f3fac2bd5272a214a91613b2b24bd99fecf9ab4aed2828df47

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Apr 2022 22:33:56 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
mvo
tag.1rx.io/rmp/213651/0/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/213651/0/mvo?z=1r&hbv=4.43.4,2.1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Utrecht, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
pragma
no-cache
date
Mon, 04 Apr 2022 22:33:55 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=637828889975042089
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/d56c8b33-6eec-4054-9841-ba2ee261125f/user.js?cb=637839550792813567
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:4fa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 04 Apr 2022 22:33:55 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
q4B4xYJoZwx9ikt94o1nCA==
age
2621
cf-polished
origSize=6016
x-ms-meta-cbmodifiedtime
Wed, 10 Apr 2019 18:50:43 GMT
last-modified
Wed, 10 Apr 2019 19:06:17 GMT
x-ms-lease-status
unlocked
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
x-ms-request-id
53737af3-f01e-0058-36e8-371c4b000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
cf-ray
6f6d822ccbce0208-ZRH
expires
Tue, 04 Apr 2023 22:33:55 GMT
z
lightboxapi.azurewebsites.net/z9gd/43726/thetruedefender.com/jsonp/ 		292 B
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lightboxapi.azurewebsites.net/z9gd/43726/thetruedefender.com/jsonp/z?cb=1649111635309&callback=jQuery17106533203934874858_1649111635288&_=1649111635310
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/d56c8b33-6eec-4054-9841-ba2ee261125f/user.js?cb=637839550792813567
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c7e43777c3637ebe3330efe852001b58edc5c6c2fa217fb65b1c3ebec8f679d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 22:33:56 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Content-Type
application/javascript
t.gif
www.lightboxcdn.com/z9g/ 		35 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lightboxcdn.com/z9g/t.gif?c=1649111635296&h=thetruedefender.com&e=p&u=43726
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:4fa5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 04 Apr 2022 22:33:55 GMT
cf-cache-status
HIT
content-md5
KNaBTzCeoon4R8ac+RGUxg==
age
1115775
cf-polished
status=not_needed
x-ms-meta-cbmodifiedtime
Tue, 26 Feb 2019 00:59:40 GMT
content-length
35
x-ms-lease-status
unlocked
last-modified
Tue, 26 Feb 2019 01:15:02 GMT
server
cloudflare
etag
0x8D69B87D5A1B25F
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
x-ms-request-id
349b9e43-e01e-0063-4e83-b113e4000000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6f6d822cdbe20208-ZRH
cf-bgj
imgq:85,h2pri
token
eua.instiengage.com/v1/auth/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eua.instiengage.com/v1/auth/token
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.110.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-110-18.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://auth.instiengage.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://auth.instiengage.com
access-control-max-age
3600
content-length
0
date
Mon, 04 Apr 2022 22:33:56 GMT
vary
Origin
token
eua.instiengage.com/v1/auth/ Frame 693C 		864 B
1016 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://eua.instiengage.com/v1/auth/token
Requested by
Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.110.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-110-18.compute-1.amazonaws.com
Software
/
Resource Hash
c2feb61e9658afad30338c5c5ebd2b10f5b0c9ded5ec08b7f911279fe8ff68ad

Request headers

Referer
https://auth.instiengage.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://auth.instiengage.com
date
Mon, 04 Apr 2022 22:33:56 GMT
access-control-allow-credentials
true
content-length
864
vary
Origin
content-type
application/json
analytics.js
www.google-analytics.com/ Frame 6323 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=308
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1750
date
Mon, 04 Apr 2022 22:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 05 Apr 2022 00:04:46 GMT
view...rzg9l.6gbjwt
rumble.com/l/ Frame 6323 		35 B
191 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rumble.com/l/view...rzg9l.6gbjwt?p=2.3&r=96805817&ref=https%3A%2F%2Fthetruedefender.com%2F&gt=2
Requested by
Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=308
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.59.64.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.40.3ba9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 04 Apr 2022 22:33:56 GMT
server
nginx
strict-transport-security
max-age=31536000;includeSubDomains;preload
log-code
3
content-type
image/gif
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 6323 		374 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: rumble.com
URL: https://rumble.com/embed/vrzg9l/?pub=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22e56b7e66a75203914f5f0cb9cf1c4e95c065f101ace2189cc31de2da60f61e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127633
x-xss-protection
0
expires
Mon, 04 Apr 2022 22:33:56 GMT
getContentIdByUrl
comment.instiengage.com/live/comments/api/comments/ 		79 B
400 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://comment.instiengage.com/live/comments/api/comments/getContentIdByUrl?integrationId=da433b6f-da8b-48a9-a735-7373e57d2199&pageUrl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&pageTitle=Angelina%20Jolie%20Admits%20Participation%20In%20Satanic%20Ritual%3F!%20-%20The%20True%20Defender%20!&extPageId={extPageId}&imageUrl=http://thetruedefender.com/wp-content/uploads/2022/04/Untitled-34.png
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/loader/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a50b54ab50fca6c20f6fe556c85051835cb1c9e5076904a92ce33324db91c1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
requestid
4026328d-bd57-496d-8708-2e6f4ae052c9
vary
Origin, Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains
cf-ray
6f6d822dcabf2325-ZRH
dc.js
stats.g.doubleclick.net/ Frame 5D17 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/14731549484471654?pubid=ld-2653-3530&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2960
date
Mon, 04 Apr 2022 21:44:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Mon, 04 Apr 2022 23:44:36 GMT
dc.js
stats.g.doubleclick.net/ Frame 4C7E 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13997836195017830?pubid=ld-5318-880&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2960
date
Mon, 04 Apr 2022 21:44:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Mon, 04 Apr 2022 23:44:36 GMT
dc.js
stats.g.doubleclick.net/ Frame B50B 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/14009642120598886?pubid=ld-183-4563&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2960
date
Mon, 04 Apr 2022 21:44:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Mon, 04 Apr 2022 23:44:36 GMT
bridge3.509.0_en.html
imasdk.googleapis.com/js/core/ Frame 5F80 		632 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.509.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d78fa11d49d6f5896519ee387440209a4ad363f68a816146c03b732b3fd45809
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
244417
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209648
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 02 Apr 2022 02:40:19 GMT
expires
Sun, 02 Apr 2023 02:40:19 GMT
last-modified
Sat, 02 Apr 2022 02:33:22 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 6323 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 04 Apr 2022 22:33:56 GMT
a..4.fzspt.rzg9l..h4.1ohvv4k
rumble.com/l/ Frame 6323 		35 B
191 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rumble.com/l/a..4.fzspt.rzg9l..h4.1ohvv4k?p=2.3&r=96805817&ref=https%3A%2F%2Fthetruedefender.com%2F&t=6&a=0&art=0&atype=0&et=423&gt=2
Requested by
Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=308
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.59.64.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.40.3ba9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 04 Apr 2022 22:33:56 GMT
server
nginx
strict-transport-security
max-age=31536000;includeSubDomains;preload
log-code
3
content-type
image/gif
a..4.fzspt.rzg9l..h4.1ohvv4k
rumble.com/l/ Frame 6323 		35 B
191 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rumble.com/l/a..4.fzspt.rzg9l..h4.1ohvv4k?p=2.3&r=96805817&ref=https%3A%2F%2Fthetruedefender.com%2F&t=5&a=0&art=0&atype=0&et=424&gt=2
Requested by
Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=308
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.59.64.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.40.3ba9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 04 Apr 2022 22:33:56 GMT
server
nginx
strict-transport-security
max-age=31536000;includeSubDomains;preload
log-code
3
content-type
image/gif
dc.js
stats.g.doubleclick.net/ Frame A912 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/14447308783736934?pubid=ld-14447308783736934&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=1560
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2960
date
Mon, 04 Apr 2022 21:44:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Mon, 04 Apr 2022 23:44:36 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame C6B8 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 21:52:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 04 Apr 2022 22:52:12 GMT
search
public-api.wordpress.com/rest/v1.3/sites/189343063/ 		10 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://public-api.wordpress.com/rest/v1.3/sites/189343063/search?aggregations%5Btaxonomy_0%5D%5Bterms%5D%5Bfield%5D=category.slug_slash_name&aggregations%5Btaxonomy_0%5D%5Bterms%5D%5Bsize%5D=5&aggregations%5Btaxonomy_1%5D%5Bterms%5D%5Bfield%5D=tag.slug_slash_name&aggregations%5Btaxonomy_1%5D%5Bterms%5D%5Bsize%5D=5&aggregations%5Bdate_histogram_2%5D%5Bdate_histogram%5D%5Bfield%5D=date&aggregations%5Bdate_histogram_2%5D%5Bdate_histogram%5D%5Binterval%5D=year&fields%5B0%5D=date&fields%5B1%5D=permalink.url.raw&fields%5B2%5D=tag.name.default&fields%5B3%5D=category.name.default&fields%5B4%5D=post_type&fields%5B5%5D=has.image&fields%5B6%5D=shortcode_types&fields%5B7%5D=image.url.raw&highlight_fields%5B0%5D=title&highlight_fields%5B1%5D=content&highlight_fields%5B2%5D=comments&query=&sort=score_default&size=10
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/wp-content/plugins/jetpack/_inc/build/instant-search/jp-search.chunk-main-payload.885bc75706af563a7288.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
57909edb3403ab66ad2d1fee2fc449f04803525fb7f583bd30dfe619b3ac65f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-hacker
Oh, Awesome: Opossum
date
Mon, 04 Apr 2022 22:33:56 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
false
x-ac
1.hhn _dfw
strict-transport-security
max-age=15552000
host-header
WordPress.com
expires
Wed, 11 Jan 1984 05:00:00 GMT
82ca0152-0a92-4175-bac5-63889a43274b.js
product.instiengage.com/ceu-code/ Frame 2FD0 		369 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://product.instiengage.com/ceu-code/82ca0152-0a92-4175-bac5-63889a43274b.js
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/product-loader-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:2c00:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1555ab743d7ad5bfc38acffd473228660cb76a378f7f0166dd0b9d37317f1694

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
oF8vthqsBHkaU0CJGGWDGYhCA0Nq._Nq
content-encoding
br
last-modified
Wed, 16 Mar 2022 13:59:43 GMT
server
AmazonS3
age
1497
etag
W/"faacc872fdb81d022d17e87bd756390b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
date
Mon, 04 Apr 2022 22:09:00 GMT
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
rtO3u8gA-ZdzjnOMr-uZkKhlSMh0i5--DSbvegKL-jKep99HjscwNA==
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthetruedefender.com%2F&domain=thetruedefender.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://thetruedefender.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 04 Apr 2022 22:33:56 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1510
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthetruedefender.com%2F&domain=thetruedefender.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=L1bDQnx6dUgyZzlaVHRVaDRLWWtnYXd5anc5OGJpeHVxc1dkc29lcnpxV2FxQ3huZUU1bVg4Z3loVml3TlZvUytZSkdFcElhNGZoYmY2T0YyYldBeFY1K0s5Z1BHZFNVeS93NkN5b0dSMjY2QTF5WXVMbWxrYVIvTkpLcU...
350 B
619 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=L1bDQnx6dUgyZzlaVHRVaDRLWWtnYXd5anc5OGJpeHVxc1dkc29lcnpxV2FxQ3huZUU1bVg4Z3loVml3TlZvUytZSkdFcElhNGZoYmY2T0YyYldBeFY1K0s5Z1BHZFNVeS93NkN5b0dSMjY2QTF5WXVMbWxrYVIvTkpLcU1jWUxLYUUvNzhLVzNZNkNHL2VEb2Rib25VL2hvMncvWlRHbFJSNDdEZ0d0UGVkcmRUamNqOUtOV1hMWStvRDJWc2ZSS0RHNHF3MXFmNy9rZFhiLy9ZMGx6TEZ1OWxPL3A2OS9nU0JucnJaZHNDcS9iTFYwVDBRRmlQalNSK05rV1NveWxmVy9xfA&cppv=2
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e9ce8afae03600db59109b564730525fd955e46ce83f14bab377dfd7647d392d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:33:56 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2047
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:33:55 GMT
location
https://mug.criteo.com/sid?cpp=L1bDQnx6dUgyZzlaVHRVaDRLWWtnYXd5anc5OGJpeHVxc1dkc29lcnpxV2FxQ3huZUU1bVg4Z3loVml3TlZvUytZSkdFcElhNGZoYmY2T0YyYldBeFY1K0s5Z1BHZFNVeS93NkN5b0dSMjY2QTF5WXVMbWxrYVIvTkpLcU1jWUxLYUUvNzhLVzNZNkNHL2VEb2Rib25VL2hvMncvWlRHbFJSNDdEZ0d0UGVkcmRUamNqOUtOV1hMWStvRDJWc2ZSS0RHNHF3MXFmNy9rZFhiLy9ZMGx6TEZ1OWxPL3A2OS9nU0JucnJaZHNDcS9iTFYwVDBRRmlQalNSK05rV1NveWxmVy9xfA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1781
content-length
509
expires
0
tag.min.js
get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-11.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
83af3eed9bc9713193f2ad86f6214e2554ec29f8022e054dcf696a10d59ff9d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
aT8uF5QDZCsxz_FuCjV0EGzNRrUyg9DX
content-encoding
gzip
last-modified
Thu, 17 Jun 2021 18:02:42 GMT
server
AmazonS3
age
73256
etag
W/"51ed6db266476896c6fe9a06992898e2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 f47fcc9b2aa47ced36c40c318e6f006a.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Mon, 04 Apr 2022 02:13:02 GMT
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
pe_99_fae5W165QcYDdjDnprvlYvY60SrsHRe1-izsHbUYeig_Ya6w==
css
fonts.googleapis.com/ Frame 2FD0 		4 KB
1010 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7d694378a918429a4e72b476bab1d5204e345caa90b3fa5b46ef5ffc75c90ace
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 21:29:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 04 Apr 2022 22:33:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Apr 2022 22:33:56 GMT
all.css
use.fontawesome.com/releases/v5.5.0/css/ Frame 2FD0 		50 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
23509579
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
MD3W2M9AJ7N91H82
x-amz-id-2
88s6UgLClUOvut0dinL15y9LyHKM4IXzztjPVfG/s6eyrsZH2O3bw4ozEDO1eEaACTw9Ob05QFc=
last-modified
Wed, 30 Jun 2021 15:43:32 GMT
server
cloudflare
etag
W/"1cc6c92172d124fbd305ba3d8e263333"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bdXOEvmf4MwEbpegGi9WzAfeA6RgNP%2B1ZwXZ4TS1riq0IMFB6EmPhs3tC4tt%2B9oW6bOBDt5Jmfu%2BSgnJLPfWN21X9wvbIgxOR27upZZT0U3CtfQ%2FqPyfcW7gPXQMMgGU8mNnzkwHA0LyDyoDzdhLrAcP"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
6f6d8230bdadf91b-MXP
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1011984955&t=pageview&_s=1&dl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&dp=%2Fbb28d960-28c3-46bc-ac88-49bbb3388212&ul=en-us&de=UTF-8&dt=Angelina%20Jolie%20Admits%20Participation%20In%20Satanic%20Ritual%3F!%20-%20The%20True%20Defender%20!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAAUIhAAAAAC~&jid=232909387&gjid=272225130&cid=887997127.1649111635&tid=UA-123718506-11&_gid=353712049.1649111635&_r=1&_slc=1&z=1833925982
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:33:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
geoip.instiengage.com/json/ Frame 2FD0 		240 B
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.instiengage.com/json/
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/82ca0152-0a92-4175-bac5-63889a43274b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.110.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-110-18.compute-1.amazonaws.com
Software
/
Resource Hash
4f1c901b02ff5cc2f49aa931b1bec9610f5cab6481c15fcef1fa353d4005eef0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Mon, 04 Apr 2022 22:33:56 GMT
access-control-allow-credentials
true
x-database-date
Mon, 04 Apr 2022 16:06:38 GMT
content-length
240
vary
Origin
content-type
application/json
logo-insticator-light-opt.png
static.instiengage.com/files/images/embed4.0/app/ Frame 2FD0 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/files/images/embed4.0/app/logo-insticator-light-opt.png
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:4400:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b943ac9eb37bac5937d3fdec8a4295e7e330f8c1ff4b481fb2810d3ae4bca8dd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
w7gtQSz9AStQdiIs3IcLPUYoKdf9yCiw
via
1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 18:59:06 GMT
server
AmazonS3
age
153
etag
"b5cc01468ea9b242e6354798d28874df"
x-cache
Hit from cloudfront
content-type
image/png
date
Mon, 04 Apr 2022 22:31:27 GMT
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
2129
x-amz-cf-id
RGLAOduyBGAlukjHhFnE5nGjQtUFKxBq_zkAuLWn5OIcemKtToFyaQ==
icon-check.png
static.instiengage.com/files/images/embed4.0/app/ Frame 2FD0 		649 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/files/images/embed4.0/app/icon-check.png
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:4400:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
151c4c52c25dd28c33321aaaeabe879c4814087d4eaf7545d93f5d81d4d1c4f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
LAzj2T9To4nJbbC7ZHWfpQpTuFxrgcvY
via
1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 18:59:06 GMT
server
AmazonS3
age
104
etag
"b673377b664a0b33454c267d911fcfc1"
x-cache
Hit from cloudfront
content-type
image/png
date
Mon, 04 Apr 2022 22:32:28 GMT
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
649
x-amz-cf-id
1KcW-sAFeSLMwius3OEtDu0RD1eNwwvXtjF7AV_6qj0KJZqz-31ZKg==
graphic-ooc-opt.png
static.instiengage.com/files/images/embed4.0/app/ Frame 2FD0 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/files/images/embed4.0/app/graphic-ooc-opt.png
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:4400:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
695ce10188e5306fcbf679b7cc125b6eac681d124a85a5908bbd8d0079a47e9a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
eOMnJSzBI81wb4OK.n4S.oHVD4IqRrSP
via
1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 18:59:05 GMT
server
AmazonS3
age
161
etag
"3b5c1361f893cc23b07c2f3cc48cee32"
x-cache
Hit from cloudfront
content-type
image/png
date
Mon, 04 Apr 2022 22:31:21 GMT
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
4833
x-amz-cf-id
pPgk7KJFbHYSKjU8XOjoNl4138cWzzDSkMCg48NJnxBLO4mseajgyA==
contents
cms.instiengage.com/v3/ Frame 2FD0 		18 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cms.instiengage.com/v3/contents?embed_uuid=82ca0152-0a92-4175-bac5-63889a43274b&cookie_id=null&content_order=ORDERED&for_embed=true&content_count=20
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/82ca0152-0a92-4175-bac5-63889a43274b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.110.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-110-18.compute-1.amazonaws.com
Software
/
Resource Hash
d4587b41854ad9a6da58ebcdafa01d426d1f8945810c656891cda431603a567e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Mon, 04 Apr 2022 22:33:56 GMT
access-control-allow-credentials
true
content-length
18425
vary
Origin
content-type
application/json
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=L1bDQnx6dUgyZzlaVHRVaDRLWWtnYXd5anc5OGJpeHVxc1dkc29lcnpxV2FxQ3huZUU1bVg4Z3loVml3TlZvUytZSkdFcElhNGZoYmY2T0YyYldBeFY1K0s5Z1BHZFNVeS93NkN5b0dSMjY2QTF5WXVMbWxrYVIvTkpLcU1jWUxLYUUvNzhLVzNZNkNHL2VEb2Rib25VL2hvMncvWlRHbFJSNDdEZ0d0UGVkcmRUamNqOUtOV1hMWStvRDJWc2ZSS0RHNHF3MXFmNy9rZFhiLy9ZMGx6TEZ1OWxPL3A2OS9nU0JucnJaZHNDcS9iTFYwVDBRRmlQalNSK05rV1NveWxmVy9xfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 04 Apr 2022 22:33:56 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1146
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v16/ Frame 2FD0 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v16/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 05:34:56 GMT
x-content-type-options
nosniff
age
493140
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48480
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:24:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 30 Mar 2023 05:34:56 GMT
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v16/ Frame 2FD0 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v16/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 05:34:56 GMT
x-content-type-options
nosniff
age
493140
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48480
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:24:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 30 Mar 2023 05:34:56 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-123718506-11&cid=887997127.1649111635&jid=232909387&gjid=272225130&_gid=353712049.1649111635&_u=aHDAAUIhAAAAAC~&z=230291745
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 04 Apr 2022 22:33:56 GMT
content-type
text/plain
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-geo.s-onetag.com/ 		555 B
969 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-79.dus51.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 16:16:59 GMT
via
1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront), 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
age
22617
x-amzn-requestid
c5e9f456-3022-42da-ac38-1865bcdc10f1
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P6, DUS51-P1
x-amz-apigw-id
QED_WEi8iYcFwRQ=
content-length
555
x-amz-cf-id
RdfKUYAue4wnOrhtHUpdAoG1CxuMUoFAaM4cFApXWNZiwA-7cB6ZRQ==
beacon.min.js
signal-beacon.s-onetag.com/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-71.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b174c2de49f6aa7f8b72125c63c163012b9ff34afdbdaea39b4c499e1d16df8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 04 Apr 2022 13:02:28 GMT
content-encoding
gzip
last-modified
Mon, 04 Apr 2022 13:02:16 GMT
server
AmazonS3
age
34289
etag
W/"af8244025b2d978df209bf028c458664"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
uiJ1YCXqTfg4YsRV.iQoQhQ_4iTW1U6K
via
1.1 e4aaaf9d55a242f83ddc793442b0ebe2.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
DUS51-P2
content-type
application/javascript
x-amz-cf-id
a4J6KKHYtCuLhvhV_9giDvLALSK24BbTqwODwSasM21aJzAFjn08TA==
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-123718506-11&cid=887997127.1649111635&jid=232909387&_u=aHDAAUIhAAAAAC~&z=1586915205
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:33:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-123718506-11&cid=887997127.1649111635&jid=232909387&_u=aHDAAUIhAAAAAC~&z=1586915205
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:33:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
event.instiengage.com/v1/ Frame 2FD0 		0
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_ceu-load-v2
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/82ca0152-0a92-4175-bac5-63889a43274b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.110.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-110-18.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Mon, 04 Apr 2022 22:33:56 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.instiengage.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_ceu-load-v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.110.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-110-18.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://thetruedefender.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://thetruedefender.com
access-control-max-age
3600
content-length
0
date
Mon, 04 Apr 2022 22:33:56 GMT
vary
Origin
Capture-21.png
i2.wp.com/thetruedefender.com/wp-content/uploads/2022/02/ 		263 KB
263 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/thetruedefender.com/wp-content/uploads/2022/02/Capture-21.png?resize=600%2C600
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
a0abdc9f0cc53d83b528a3e144d45ad945de92971a647ac46cefad667325c2e1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Mon, 04 Apr 2022 22:33:56 GMT
x-content-type-options
nosniff
last-modified
Sat, 05 Feb 2022 16:38:03 GMT
server
nginx
etag
"ec5083a2f7d082ca"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://thetruedefender.com/wp-content/uploads/2022/02/Capture-21.png>; rel="canonical"
content-length
269180
expires
Tue, 06 Feb 2024 04:38:03 GMT
Untitled-254.png
i0.wp.com/thetruedefender.com/wp-content/uploads/2022/03/ 		219 KB
220 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/thetruedefender.com/wp-content/uploads/2022/03/Untitled-254.png?resize=600%2C600
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
10cc40dcb38bca647813497bbcf816cc2dc8be63acc788b647094732a3ef2665
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Mon, 04 Apr 2022 22:33:56 GMT
x-content-type-options
nosniff
last-modified
Thu, 24 Mar 2022 13:10:01 GMT
server
nginx
etag
"8cbfa1f8a8510ff1"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://thetruedefender.com/wp-content/uploads/2022/03/Untitled-254.png>; rel="canonical"
content-length
224440
expires
Sun, 24 Mar 2024 01:10:01 GMT
Capture-128.png
i2.wp.com/thetruedefender.com/wp-content/uploads/2022/03/ 		189 KB
189 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/thetruedefender.com/wp-content/uploads/2022/03/Capture-128.png?resize=600%2C600
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
72cbd458acb6541bae40971f2d3b61ad670847d8867089613a9b2a3ef198ac09
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Mon, 04 Apr 2022 22:33:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 03 Apr 2022 19:40:42 GMT
server
nginx
etag
"5c39f9be72f3c0a9"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://thetruedefender.com/wp-content/uploads/2022/03/Capture-128.png>; rel="canonical"
content-length
193318
expires
Wed, 03 Apr 2024 07:40:42 GMT
Capture-152.png
i1.wp.com/thetruedefender.com/wp-content/uploads/2022/01/ 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/thetruedefender.com/wp-content/uploads/2022/01/Capture-152.png?resize=600%2C600
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
1f0961ae015216cae439ab6c766970d493be0d41221ac59d8b44f074ccd2928d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Mon, 04 Apr 2022 22:33:56 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Feb 2022 20:44:58 GMT
server
nginx
etag
"d4e3a0c3fc4a9124"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://thetruedefender.com/wp-content/uploads/2022/01/Capture-152.png>; rel="canonical"
content-length
115676
expires
Sun, 11 Feb 2024 08:44:58 GMT
je-pro-vas-u-mobilu-dulezita-podpora-5g-vikendova-hlasovacka-774x516-1.jpg
i1.wp.com/thetruedefender.com/wp-content/uploads/2022/01/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/thetruedefender.com/wp-content/uploads/2022/01/je-pro-vas-u-mobilu-dulezita-podpora-5g-vikendova-hlasovacka-774x516-1.jpg?resize=600%2C600
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
f9d061f3e4ee1b8551d5d1c322ecc1e6ab2bed7c9bf06aaf17c1d0719afa2cd7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 04 Apr 2022 22:33:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Feb 2022 00:21:39 GMT
server
nginx
etag
"54c9c4e919232b79"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://thetruedefender.com/wp-content/uploads/2022/01/je-pro-vas-u-mobilu-dulezita-podpora-5g-vikendova-hlasovacka-774x516-1.jpg>; rel="canonical"
content-length
55264
expires
Thu, 15 Feb 2024 12:21:39 GMT
Untitled-21.png
i2.wp.com/thetruedefender.com/wp-content/uploads/2022/02/ 		236 KB
237 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/thetruedefender.com/wp-content/uploads/2022/02/Untitled-21.png?resize=600%2C600
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
cb20feb7873601d3c9ffc7e5dcab810ac97b6fd5964d14600c5c3ce84bfa417a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Mon, 04 Apr 2022 22:33:56 GMT
x-content-type-options
nosniff
last-modified
Wed, 16 Feb 2022 15:25:50 GMT
server
nginx
etag
"4c67f1f330bbebea"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://thetruedefender.com/wp-content/uploads/2022/02/Untitled-21.png>; rel="canonical"
content-length
241756
expires
Sat, 17 Feb 2024 03:25:50 GMT
5f1f03f4f34d052aae397ea2.jpg
i2.wp.com/thetruedefender.com/wp-content/uploads/2022/01/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/thetruedefender.com/wp-content/uploads/2022/01/5f1f03f4f34d052aae397ea2.jpg?resize=600%2C600
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
ab989d8d50b5572e0277ee175d8c2cc89bf543453f53a32f729296344e843ea3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 04 Apr 2022 22:33:56 GMT
x-content-type-options
nosniff
last-modified
Wed, 16 Feb 2022 15:18:34 GMT
server
nginx
etag
"f77f45269d5dfe1a"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://thetruedefender.com/wp-content/uploads/2022/01/5f1f03f4f34d052aae397ea2.jpg>; rel="canonical"
content-length
36096
expires
Sat, 17 Feb 2024 03:18:34 GMT
event
event.instiengage.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_ceu-content-load-v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.110.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-110-18.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://thetruedefender.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://thetruedefender.com
access-control-max-age
3600
content-length
0
date
Mon, 04 Apr 2022 22:33:56 GMT
vary
Origin
UrWI6z47rx0
static.instiengage.com/content_images/unsplash/ Frame 2FD0 		565 KB
566 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/content_images/unsplash/UrWI6z47rx0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:4400:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2027125ba73adc31e16ccbc439fcbd81452b0337d22c7fcd6a492e3890f4a6b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
kqlBdFlNdOkuD2aYHH5eXrJaeu0g3ZFD
via
1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 14:57:34 GMT
server
AmazonS3
age
760
etag
"94df2cee1e727ce3e1cd1b62a41eeebb"
x-cache
Hit from cloudfront
content-type
application/octet-stream
cache-control
max-age=31536000,public
date
Mon, 04 Apr 2022 22:22:16 GMT
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
578162
x-amz-cf-id
JA2qROyY0HOeYeBHbxC5c36FFFjFeO3SlFldlzy9JJJYKUXxgkguLw==
9HkyszvcRBY
static.instiengage.com/content_images/unsplash/ Frame 2FD0 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/content_images/unsplash/9HkyszvcRBY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:4400:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
20d5792833082d0f85e2f04c42639163756afb385c0e4cf69b2e19139a2314d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
BUB65GNKJsdvUqV9DMRH0kbp5XWo_sMx
via
1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
last-modified
Thu, 16 Dec 2021 20:40:35 GMT
server
AmazonS3
age
1123
etag
"aa91a7cee0c13d15fc9a30d794307f47"
x-cache
Hit from cloudfront
content-type
application/octet-stream
cache-control
max-age=31536000,public
date
Mon, 04 Apr 2022 22:21:01 GMT
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
2431205
x-amz-cf-id
oNKwFa_uRQ4zD8ILmMJ4seFsw-75IB1o130Ykqjft0GVcbKKCKJ67A==
98MbUldcDJY
static.instiengage.com/content_images/unsplash/ Frame 2FD0 		456 KB
456 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/content_images/unsplash/98MbUldcDJY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:4400:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
127af483872f885ce78fc10c826d0368b4918bf70baccfafdb6e7c31713f5f5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
dhe.auq5VQFttNtR_yIRa4bTs4XFyHvm
via
1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
last-modified
Thu, 16 Dec 2021 20:40:32 GMT
server
AmazonS3
age
1373
etag
"9358e97cf19317eb9f50c87cf6c95799"
x-cache
Hit from cloudfront
content-type
application/octet-stream
cache-control
max-age=31536000,public
date
Mon, 04 Apr 2022 22:21:01 GMT
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
466481
x-amz-cf-id
vJPiDkTqEaT9krsKkHeTlRHdv4hGtU7j_P-Mf-mCMZa4IAW4JyFekQ==
Oalh2MojUuk
static.instiengage.com/content_images/unsplash/ Frame 2FD0 		446 KB
447 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/content_images/unsplash/Oalh2MojUuk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:4400:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2365a1c4415706420a899a6efbeda8aa7aa1567a7d35f9eb9b67f79628d0d08e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
t0BYndMVqJy5entr3Pg3yT9cWlRzHo.i
via
1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 14:57:02 GMT
server
AmazonS3
age
1309
etag
"7c0ca891f6f14ceb64be217482937014"
x-cache
Hit from cloudfront
content-type
application/octet-stream
cache-control
max-age=31536000,public
date
Mon, 04 Apr 2022 22:21:01 GMT
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
456865
x-amz-cf-id
4KFgCMz9gfHUJOEBww5-D5BccTXGBRE4mPXx5E2HGNW3Oa_In3ulhA==
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v16/ Frame 2FD0 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v16/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 05:34:56 GMT
x-content-type-options
nosniff
age
493140
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48480
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:24:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 30 Mar 2023 05:34:56 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.5.0/webfonts/ Frame 2FD0 		72 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2

Request headers

Referer
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:56 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2247389
cf-ray
6f6d82324ecf5a19-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
73852
x-amz-id-2
L6DwXxBOd+2vPBW/ESgUFXFZF/8WMoLwko6Tu9hYZjf/XPq5aiT56glUGtuXdcDUlKPNnVka0wQ=
last-modified
Wed, 30 Jun 2021 15:43:51 GMT
server
cloudflare
etag
"fb493903265cad425ccdf8e04fc2de61"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YaIPaZ5JV52CYYJFI%2BJbNoKaEeXEfTw4HSNAixxwYApSlHFHQOuCpCvyVEDI%2Fen1P05%2BTphnUvsVn%2BvcMEsymkEzQJUVGrrGsA0jhwfOr82npiA1WN8lBWSRAAlmok%2BOZA1MXPOjyO4D1T4vA6uZ0abq"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
SE74HARQ3FVMCPCD
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
event
event.instiengage.com/v1/ Frame 2FD0 		0
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_ceu-content-load-v2
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/82ca0152-0a92-4175-bac5-63889a43274b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.110.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-110-18.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Mon, 04 Apr 2022 22:33:56 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
/
c.mgid.com/pv/ 		0
67 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=164911163626370781745&uniqId=0505f&lct=1648684800&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&lu=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&sessionId=624b7254-01cd8&pageView=1&pvid=17ff6b699278f868a9b&site=674711&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thetruedefender.com.1229983.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6f6d8232d8989bb2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
mgid_ua.svg
cdn.mgid.com/images/mgid/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:56 GMT
content-encoding
br
cf-cache-status
HIT
age
2304
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
FG3990ZGHWERAW28
x-amz-id-2
ht/HtSBJKSQOrGLlvZuaYqF6dJxITEY6JGRVTTiETq6SKu/tmGxMNYvDT2MzuZYZIs4qbDqnGZk=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6f6d8232f920693a-FRA
expires
Tue, 05 Apr 2022 22:33:56 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:56 GMT
content-encoding
br
cf-cache-status
HIT
age
2304
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
FG38KV8M26FJED0H
x-amz-id-2
l3mAmuVjrUpypqS5VMdKU9TSK4C8/XeNHrmQdJJY1qaVIia26ovBa8AH+EEpwEVsS3UTtkQfoiM=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6f6d8232f926693a-FRA
expires
Tue, 05 Apr 2022 22:33:56 GMT
1
servicer.mgid.com/1229983/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1229983/1?pv=5&cbuster=1649111636359440824098&uniqId=0505f&lct=1648684800&niet=4g&nisd=false&jsv=es6&w=307&h=1488&maxw_3=304&maxh_3=272&cols=1&ref=&cxurl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&lu=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&sessionId=624b7254-01cd8&pageView=1&pvid=17ff6b699278f868a9b&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thetruedefender.com.1229983.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e7097b115d08aff66761cc01b8ab3a61d61edd784b71674251f3a9313cfaee4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cf-ray
6f6d823379679bb2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1
servicer.mgid.com/1229464/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1229464/1?w=720&h=325&cols=2&pv=5&cbuster=1649111636360562614725&uniqId=177e8&lct=1648684800&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&lu=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&sessionId=624b7254-01cd8&pageView=0&pvid=17ff6b699278f868a9b&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thetruedefender.com.1229464.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfb776c956ce2c994dff3cb1e2f84304af47e78ade6286f519e0a810c22f0154

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cf-ray
6f6d823379669bb2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1
servicer.mgid.com/1229463/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1229463/1?w=720&h=4513&maxw_6=336&maxh_6=279&cols=1&pv=5&cbuster=1649111636362748952664&uniqId=0cb38&lct=1649030400&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&lu=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&sessionId=624b7254-01cd8&pageView=0&pvid=17ff6b699278f868a9b&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thetruedefender.com.1229463.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16e7ce75396ac5d065ca1da050778e0f162b37a8496266690926957eeebbbebc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cf-ray
6f6d823379619bb2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
mgid_ua.svg
cdn.mgid.com/images/mgid/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thetruedefender.com.1229464.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:57 GMT
content-encoding
br
cf-cache-status
HIT
age
2305
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
FG3990ZGHWERAW28
x-amz-id-2
ht/HtSBJKSQOrGLlvZuaYqF6dJxITEY6JGRVTTiETq6SKu/tmGxMNYvDT2MzuZYZIs4qbDqnGZk=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6f6d8233ea45693a-FRA
expires
Tue, 05 Apr 2022 22:33:57 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thetruedefender.com.1229464.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:57 GMT
content-encoding
br
cf-cache-status
HIT
age
2305
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
FG38KV8M26FJED0H
x-amz-id-2
l3mAmuVjrUpypqS5VMdKU9TSK4C8/XeNHrmQdJJY1qaVIia26ovBa8AH+EEpwEVsS3UTtkQfoiM=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6f6d8233ea47693a-FRA
expires
Tue, 05 Apr 2022 22:33:57 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzI2MzNkNTYzMjgxMjY2ODhjMzUxYTA2ODVjYzRhMjUwLmpwZWc.webp
s-img.mgid.com/g/4060554/492x277/96x0x866x577/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/4060554/492x277/96x0x866x577/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzI2MzNkNTYzMjgxMjY2ODhjMzUxYTA2ODVjYzRhMjUwLmpwZWc.webp?v=1649111637-_OM8-VD8lRLsrPS-GQu43iAFZBCzfGjf6g_FxM3TG70
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12154ae4f04266164ceeaf2ba970276422c0b602ed4953662b0fc29508d38816

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:57 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:49:23 GMT
x-mg-request-uuid
57b0979f-08de-42cb-99f8-3899e136e340
age
49626
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6f6d82341c456931-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12410
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzRhNmEwY2E0NTU0N2M3ZjNlYTIwZTIwZTIxYmJjOThhLmpwZz90PTE0OTc5ODExMDA5NTc.webp
s-img.mgid.com/g/3805574/492x277/85x26x1057x704/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805574/492x277/85x26x1057x704/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzRhNmEwY2E0NTU0N2M3ZjNlYTIwZTIwZTIxYmJjOThhLmpwZz90PTE0OTc5ODExMDA5NTc.webp?v=1649111637-PvU8jwykxFfVoQz5SG9iq4I_F7lF6XNG2O-tDKLRYjQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
929cacdf110aefd4e1ebc549f553caf275c00db80c7ad62c07a5dd365e44bdcf

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:57 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:53:52 GMT
x-mg-request-uuid
47d0843d-e069-4cf5-91e9-30d0b76bba7e
age
49608
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6f6d82341c466931-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12250
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTEtMTQvMTAxOTI0LzhjZjZjYTM3NjE0MjljYzE4NjgzNWE1NjhhY2ZhZTY1LmpwZWc_dD0xNTEwNjU1NDgxODk1.webp
s-img.mgid.com/g/8193504/492x277/88x0x631x420/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193504/492x277/88x0x631x420/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTEtMTQvMTAxOTI0LzhjZjZjYTM3NjE0MjljYzE4NjgzNWE1NjhhY2ZhZTY1LmpwZWc_dD0xNTEwNjU1NDgxODk1.webp?v=1649111637-IGTujxLcs_OP_HUwP2DwXi8OqWx8J6h-0AuLkukv_C4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4f039602be2038e0926a327c4d74c12faa59101f87717ad7ea6f145a11c2401

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:57 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:40:58 GMT
x-mg-request-uuid
1ee7739c-f045-437e-8405-4da74dd88200
age
49621
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6f6d82341c486931-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12834
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvY2UzOTI1YjVmNjRjYTgzO...
s-img.mgid.com/g/11533319/492x277/-/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533319/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvY2UzOTI1YjVmNjRjYTgzODdjNTc3ZWRiY2MwNjAxZjkucG5n.webp?v=1649111637-uyMpOulKXxxSANTmmVo2me5TF9huY5cdJUxaTVFqK2Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d58ed357479de5380fd43f06c908b8ed5013616c7a2f15a76c7eca3bba8122f

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:57 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 12:23:51 GMT
x-mg-request-uuid
44276ad7-552d-4e29-9bf1-aedb8eb4fd53
age
49617
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6f6d82341c4a6931-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11548
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0LzBjYzA5ZDVmNDYxZTc4YThmNDI2NDIwYjU1ZDJiZDg3LmpwZWc.webp
s-img.mgid.com/g/6946121/492x277/0x0x971x647/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/6946121/492x277/0x0x971x647/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0LzBjYzA5ZDVmNDYxZTc4YThmNDI2NDIwYjU1ZDJiZDg3LmpwZWc.webp?v=1649111637-nYgAXZCyCh8wcyZLQq2A0kPep4bFy62Sv7l65zJ7WlU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e644548c86792b1f90ae112c8a0377419122be9d45a03221df99c3ab3ce198c8

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:57 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:59:52 GMT
x-mg-request-uuid
01e654e7-1e23-437f-925e-a00a4cc727b4
age
49593
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6f6d82341c4c6931-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9854
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvYjg5ZWY5MjczNjQ3ZGFjM...
s-img.mgid.com/g/11533331/492x277/-/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533331/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvYjg5ZWY5MjczNjQ3ZGFjMTAyNmM4YjFiMWI3OTQ4NGUuanBlZw.webp?v=1649111637--u7YBtbc_UGMqI3XB_oVCaQkMxezcveYhQcwCwbLf-Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8e703da99eff70ee901628fc4c461ccb880e9c9a1d990ecde106b3f27c55267

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:57 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 12:23:55 GMT
x-mg-request-uuid
1e5cb40e-a048-47af-aafe-9b72850249cf
age
49584
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6f6d82341c506931-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8234
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMy8xMDE5MjQvMDBmOGU3ZGI5NmRiMTlkY...
s-img.mgid.com/g/11533487/492x277/-/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533487/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMy8xMDE5MjQvMDBmOGU3ZGI5NmRiMTlkYjZjNWNhNGEyMzQyNzg1NzguanBlZw.webp?v=1649111637-w5GpMWlhN4tbb3TfhR8pjDFbLPF8uvYxfafXFjwLEMA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf21c724b364a68ffa3299baa6f6014254ae6c51441f24dc2f0b818d6ad25d6f

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:57 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 12:34:40 GMT
x-mg-request-uuid
8b5453e6-a1cb-4aea-8bf2-d7ba972bb996
age
49595
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6f6d82347c723ba9-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18650
server
cloudflare
i.js
cm.mgid.com/ 		0
102 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1649111636485102788396
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thetruedefender.com.1229464.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:33:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
6f6d82343ac89bb2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
i-noref.js
cm.mgid.com/ Frame BF4E 		0
38 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1649111636504482769882
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thetruedefender.com.1229464.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:33:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
6f6d82344ad79bb2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
performance.css
video-native.mgid.com/mgPlayer/css/1.11/ 		40 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://video-native.mgid.com/mgPlayer/css/1.11/performance.css
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thetruedefender.com.1229463.es6.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
5bf7378bca4930ee4e9fb8ab093c16ab60489c74376390de855b71d0c706ea57

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-id
fr5-up-gc34
date
Mon, 04 Apr 2022 22:33:57 GMT
content-encoding
gzip
last-modified
Fri, 21 Jan 2022 08:57:47 GMT
server
nginx
etag
"a089-5d613d01797c6-gzip"
vary
Accept-Encoding
x-cached-since
2022-03-18T12:57:36+00:00
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
6903
expires
Sat, 18 Mar 2023 12:57:36 GMT
mgid_ua.svg
cdn.mgid.com/images/mgid/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thetruedefender.com.1229463.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:57 GMT
content-encoding
br
cf-cache-status
HIT
age
2305
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
FG3990ZGHWERAW28
x-amz-id-2
ht/HtSBJKSQOrGLlvZuaYqF6dJxITEY6JGRVTTiETq6SKu/tmGxMNYvDT2MzuZYZIs4qbDqnGZk=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6f6d82348b0a693a-FRA
expires
Tue, 05 Apr 2022 22:33:57 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/h/thetruedefender.com.1229463.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:57 GMT
content-encoding
br
cf-cache-status
HIT
age
2305
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
FG38KV8M26FJED0H
x-amz-id-2
l3mAmuVjrUpypqS5VMdKU9TSK4C8/XeNHrmQdJJY1qaVIia26ovBa8AH+EEpwEVsS3UTtkQfoiM=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6f6d82348b0c693a-FRA
expires
Tue, 05 Apr 2022 22:33:57 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzQ4OGE2ZmQwOWE1MWNjNzViM2I5MzAzMDZiNTQ5ODRkLmpwZWc.webp
s-img.mgid.com/g/3944300/492x277/0x0x900x600/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3944300/492x277/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzQ4OGE2ZmQwOWE1MWNjNzViM2I5MzAzMDZiNTQ5ODRkLmpwZWc.webp?v=1649111637-MhxGW4YBXRZswslAvte6u4yWfEU0MM0Fi0YlcWHuUwU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d9b26faf90740ca23ace600524884715fcda38cc4769864a2c2c0b57be1c49a

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:57 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:52:33 GMT
x-mg-request-uuid
01092568-f859-489b-8883-82af5d3550aa
age
49386
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6f6d82349ca13ba9-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12276
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvNzI0NmQ4YTMxMjRmN2EzY...
s-img.mgid.com/g/11739843/492x277/-/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739843/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvNzI0NmQ4YTMxMjRmN2EzYmRlZDMxZWFiY2I1NzI0NGIuanBlZw.webp?v=1649111637-9umeFUc9uWx8rNjUSk0CRzVcFrbl2v2KKpLGj3xKkhE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65012936d9047ff97d6cc799a532adf69538a35af1ab714e29380d13079a0e62

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:57 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:45:37 GMT
x-mg-request-uuid
ce832b7a-4008-43c0-bdb5-5664558d6c1a
age
48721
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6f6d82349ca23ba9-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14164
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDEvMTAxOTI0Lzk2ZDhiNjBmNGJlYWExYWE4YWJmNjU5M2EwNWUzMWIyLmpwZWc.webp
s-img.mgid.com/g/8193519/492x277/0x0x631x420/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8193519/492x277/0x0x631x420/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDEvMTAxOTI0Lzk2ZDhiNjBmNGJlYWExYWE4YWJmNjU5M2EwNWUzMWIyLmpwZWc.webp?v=1649111637-yX-W60jM79K6hdiR6GIhbQ1Phe3T28slWqDRPq0qXH8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
828df8d8ddf6843a47d051c254f3614491d6499a94b6c628f9755b01b3635625

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:57 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:52:59 GMT
x-mg-request-uuid
3b91349d-212c-4590-9b48-37ce0276295d
age
49490
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6f6d82349ca43ba9-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19316
server
cloudflare
aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzM4MDM0OGNiLmpwZWc.jpg
s-img.mgid.com/l/-/492x277/-/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/l/-/492x277/-/aHR0cDovL2ltYWdlcy11cy1zb3VyY2VzLnMzLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tL3RlbXAvLy81YjNiMzM4MDM0OGNiLmpwZWc.jpg?v=1649111637-oEPQ6taqxzpIWTXyuxUXWFkse2ehdY867nE0_9Doyfw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0a099309cb5b7024a35caf026a10456be4f36c105c43f706aaeb112dc492d0a

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:57 GMT
cf-cache-status
HIT
x-mg-request-uuid
5f7248dd-b8b7-4b29-9fbc-57b3337db5da
age
49632
cf-polished
origSize=41842, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38407
last-modified
Thu, 11 Nov 2021 15:40:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6f6d82349ca63ba9-CDG
cf-bgj
imgq:100,h2pri
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvYzA3MWViOTg1NTNlOGQyZ...
s-img.mgid.com/g/11533296/492x277/-/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533296/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvYzA3MWViOTg1NTNlOGQyZmFmYWNiNTVlYTNjNjgzOGIuanBlZw.webp?v=1649111637-70NZ6RQOFY2rg2LgX6Rg0675QvkmpdYhnhW-zM4D4Qo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e1510eb3810dff89be65f6853b303116b435ff17420f1553182b8cc94d961ce

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:57 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 12:24:06 GMT
x-mg-request-uuid
3d7d03e2-c4e3-4c6d-8b0c-ac4568d3d29d
age
49435
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6f6d82349ca93ba9-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26760
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMi8xMDE5MjQvN2UzODEzY2MzZTRmMTUwN...
s-img.mgid.com/g/12068024/492x277/-/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/12068024/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMi8xMDE5MjQvN2UzODEzY2MzZTRmMTUwNDM2MTVkZWQ0YmMzYTFiZDcuanBn.webp?v=1649111637--Ibo234RoXerE7E9bFyVcENVfxGkP8x31i-VmWQEEDU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e04a7746251843cf567a9b27c7ae4d244ce9575519ff3daf328e19696d1bbd1a

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:57 GMT
cf-cache-status
HIT
last-modified
Wed, 26 Jan 2022 14:13:26 GMT
x-mg-request-uuid
950cc880-c525-4ce1-bf62-f6f40637398b
age
49575
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6f6d82349cab3ba9-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12742
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNi8xMDE5MjQvODU4YTZkM2Y4NzVhMmQ0M...
s-img.mgid.com/g/12578201/492x277/-/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/12578201/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNi8xMDE5MjQvODU4YTZkM2Y4NzVhMmQ0MjYyNDA0ZjY0ZjhlZTg1MjIuanBlZw.webp?v=1649111637-fpXekb-UQ0wPE7sM48lAgls8qEfMGPhfMpNpWAo61Fg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4da1c4f9b122553bed33f4ada4915dca3f4109a589d79b327ee4dd226d78a1fe

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:57 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Mar 2022 06:54:03 GMT
x-mg-request-uuid
cf462164-cb08-4d5d-8baf-76642baf8f1b
age
49599
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6f6d82349cb03ba9-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11530
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNTM3LHlfNDk0L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzEwMTkyNC9lOGE2N...
s-img.mgid.com/g/11739842/492x277/-/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739842/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNTM3LHlfNDk0L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzEwMTkyNC9lOGE2NWU4NjU5ZjcxOWZiMTFmNDMzNmZhZDIyZTNkZS5qcGc.webp?v=1649111637-CXnXv0IwUCgick0WXz4kn8l_ceP2tfwj5aXKyE9MVXQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fee5488f247de155c84a033494401076018c81062f48180373e3cf05ae47c69

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:57 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:45:37 GMT
x-mg-request-uuid
db58545e-5588-45aa-98b0-e31486063c69
age
43073
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6f6d82349cb13ba9-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13508
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0L2FlZTM3NTQ4NzJjN2ZkYWU5ODFkZmIyZDM5M2E1YTg1LmpwZz90PTE0OTgxNjE3NTQxODQ.webp
s-img.mgid.com/g/3805604/492x277/0x0x799x532/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805604/492x277/0x0x799x532/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0L2FlZTM3NTQ4NzJjN2ZkYWU5ODFkZmIyZDM5M2E1YTg1LmpwZz90PTE0OTgxNjE3NTQxODQ.webp?v=1649111637-XB5MfK0zV4JvY6qp16IVfiA2B-OIQmihbyTaX-zSEgA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df0f6440bfff5ad7ea3b8e6a09007a50337e2e3f579efc30546391b7a7df740a

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:57 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:56:23 GMT
x-mg-request-uuid
469c2d3c-e8f6-4f42-a592-7fb1c5614e51
age
49548
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6f6d82349cb23ba9-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9216
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9iOGE4NTNiMzc3NzMzMGI4NjA5MTBiZTMyMmE2NmRjYi5qcGVn.webp
s-img.mgid.com/g/3805658/492x277/0x0x902x601/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805658/492x277/0x0x902x601/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9iOGE4NTNiMzc3NzMzMGI4NjA5MTBiZTMyMmE2NmRjYi5qcGVn.webp?v=1649111637-l-2P_gNSIPaqzUd5jwoNDCXqWZhCdR1dvsgjqfN-X9I
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04ecbc9b770010b601da6d00953e93604a0cdf2de710367f6fa8b0cc6edec51d

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:57 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:56:53 GMT
x-mg-request-uuid
c17dac14-9ca8-47b1-b56b-cc037be5f506
age
49607
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6f6d82349cb33ba9-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28750
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMi8xMDE5MjQvMDI4MjhmNjcyYmQ1ZmU5N...
s-img.mgid.com/g/12578207/492x277/-/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/12578207/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMi8xMDE5MjQvMDI4MjhmNjcyYmQ1ZmU5NWI3NzYyNzI0MDI0NzE0YjYuanBlZw.webp?v=1649111637-TFD7Y6JyyAC6bwADqGh3Jdxz7ggrbAEt_8N55ZO2D7Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6a689bb8e2ab93a922269f3a5f0f37eab89045dd6a9669bbfa30323028d2653

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:57 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Mar 2022 06:54:37 GMT
x-mg-request-uuid
7720533e-347e-47a8-94d0-d6f78f883f5a
age
49548
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6f6d82349cb43ba9-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14916
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMDgvMTAxOTI0LzcyOWIyZDdlMzZkOGFhNTBjYWM0MjdlNGQ5NTk4ODMzLmpwZz90PTE0ODkwMDQ2Mjc4MjA.webp
s-img.mgid.com/g/3805431/492x277/0x0x1023x682/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805431/492x277/0x0x1023x682/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMDgvMTAxOTI0LzcyOWIyZDdlMzZkOGFhNTBjYWM0MjdlNGQ5NTk4ODMzLmpwZz90PTE0ODkwMDQ2Mjc4MjA.webp?v=1649111637-Ptn4pkUs64lOFN4lilFFMUmZjXK7zmBPZMSIkjsisVY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97f9639ee27e7951f93e6507ab9d203e2d003b72cfc06c6bcaffe3e8687bbc8d

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:57 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:57:27 GMT
x-mg-request-uuid
4b89d43f-b12d-4dca-8984-c32b86139e0a
age
49589
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6f6d82349cb63ba9-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38216
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMTAxOTI0LzViNTdhOTNjMDgxYTg0MzI0MzVkOGE5Mjc1OGM4ZWJiLmpwZWc.webp
s-img.mgid.com/g/3805639/492x277/0x153x900x600/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805639/492x277/0x153x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMTAxOTI0LzViNTdhOTNjMDgxYTg0MzI0MzVkOGE5Mjc1OGM4ZWJiLmpwZWc.webp?v=1649111637-QV3KDsATzX9ndHdxDzrF4tJGGOX7RcL3DcU_zgA054w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9de938b53f37d72869dfc95282a6cf8f0e13f6404992274e781c62fecf42ff44

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:57 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:56:31 GMT
x-mg-request-uuid
ef1911c2-55b3-4dcb-ada1-1d61517b2adb
age
49553
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6f6d82349cb83ba9-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20520
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvNzA4Zjg4MTdjZmQxNzk3N...
s-img.mgid.com/g/11533300/492x277/-/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11533300/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvNzA4Zjg4MTdjZmQxNzk3N2NlZmIzYzEzNDlhODkxYjQuanBlZw.webp?v=1649111637-rgMlKmYeI8_j0iab55S0xQeLFbEIr-eD9HGGSTHIXng
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b60deb0a2079173ef23e3525d66b6a0681b8305a2a699ae059c1f360bfbb882c

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:57 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 12:23:50 GMT
x-mg-request-uuid
5c0aef9b-bba1-4e0c-b101-92b821f5c46a
age
49599
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6f6d82349cb93ba9-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38134
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDUtMjQvMTAxOTI0LzVjOTFlMDQ1NWNmOGEzMDJjOTA2N2Q2Y2ZmODJkNTg2LmpwZz90PTE0OTU2MjcyODk1NDU.webp
s-img.mgid.com/g/3805441/492x277/0x0x492x328/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805441/492x277/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDUtMjQvMTAxOTI0LzVjOTFlMDQ1NWNmOGEzMDJjOTA2N2Q2Y2ZmODJkNTg2LmpwZz90PTE0OTU2MjcyODk1NDU.webp?v=1649111637-8sBD4VoN_Va7bv-0sRCoW4bsrag8QArg1oq3Dvv03X8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08c539ea3ee28d2e211c712cd221d934db1861e66194b78067bf67b80d96c9a9

Request headers

Referer
https://thetruedefender.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:57 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 15:49:31 GMT
x-mg-request-uuid
b0bd2abe-30d8-4048-909a-5ddbd9acb34d
age
49614
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6f6d82349cba3ba9-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16770
server
cloudflare
423b852b-1cd6-42bd-81f0-833a4582bb9d
player.ex.co/player/ 		765 KB
223 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ex.co/player/423b852b-1cd6-42bd-81f0-833a4582bb9d
Requested by
Host: cdn.mgid.com
URL: https://cdn.mgid.com/js/wglibs/mgWidget_1.11.89.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d8e88d3f28585075686faf1f27292f18cc775ac912b66e6ac6618e60b363a645

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:57 GMT
content-encoding
gzip
fastly-original-body-size
227626
age
0
x-cache
HIT, MISS
access-control-max-age
600
content-length
227626
x-served-by
cache-iad-kcgs7200024-IAD, cache-cdg20740-CDG
access-control-allow-origin
*
server
nginx
x-timer
S1649111637.407744,VS0,VE96
etag
W/"bf42c-ng5znlfMfODTqLJnG7C0KOi1Ank"
vary
Accept-Encoding, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
no-cache
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
1, 0
page
comment.instiengage.com/live/comments/api/ Frame 34A1 		138 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://comment.instiengage.com/live/comments/api/page?pageUrl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&pageTitle=Angelina%20Jolie%20Admits%20Participation%20In%20Satanic%20Ritual%3F!%20-%20The%20True%20Defender%20!&integrationId=da433b6f-da8b-48a9-a735-7373e57d2199&extPageId={extPageId}&contentId=635d57c6-8f87-4eba-aa3b-b841f6299732&sessionUUID=d4aecf45-fcc6-477d-88d8-b1d4ef214231&frameUuid=e0d484c0-37fa-479c-85d9-662d0cceb6ae
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/loader/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a53b21c5daaa20815e136afb4ce9efd0563f298f60c500f22ba45405101916
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
cf-cache-status
DYNAMIC
cf-ray
6f6d8235cc8a0229-ZRH
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 04 Apr 2022 22:33:59 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
requestid
91538944-1709-4036-ac1a-fe526ad6dc24
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding Origin
events
prd-collector-anon.ex.co/main/ 		0
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/423b852b-1cd6-42bd-81f0-833a4582bb9d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.78.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-78-200.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Mon, 04 Apr 2022 22:33:58 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
css2
fonts.googleapis.com/ 		2 KB
549 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 21:10:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 04 Apr 2022 22:33:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Apr 2022 22:33:57 GMT
hls.min.js
player.avplayer.com/script/2/2.55/libs/ 		247 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/423b852b-1cd6-42bd-81f0-833a4582bb9d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:c::5c7b:6837 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:57 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdu6xL9vZrltTUvDKnXQzibfMA-uDG79tRFMOGfB_TO6CYIv2e3b12_ByRZhYw4vma0s_tGz-_OW10A0nnFeqrd3Bz98iA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
71831
last-modified
Sun, 10 Jan 2021 14:52:52 GMT
server
UploadServer
etag
"7888b98658e8cef4a98786556ccdab66"
vary
Accept-Encoding
x-goog-hash
crc32c=vMWMIg==, md5=eIi5hljozvSph4ZVbM2rZg==
content-language
en
x-goog-generation
1610290372874389
cache-control
public, max-age=300
x-goog-stored-content-length
71831
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 04 Apr 2022 22:38:57 GMT
truncated
/ 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		385 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		237 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		238 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		411 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		240 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
AVmanager.js
player.aniview.com/script/6.1/ Frame C41E 		365 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/423b852b-1cd6-42bd-81f0-833a4582bb9d
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
9013854b5bb446878dc7fbb34f6b3d8b2eda5cec70ed60b12d36d9d70ab9df21

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:57 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvGpxBDi8_5enXfl-OaUUf0P0gPPWAeeBS4xRIQJSbFWLOBr695rINQDPyefTZzTR6theFNYa9MGvXb06xvg0KevHQCKQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
104676
last-modified
Mon, 04 Apr 2022 07:07:59 GMT
server
UploadServer
etag
"7de6e5450668a3b2906164c0e03cfa4a"
vary
Accept-Encoding
x-goog-hash
crc32c=9F3HOw==, md5=feblRQZoo7KQYWTA4Dz6Sg==
content-language
en
access-control-allow-origin
*
x-goog-generation
1649056079675966
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
104676
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 04 Apr 2022 22:38:57 GMT
events
prd-collector-anon.ex.co/main/ 		0
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/423b852b-1cd6-42bd-81f0-833a4582bb9d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.78.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-78-200.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Mon, 04 Apr 2022 22:33:58 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
track
atrack.avplayer.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M16&cb=1649111637114&cid=6194c0f876cae755cd2701fa&VERSION=4.140.1&AV_PAGE_LOAD_UID=b680fb33-af8e-4157-b5e7-599c87bdb8df&AV_CDIM4=b680fb33-af8e-4157-b5e7-599c87bdb8df&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.223.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-223-127.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:58 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1649108575106.jpg
mcd.ex.co/video/upload/so_4/v1490095101/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcd.ex.co/video/upload/so_4/v1490095101/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1649108575106.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.227 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-227.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
5897f0e4f0de03a50a32f596ca98c3c9bfb2ee257ef007db3124546b05a1cdff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 22:33:58 GMT
Cache-Tag
324835619679708949136499145517287357224,500985839247587350039760902055362878337,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
24819
X-Served-By
cache-iad-kiad7000053-IAD
Last-Modified
Mon, 04 Apr 2022 21:44:28 GMT
Server
cloudinary
X-Timer
S1649108673.872021,VS0,VE1
ETag
"54f18f2fe8d4a8bc8c9dcbe15764cc4c"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31554610
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
ats.js
ats.rlcdn.com/ 		109 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-78.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
28x_tDvW9kJ.rWgfbdZIcgxbFDdgh9p3
content-encoding
br
etag
W/"d7dfa2940a5d5ce3beedd8774c961dd7"
age
67140
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:6fbe2bf4-0d3f-4234-a84e-c584de5ecb5e
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
8c7650e47b7f894f6ae5a1fc4919cee6
last-modified
Thu, 16 Dec 2021 12:45:56 GMT
server
AmazonS3
date
Mon, 04 Apr 2022 03:54:58 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
ae589a6335869a8948d0172dfafea0c42638763d87ea89591504c580a5c4f6c7
via
1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA56-P6
content-type
application/x-javascript
x-amz-cf-id
_MH03b9twskW8t_epSe1HVqm5veDMsRJSYdOdwTZh37bqwV7ZZpSPw==
/
geo.privacymanager.io/ 		30 B
596 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-86.dus51.r.cloudfront.net
Software
/
Resource Hash
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 14:33:41 GMT
via
1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront), 1.1 1b18b0df6149933160ee945c6867dc2c.cloudfront.net (CloudFront)
age
28817
x-amzn-requestid
be2de0f7-b115-46b3-b6f0-e9929e5b394a
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-624b01c5-28a9d78002b729ef72d153b3;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P3, DUS51-P1
x-amz-apigw-id
QD021FdDjoEF8Kw=
content-length
30
x-amz-cf-id
jNEKMwPY-2TzEJ5LjNFZ3K7a6D-DGJf_pMfxXeoGmvRGQGKY6Cww7A==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=thetruedefender.com&sn=&cd4=b680fb33-af8e-4157-b5e7-599c87bdb8df&cd5=default&ic=0&tgt=0&app=&wi=679&he=383&test=&d36=6.2.13&apppkg=&fv=3&proto=https&pid=56ea678d181f46c76f8b45fb&cid=6194c0f876cae755cd2701fa&stagid=&stplid=&e=inventory&vi=0&cb=1649111637291
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.223.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-223-127.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:58 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1649108575106.m3u8
mcd.ex.co/video/upload/sp_sd/v1490095101/ 		651 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/sp_sd/v1490095101/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1649108575106.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.227 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-227.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
7a3bd602068c7daea0d19d55932af2b932f1c4e51b5d21188ee78b6aa6a40964

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 22:33:58 GMT
Cache-Tag
324835619679708949136499145517287357224,327961014079627028052771905279638174707,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
651
X-Served-By
cache-iad-kiad7000053-IAD
Last-Modified
Mon, 04 Apr 2022 21:44:27 GMT
Server
cloudinary
X-Timer
S1649108673.172566,VS0,VE1
ETag
"c2625dac08033a089218de2b0e6035ec"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31554600
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
/
premiumsrv.aniview.com/api/adserver/tag/ 		33 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://premiumsrv.aniview.com/api/adserver/tag/?VERSION=4.140.1&AV_PAGE_LOAD_UID=b680fb33-af8e-4157-b5e7-599c87bdb8df&AV_CDIM4=b680fb33-af8e-4157-b5e7-599c87bdb8df&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default&AV_VIDEOURL=https%3A%2F%2Fmcd.ex.co%2Fvideo%2Fupload%2Fsp_sd%2Fv1490095101%2Flandscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1649108575106.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&AV_CHANNELID=6194c0f876cae755cd2701fa&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=thetruedefender.com&AV_DADPOS=3&d36=6.2.13&responsive=1&sver=2&avtoken=637290&AV_WIDTH=679&AV_HEIGHT=383&AV_DNT=0&cb=1649111637302
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.128.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-128-29.compute-1.amazonaws.com
Software
/
Resource Hash
c9c1859cbcea4ad24f2d618310e045d37eb0674db0e406347ff5bb835d500e2d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:58 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Thu, 24 Mar 2022 08:47:18 GMT
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1649108575106.m3u8
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1649108659/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1649108659/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1649108575106.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.227 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-227.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
c2e338406df7d7767265eb5d4f0974fbacf6d05ab326e08d83797e0b71089142

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 22:33:58 GMT
Cache-Tag
324835619679708949136499145517287357224,484104238383510269782950376486441993307,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
1218
X-Served-By
cache-iad-kjyo7100114-IAD
Last-Modified
Mon, 04 Apr 2022 21:44:24 GMT
Server
cloudinary
X-Timer
S1649108673.294598,VS0,VE0
ETag
"33ab3fc7bdf28da46e677c2b0ede4598"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31554650
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1649108575106.ts
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1649108659/ 		38 KB
38 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1649108659/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1649108575106.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.227 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-227.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
20a1b6037d631c831619894b096958b7a2844252d41b0bf9d07e44675035ef0a

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Range
bytes=0-38539

Response headers

Date
Mon, 04 Apr 2022 22:33:58 GMT
Cache-Tag
324835619679708949136499145517287357224,484104238383510269782950376486441993307,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 0-38539/711768
Connection
keep-alive
Content-Length
38540
X-Served-By
cache-iad-kjyo7100114-IAD
Last-Modified
Mon, 04 Apr 2022 21:44:24 GMT
Server
cloudinary
X-Timer
S1649108673.430580,VS0,VE1
ETag
"c53277ce62ecf4d84bac781517ee6457"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31554691
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
af9616cf-bc77-4025-a672-2284d854754c
https://thetruedefender.com/ 		63 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://thetruedefender.com/af9616cf-bc77-4025-a672-2284d854754c
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Length
64352
Content-Type
text/javascript
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1649108575106.m3u8
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1649108659/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1649108659/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1649108575106.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.227 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-227.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
c2c2e2dea982c4ba32b3f0ae0687e602bd2069639be42e1bdcdf0c303071600b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 22:33:58 GMT
Fastly-Original-Body-Size
1228
Cache-Tag
324835619679708949136499145517287357224,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
1228
X-Served-By
cache-iad-kiad7000053-IAD
Last-Modified
Mon, 04 Apr 2022 21:44:26 GMT
Server
cloudinary
X-Timer
S1649108674.583556,VS0,VE37
ETag
"54afcafa8a4a6c0dfbe0a562af1ef5cb"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31554634
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1649108575106.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1649108659/ 		57 KB
57 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1649108659/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1649108575106.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.227 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-227.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
5f50c9e9a5d8596a5adf3552efbfdc5f0194ef532616926e2a53d73e6e528631

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Range
bytes=0-57903

Response headers

Date
Mon, 04 Apr 2022 22:33:58 GMT
Cache-Tag
324835619679708949136499145517287357224,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 0-57903/1467716
Connection
keep-alive
Content-Length
57904
X-Served-By
cache-iad-kjyo7100114-IAD
Last-Modified
Mon, 04 Apr 2022 21:44:26 GMT
Server
cloudinary
X-Timer
S1649108674.014251,VS0,VE81
ETag
"1955ffb25d705ebaf038446064a55d7b"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31554549
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1649108575106.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1649108659/ 		183 KB
184 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1649108659/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1649108575106.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.227 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-227.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
15ab3a6aa5a55a2ad00fbe9deeadec407eae230590857ee15b3c6ad496a8ef2f

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Range
bytes=57904-245527

Response headers

Date
Mon, 04 Apr 2022 22:33:58 GMT
Cache-Tag
324835619679708949136499145517287357224,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 57904-245527/1467716
Connection
keep-alive
Content-Length
187624
X-Served-By
cache-iad-kjyo7100114-IAD
Last-Modified
Mon, 04 Apr 2022 21:44:26 GMT
Server
cloudinary
X-Timer
S1649108674.014251,VS0,VE81
ETag
"1955ffb25d705ebaf038446064a55d7b"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31554549
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
truncated
/ 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1649108575106.jpg
mcd.ex.co/video/upload/so_4/v1490095101/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcd.ex.co/video/upload/so_4/v1490095101/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1649108575106.jpg
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/423b852b-1cd6-42bd-81f0-833a4582bb9d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.227 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-227.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
5897f0e4f0de03a50a32f596ca98c3c9bfb2ee257ef007db3124546b05a1cdff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 22:33:58 GMT
Cache-Tag
324835619679708949136499145517287357224,500985839247587350039760902055362878337,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
24819
X-Served-By
cache-iad-kiad7000053-IAD
Last-Modified
Mon, 04 Apr 2022 21:44:28 GMT
Server
cloudinary
X-Timer
S1649108673.872021,VS0,VE1
ETag
"54f18f2fe8d4a8bc8c9dcbe15764cc4c"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31554610
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
events
prd-collector-anon.ex.co/main/ 		0
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/423b852b-1cd6-42bd-81f0-833a4582bb9d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.78.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-78-200.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Mon, 04 Apr 2022 22:33:58 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
events
prd-collector-anon.ex.co/main/ 		0
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/423b852b-1cd6-42bd-81f0-833a4582bb9d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.78.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-78-200.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Mon, 04 Apr 2022 22:33:58 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1649108575106.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1649108659/ 		102 KB
103 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1649108659/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1649108575106.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.227 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-227.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
2aba8f1b636194b427ff174e08152a812153724445da970fbb5119f9657cc4bd

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Range
bytes=245528-350243

Response headers

Date
Mon, 04 Apr 2022 22:33:58 GMT
Cache-Tag
324835619679708949136499145517287357224,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 245528-350243/1467716
Connection
keep-alive
Content-Length
104716
X-Served-By
cache-iad-kjyo7100114-IAD
Last-Modified
Mon, 04 Apr 2022 21:44:26 GMT
Server
cloudinary
X-Timer
S1649108674.014251,VS0,VE81
ETag
"1955ffb25d705ebaf038446064a55d7b"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31554549
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C740 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1649111638245-943256073884-007731-002-005079%26biddername%3D1%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=46591
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 04 Apr 2022 22:33:58 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 05 Apr 2022 11:30:29 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame B6B9
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1649111638245-943256073884-007731-002-005079%26biddername%3D42%26key%3D
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1649111638245-943256073884-007731-002-005079%26biddername%3D42%26key%3D&s=190719&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1649111638245-943256073884-007731-002-005079%26biddername%3D42%26key%3D&s=190719&C=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-85-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
91f968f09c49a6345a7acd0902a6ece2829820ab73fee23ecfc3f11e57035c53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1757
Content-Type
text/html
Date
Mon, 04 Apr 2022 22:33:58 GMT
Dropped-Udsids
241|45|39|230|130|88|105|31
Expires
Mon, 04 Apr 2022 22:33:58 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
379
Content-Type
text/html; charset=iso-8859-1
Date
Mon, 04 Apr 2022 22:33:58 GMT
Expires
Mon, 04 Apr 2022 22:33:58 GMT
Location
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1649111638245-943256073884-007731-002-005079%26biddername%3D42%26key%3D&s=190719&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usync.html
eus.rubiconproject.com/ Frame C3EE
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Apr 2022 22:33:58 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Apr 2022 22:33:58 GMT
location
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
server
AkamaiGHost
pixel
ap.lijit.com/ Frame 6D7C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1649111638245-943256073884-007731-002-005079%26biddername%3D18%26key%3D%24UID
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Mon, 04 Apr 2022 22:33:58 GMT
X-Sovrn-Pod
ad_ap7ams1
events
prd-collector-anon.ex.co/main/ 		0
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/423b852b-1cd6-42bd-81f0-833a4582bb9d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.78.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-78-200.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Mon, 04 Apr 2022 22:33:58 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
avpb6.15.0.js
player.aniview.com/script/6.1/ Frame C41E 		333 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb6.15.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
c93597f47f53dc63d1240237f5e29975805f3c75126cdd52f0d9ae2c3f6546c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:58 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduZNiCvrQuevobnypDUihUQnYHbMhlG7p20pzMVQyAhAbg3iqaEfx6Cf6q7ifW2znCvc5HnKp12h5Jv5xLa-DMD2gXckyht
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
101816
last-modified
Mon, 04 Apr 2022 07:07:36 GMT
server
UploadServer
etag
"18975d3425053e6131411a505c475946"
vary
Accept-Encoding
x-goog-hash
crc32c=K9qPgA==, md5=GJddNCUFPmExQRpQXEdZRg==
content-language
en
access-control-allow-origin
*
x-goog-generation
1649056055882898
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
101816
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 04 Apr 2022 22:38:58 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=thetruedefender.com&rs=thetruedefender.com&sid=89358&t=1649111638&cip=193.27.14.44&sn=&tgt=0&osv=10&bv=100.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1649111638245-943256073884-007731-002-005079&cha=0.7&stagid=&stplid=&d35=&d36=6.2.13&cb=74451309230&cd1=4.140.1&cd4=b680fb33-af8e-4157-b5e7-599c87bdb8df&cd5=default&d9=1000&d37=realtime&AV_WIDTH=410&AV_HEIGHT=231&nid=56ea678d181f46c76f8b45fb&ncid=6194c0f876cae755cd2701fa&e=request&cb=1649111637697&asid=5fd1f2cc9772f87a350a855b%2C60ebfe94ebe867570438e997%2C5fbe5add3443ef680f0480d7%2C60c60c3b1731ed2b383f0908%2C604e0bb1f199b154cc115338%2C5e1b272e28a06142643c20cd%2C60ebfe86a4a7792110515aa4%2C5fc8b1c9ba2b560f616098b8%2C604e0c8861e0794a7a3b232a%2C6033ce2e97a19441e4636ff5%2C5fa2a98bba80693a416064d7%2C59f5ee5e28a061016262480e%2C61129c5f0e70e663bd7c5b71%2C5fbe5d4370a94c4b696b7ccc&ofpr=1.5%2C%2C%2C%2C2%2C2.25%2C%2C3%2C2%2C3%2C%2C4%2C%2C2.8&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.223.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-223-127.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:58 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
vast2
tag.targeting.unrulymedia.com/rmp/216513/0/ 		168 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/216513/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&w=410&h=231&cbb=9111637695
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Utrecht, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:33:58 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://thetruedefender.com
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
vast2
tag.targeting.unrulymedia.com/rmp/234705/0/ 		168 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/234705/0/vast2?adtype=video&compMode=and&dim=101&vastfw=vpaid&z=1r&url=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&w=410&h=231&cbb=9111637695
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Utrecht, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:33:58 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://thetruedefender.com
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
vast2
tag.targeting.unrulymedia.com/rmp/236691/0/ 		168 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/236691/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&w=410&h=231&cbb=9111637697
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Utrecht, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:33:58 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://thetruedefender.com
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
mvo
tag.1rx.io/rmp/216551/0/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/216551/0/mvo?z=1r&hbv=6.15,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Utrecht, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
pragma
no-cache
date
Mon, 04 Apr 2022 22:33:58 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
auction
prebid-server.rubiconproject.com/openrtb2/ 		187 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.37.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-37-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
28650d886026af1c4c93f50d5f9b32f1793bf3f828a6a82f66cf1b713f07e98e

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:33:58 GMT
content-encoding
gzip
x-prebid
pbs-java/1.85.0
content-type
application/json
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
mvo
tag.1rx.io/rmp/203144/0/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/203144/0/mvo?z=1r&hbv=6.15,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Utrecht, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
pragma
no-cache
date
Mon, 04 Apr 2022 22:33:58 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.37.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-37-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
9a012d6f3f8e2868a3dddfda6d67fe94ea26edcc937da8667dd41b1736f27165

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:33:58 GMT
content-encoding
gzip
x-prebid
pbs-java/1.85.0
content-type
application/json
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
translator
hbopenbid.pubmatic.com/ 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Mon, 04 Apr 2022 22:33:57 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.37.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-37-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
d502e709482059724504b737c42a8794ea20b18df1b8776fcdd4e92689e7db00

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:33:58 GMT
content-encoding
gzip
x-prebid
pbs-java/1.85.0
content-type
application/json
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Mon, 04 Apr 2022 22:33:57 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Mon, 04 Apr 2022 22:33:57 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
369.json
id5-sync.com/g/v2/ 		213 B
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/369.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.7.205 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p28.id5-sync.com
Software
/
Resource Hash
9370e9c821b5e6700f74ea83167aee7dd4988f1092fcfd727cb07a4db615f9cd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://thetruedefender.com
Date
Mon, 04 Apr 2022 22:33:57 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ 		63 B
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
02f7a0377f32ef90c7033eefa936a9a57f7549b0bff843d1d5064445def57f15

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:33:58 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache
x-server
10.45.18.201
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
rid
match.adsrvr.org/track/ 		109 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=mp4hjl8&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
6e90e39de2011c817efd32336f3a400b6fec29f919b05de16a041ca027f36408

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Apr 2022 22:33:58 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thetruedefender.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Wed, 04 May 2022 22:33:58 GMT
envelope
api.rlcdn.com/api/identity/ 		44 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=88
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Apr 2022 22:33:58 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
usync.js
eus.rubiconproject.com/ Frame C3EE 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b7781f6fa62c80c336671d895754a77ce8d0f5e9fe30e0b1f40d08c66261408b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 22:33:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=53418
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9541
Expires
Tue, 05 Apr 2022 13:24:16 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
92d20a5c04d6e6275bfe8c45e20063b49592d62404acb6633a0660877ce09d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28378
x-xss-protection
0
server
sffe
etag
"1178 / 175 of 1000 / last-modified: 1649089799"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 04 Apr 2022 22:33:58 GMT
backfillad
dashboard.insticator.com/embeds/ Frame 5B29 		0
0
backfillad
dashboard.insticator.com/embeds/ Frame A928 		1 KB
844 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.240.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-240-56.compute-1.amazonaws.com
Software
/
Resource Hash
3bbe41583dbd2995aa57f2f02ff61f985f76285aeab4e82be2df72e4a601d393

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
public, max-age=10800
content-encoding
gzip
content-length
705
content-type
text/html; charset=utf-8
date
Mon, 04 Apr 2022 22:33:58 GMT
vary
Accept-Encoding
backfillad
dashboard.insticator.com/embeds/ Frame 481F 		0
0
backfillad
dashboard.insticator.com/embeds/ Frame 6E7F 		1 KB
844 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.240.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-240-56.compute-1.amazonaws.com
Software
/
Resource Hash
3bbe41583dbd2995aa57f2f02ff61f985f76285aeab4e82be2df72e4a601d393

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
public, max-age=10800
content-encoding
gzip
content-length
705
content-type
text/html; charset=utf-8
date
Mon, 04 Apr 2022 22:33:58 GMT
vary
Accept-Encoding
backfillad
dashboard.insticator.com/embeds/ Frame 0354 		0
0
backfillad
dashboard.insticator.com/embeds/ Frame FB78 		1 KB
842 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.240.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-240-56.compute-1.amazonaws.com
Software
/
Resource Hash
763a7103710991882cbff5d9ceaacc5355908d83f6e88b9a0a10800286a5718c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
public, max-age=10800
content-encoding
gzip
content-length
703
content-type
text/html; charset=utf-8
date
Mon, 04 Apr 2022 22:33:58 GMT
vary
Accept-Encoding
backfillad
dashboard.insticator.com/embeds/ Frame ABA8 		0
0
backfillad
dashboard.insticator.com/embeds/ Frame A4FA 		1 KB
853 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.240.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-240-56.compute-1.amazonaws.com
Software
/
Resource Hash
ba49e63a1d2bb341e32ece3dd7a19990dc507078f3099227c7723e3165c4d14d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
public, max-age=10800
content-encoding
gzip
content-length
705
content-type
text/html; charset=utf-8
date
Mon, 04 Apr 2022 22:33:58 GMT
vary
Accept-Encoding
backfillad
dashboard.insticator.com/embeds/ Frame 0965 		0
0
backfillad
dashboard.insticator.com/embeds/ Frame C9CD 		1 KB
852 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.240.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-240-56.compute-1.amazonaws.com
Software
/
Resource Hash
6f3d43ba1fa9260111e1537962c6899697e6bff8075bc76ea390d19acba904dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
public, max-age=10800
content-encoding
gzip
content-length
704
content-type
text/html; charset=utf-8
date
Mon, 04 Apr 2022 22:33:58 GMT
vary
Accept-Encoding
backfillad
dashboard.insticator.com/embeds/ Frame 1E10 		0
0
backfillad
dashboard.insticator.com/embeds/ Frame A69C 		1 KB
843 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.240.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-240-56.compute-1.amazonaws.com
Software
/
Resource Hash
6f3d43ba1fa9260111e1537962c6899697e6bff8075bc76ea390d19acba904dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
public, max-age=10800
content-encoding
gzip
content-length
704
content-type
text/html; charset=utf-8
date
Mon, 04 Apr 2022 22:33:58 GMT
vary
Accept-Encoding
pixel.gif
d2s3kjdp77ms5k.cloudfront.net/ 		35 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2s3kjdp77ms5k.cloudfront.net/pixel.gif?timestamp=1649111637877&site_uuid=bb28d960-28c3-46bc-ac88-49bbb3388212&hostname=thetruedefender.com&ad_unit=thetruedefender.com_Web_300x250_1&impression_type=il&device=desktop&country_code=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:4e00:1c:f0ba:c200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 02:43:05 GMT
via
1.1 30e954298424aa69c035e25834574742.cloudfront.net (CloudFront)
last-modified
Tue, 10 Sep 2019 16:08:28 GMT
server
AmazonS3
age
71454
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-length
35
x-amz-cf-id
Kbq0mvM872E_BPxeUwF3u4fe0xDQgBPs3Aj_UdtI8mP00trKY8yuVw==
pixel.gif
d2s3kjdp77ms5k.cloudfront.net/ 		35 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2s3kjdp77ms5k.cloudfront.net/pixel.gif?timestamp=1649111637886&site_uuid=bb28d960-28c3-46bc-ac88-49bbb3388212&hostname=thetruedefender.com&ad_unit=thetruedefender.com_Web_300x250_2&impression_type=il&device=desktop&country_code=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:4e00:1c:f0ba:c200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 02:43:05 GMT
via
1.1 30e954298424aa69c035e25834574742.cloudfront.net (CloudFront)
last-modified
Tue, 10 Sep 2019 16:08:28 GMT
server
AmazonS3
age
71454
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-length
35
x-amz-cf-id
PKe0lh97fCEDWiVpy7KkXWL_VGJqbV-d4QMPU4vLUhlramTdObuFiw==
pixel.gif
d2s3kjdp77ms5k.cloudfront.net/ 		35 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2s3kjdp77ms5k.cloudfront.net/pixel.gif?timestamp=1649111637894&site_uuid=bb28d960-28c3-46bc-ac88-49bbb3388212&hostname=thetruedefender.com&ad_unit=thetruedefender.com_Web_300x250_cmt_1&impression_type=il&device=desktop&country_code=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:4e00:1c:f0ba:c200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 02:43:05 GMT
via
1.1 30e954298424aa69c035e25834574742.cloudfront.net (CloudFront)
last-modified
Tue, 10 Sep 2019 16:08:28 GMT
server
AmazonS3
age
71454
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-length
35
x-amz-cf-id
y0GljIlCF9TIHNevA4rLGfqIP-39mBFhMKFZEfZKA-6t1isx9FE6uQ==
pixel.gif
d2s3kjdp77ms5k.cloudfront.net/ 		35 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2s3kjdp77ms5k.cloudfront.net/pixel.gif?timestamp=1649111637903&site_uuid=bb28d960-28c3-46bc-ac88-49bbb3388212&hostname=thetruedefender.com&ad_unit=thetruedefender.com_Web_300x250_cmt_2&impression_type=il&device=desktop&country_code=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:4e00:1c:f0ba:c200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 02:43:05 GMT
via
1.1 30e954298424aa69c035e25834574742.cloudfront.net (CloudFront)
last-modified
Tue, 10 Sep 2019 16:08:28 GMT
server
AmazonS3
age
71454
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-length
35
x-amz-cf-id
hPbBssZNPUdSeHchvRoREi_ad6ng964fJaRb8oaAWY0dXeT7x5e9bw==
pixel.gif
d2s3kjdp77ms5k.cloudfront.net/ 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2s3kjdp77ms5k.cloudfront.net/pixel.gif?timestamp=1649111637912&site_uuid=bb28d960-28c3-46bc-ac88-49bbb3388212&hostname=thetruedefender.com&ad_unit=thetruedefender.com_Web_300x250_cmt_3&impression_type=il&device=desktop&country_code=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:4e00:1c:f0ba:c200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 02:43:05 GMT
via
1.1 30e954298424aa69c035e25834574742.cloudfront.net (CloudFront)
last-modified
Tue, 10 Sep 2019 16:08:28 GMT
server
AmazonS3
age
71454
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-length
35
x-amz-cf-id
6C1BQMdTVGdzb6HiaZG3L9NSWhetefHR879wrkkDL91n9kUrIBdEpg==
pixel.gif
d2s3kjdp77ms5k.cloudfront.net/ 		35 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2s3kjdp77ms5k.cloudfront.net/pixel.gif?timestamp=1649111637921&site_uuid=bb28d960-28c3-46bc-ac88-49bbb3388212&hostname=thetruedefender.com&ad_unit=thetruedefender.com_Web_300x250_cmt_4&impression_type=il&device=desktop&country_code=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:4e00:1c:f0ba:c200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 02:43:05 GMT
via
1.1 30e954298424aa69c035e25834574742.cloudfront.net (CloudFront)
last-modified
Tue, 10 Sep 2019 16:08:28 GMT
server
AmazonS3
age
71454
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-length
35
x-amz-cf-id
DwRb7nqckdzAgyj0f0GxiUwLJDP4KFgGWakXWSwxnn5bL3ZJo2YzDQ==
khaos.jpg
token.rubiconproject.com/ Frame C3EE 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/jpg
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=thetruedefender.com&rs=thetruedefender.com&sid=89358&t=1649111638&cip=193.27.14.44&sn=&tgt=0&osv=10&bv=100.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1649111638245-943256073884-007731-002-005079&cha=0.7&stagid=&stplid=&d35=&d36=6.2.13&cb=74451309230&cd1=4.140.1&cd4=b680fb33-af8e-4157-b5e7-599c87bdb8df&cd5=default&d9=1000&d37=realtime&AV_WIDTH=410&AV_HEIGHT=231&nid=56ea678d181f46c76f8b45fb&ncid=6194c0f876cae755cd2701fa&e=bid&cb=1649111637976&asid=60ebfe94ebe867570438e997%2C60ebfe86a4a7792110515aa4%2C5fa2a98bba80693a416064d7&ofpr=%2C%2C&fpo=%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.223.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-223-127.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:58 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
dcm
s.amazon-adsystem.com/ Frame B6B9
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YktyVpZBRnjg0Bbiom4IrAAABIYAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YktyVpZBRnjg0Bbiom4IrAAABIYAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YktyVpZBRnjg0Bbiom4IrAAABIYAAAIB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1649111638245-943256073884-007731-002-005079%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 22:33:59 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
GNJM0ADBND8SN6Y7MT7C
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 22:33:59 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
251Z2B9A4YFVXHCE9WD5
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YktyVpZBRnjg0Bbiom4IrAAABIYAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B6B9
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YktyVpZBRnjg0Bbiom4IrAAA
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YktyVpZBRnjg0Bbiom4IrAAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELUi1cKf3PW61Bs9G____ts&google_cver=1&gdpr=1
43 B
1001 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELUi1cKf3PW61Bs9G____ts&google_cver=1&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1649111638245-943256073884-007731-002-005079%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Server
2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-85-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 22:33:58 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 04 Apr 2022 22:33:58 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:33:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELUi1cKf3PW61Bs9G____ts&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame B6B9 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1649111638245-943256073884-007731-002-005079%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:33:58 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame B6B9 		170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YktyVpZBRnjg0Bbiom4IrAAABIYAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1649111638245-943256073884-007731-002-005079%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:33:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B6B9
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACDRE7EluUAADWf2PZMsQ&expiration=1650321238&gdpr=1
43 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACDRE7EluUAADWf2PZMsQ&expiration=1650321238&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1649111638245-943256073884-007731-002-005079%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Server
2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-85-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 22:33:59 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 04 Apr 2022 22:33:59 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACDRE7EluUAADWf2PZMsQ&expiration=1650321238&gdpr=1
Date
Mon, 04 Apr 2022 22:33:58 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
rum
dsum-sec.casalemedia.com/ Frame B6B9
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YktyVgASWkuzKABH
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YktyVgASWkuzKABH&gdpr=1&_test=YktyVgASWkuzKABH
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YktyVgASWkuzKABH&gdpr=1&_test=YktyVgASWkuzKABH
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1649111638245-943256073884-007731-002-005079%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Server
2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-85-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 22:33:59 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 04 Apr 2022 22:33:59 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:33:58 GMT
via
1.1 varnish
server
Varnish
x-timer
S1649111639.913899,VS0,VE0
x-served-by
cache-hhn4058-HHN
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YktyVgASWkuzKABH&gdpr=1&_test=YktyVgASWkuzKABH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame B6B9
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
974 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1649111638245-943256073884-007731-002-005079%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Server
2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-85-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 22:33:58 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 04 Apr 2022 22:33:58 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Mon, 04 Apr 2022 22:33:58 GMT
server
nginx/1.20.0
content-length
76
noop
px.owneriq.net/ Frame B6B9
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7023980391279563944&uid=Q7023980391279563944&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1649111638245-943256073884-007731-002-005079%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
HTTP/1.1
Server
104.90.179.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-179-100.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 22:33:59 GMT
Server
Apache/2.4.6 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/7.3.33
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Mon, 04 Apr 2022 22:33:59 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
cookiesyncendpoint
sync.aniview.com/ Frame B6B9 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1649111638245-943256073884-007731-002-005079&biddername=42&key=YktyVpZBRnjg0Bbiom4IrAAA%261158
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1649111638245-943256073884-007731-002-005079%26biddername%3D42%26key%3D&s=190719&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.156.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-156-238.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:58 GMT
content-length
0
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame C3EE 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17136
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
19c1ac3b9706c83a73951eba4d239689
Content-Type
image/gif
4920d8201547a5353954c565acf67a80-1.png
dashboard.insticator.com/vassets/images/hotlink-ok/300x250/ Frame A928 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.insticator.com/vassets/images/hotlink-ok/300x250/4920d8201547a5353954c565acf67a80-1.png
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.240.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-240-56.compute-1.amazonaws.com
Software
/
Resource Hash
a99ec5984ec0d266d89c0325a074ebe5c5a141dc5be84e85f22a853dd9c1f32a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:58 GMT
content-encoding
gzip
last-modified
Thu, 31 Mar 2022 16:20:40 GMT
etag
4920d8201547a5353954c565acf67a80
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
content-length
17054
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame C41E 		374 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22e56b7e66a75203914f5f0cb9cf1c4e95c065f101ace2189cc31de2da60f61e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127633
x-xss-protection
0
expires
Mon, 04 Apr 2022 22:33:58 GMT
4920d8201547a5353954c565acf67a80-1.png
dashboard.insticator.com/vassets/images/hotlink-ok/300x250/ Frame 6E7F 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.insticator.com/vassets/images/hotlink-ok/300x250/4920d8201547a5353954c565acf67a80-1.png
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.240.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-240-56.compute-1.amazonaws.com
Software
/
Resource Hash
a99ec5984ec0d266d89c0325a074ebe5c5a141dc5be84e85f22a853dd9c1f32a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:58 GMT
content-encoding
gzip
last-modified
Thu, 31 Mar 2022 16:20:40 GMT
etag
4920d8201547a5353954c565acf67a80
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
content-length
17054
70e5d3e6515e54f63f7bedad090ceeb8-0.png
dashboard.insticator.com/vassets/images/hotlink-ok/300x250/ Frame FB78 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.insticator.com/vassets/images/hotlink-ok/300x250/70e5d3e6515e54f63f7bedad090ceeb8-0.png
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.240.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-240-56.compute-1.amazonaws.com
Software
/
Resource Hash
772082343a8afb4bc481b2e252b6e1249bfb97ae1ddfb40e5dbc638d4a5a9a18

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:58 GMT
content-encoding
gzip
last-modified
Thu, 31 Mar 2022 16:20:40 GMT
etag
70e5d3e6515e54f63f7bedad090ceeb8
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
content-length
14092
pubads_impl_2022033101.js
securepubads.g.doubleclick.net/gpt/ 		366 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022033101.js?cb=31066131
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
a58d46d853c21c8e11eb057aba26dbeeb32041b51a61d4e2c3adc86c09c08704
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 16:22:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22316
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127477
x-xss-protection
0
last-modified
Thu, 31 Mar 2022 08:37:09 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 04 Apr 2023 16:22:02 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		301 B
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=thetruedefender.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
454fd8e1f928c12f9950a1c30f29965c5fce9fb95735f3d3c6fb4349ec9c1bdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Apr 2022 22:33:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148
x-xss-protection
0
expires
Mon, 04 Apr 2022 22:33:58 GMT
analytics.js
www.google-analytics.com/ Frame A928 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.insticator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1752
date
Mon, 04 Apr 2022 22:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 05 Apr 2022 00:04:46 GMT
analytics.js
www.google-analytics.com/ Frame 6E7F 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.insticator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1752
date
Mon, 04 Apr 2022 22:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 05 Apr 2022 00:04:46 GMT
analytics.js
www.google-analytics.com/ Frame FB78 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.insticator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1752
date
Mon, 04 Apr 2022 22:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 05 Apr 2022 00:04:46 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame C740 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=91341086&p=158554&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1649111638245-943256073884-007731-002-005079%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:59 GMT
content-length
0
c5d26e53d9d3243a25799e2b768bfe1d-3.png
dashboard.insticator.com/vassets/images/hotlink-ok/300x250/ Frame A4FA 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.insticator.com/vassets/images/hotlink-ok/300x250/c5d26e53d9d3243a25799e2b768bfe1d-3.png
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.240.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-240-56.compute-1.amazonaws.com
Software
/
Resource Hash
aa40ab4f89a7c52dd9cb78a8b5a293e16d06595c62ed13db9bacc8e45353b61a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:58 GMT
content-encoding
gzip
last-modified
Thu, 31 Mar 2022 16:20:40 GMT
etag
c5d26e53d9d3243a25799e2b768bfe1d
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
content-length
11468
analytics.js
www.google-analytics.com/ Frame A4FA 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.insticator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1752
date
Mon, 04 Apr 2022 22:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 05 Apr 2022 00:04:46 GMT
bridge3.509.0_en.html
imasdk.googleapis.com/js/core/ Frame 79EE 		632 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.509.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d78fa11d49d6f5896519ee387440209a4ad363f68a816146c03b732b3fd45809
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
244419
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209648
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 02 Apr 2022 02:40:19 GMT
expires
Sun, 02 Apr 2023 02:40:19 GMT
last-modified
Sat, 02 Apr 2022 02:33:22 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame C41E 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 04 Apr 2022 22:33:58 GMT
bridge3.509.0_en.html
imasdk.googleapis.com/js/core/ Frame 171E 		632 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.509.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d78fa11d49d6f5896519ee387440209a4ad363f68a816146c03b732b3fd45809
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
244419
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209648
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 02 Apr 2022 02:40:19 GMT
expires
Sun, 02 Apr 2023 02:40:19 GMT
last-modified
Sat, 02 Apr 2022 02:33:22 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.509.0_en.html
imasdk.googleapis.com/js/core/ Frame 2940 		632 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.509.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d78fa11d49d6f5896519ee387440209a4ad363f68a816146c03b732b3fd45809
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
244419
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209648
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 02 Apr 2022 02:40:19 GMT
expires
Sun, 02 Apr 2023 02:40:19 GMT
last-modified
Sat, 02 Apr 2022 02:33:22 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame C41E 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=thetruedefender.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Apr 2022 22:33:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5D62 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 21:52:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2506
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 04 Apr 2022 22:52:12 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1AC3 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 21:52:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2506
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 04 Apr 2022 22:52:12 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 525C 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 21:52:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2506
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 04 Apr 2022 22:52:12 GMT
353cedeb2c2225270264f3e9ba7233b0-2.png
dashboard.insticator.com/vassets/images/hotlink-ok/300x250/ Frame C9CD 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.insticator.com/vassets/images/hotlink-ok/300x250/353cedeb2c2225270264f3e9ba7233b0-2.png
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.240.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-240-56.compute-1.amazonaws.com
Software
/
Resource Hash
edf77ee39ae244062a1940991c0782b8d61798908ceb9baeedd81419e63416da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:59 GMT
content-encoding
gzip
last-modified
Thu, 31 Mar 2022 16:20:40 GMT
etag
353cedeb2c2225270264f3e9ba7233b0
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
content-length
12405
analytics.js
www.google-analytics.com/ Frame C9CD 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.insticator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1753
date
Mon, 04 Apr 2022 22:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 05 Apr 2022 00:04:46 GMT
353cedeb2c2225270264f3e9ba7233b0-2.png
dashboard.insticator.com/vassets/images/hotlink-ok/300x250/ Frame A69C 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.insticator.com/vassets/images/hotlink-ok/300x250/353cedeb2c2225270264f3e9ba7233b0-2.png
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.240.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-240-56.compute-1.amazonaws.com
Software
/
Resource Hash
edf77ee39ae244062a1940991c0782b8d61798908ceb9baeedd81419e63416da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:59 GMT
content-encoding
gzip
last-modified
Thu, 31 Mar 2022 16:20:40 GMT
etag
353cedeb2c2225270264f3e9ba7233b0
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
content-length
12405
analytics.js
www.google-analytics.com/ Frame A69C 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: dashboard.insticator.com
URL: https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dashboard.insticator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1753
date
Mon, 04 Apr 2022 22:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 05 Apr 2022 00:04:46 GMT
371.json
id5-sync.com/g/v2/ 		213 B
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/371.json
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.7.205 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p28.id5-sync.com
Software
/
Resource Hash
ee02bda6b79afe3baee262f70c9c4ec750cad28d068e1f2834ef7dca3ef83e8b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://thetruedefender.com
Date
Mon, 04 Apr 2022 22:33:58 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F1A5 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=46590
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 04 Apr 2022 22:33:59 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 05 Apr 2022 11:30:29 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 01:46:21 GMT
x-content-type-options
nosniff
age
334058
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 Apr 2023 01:46:21 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 79EE 		156 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_450&description_url=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1167352377207247&sdkv=h.3.509.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=870912817&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.509.0&sid=7111778E-CB36-4027-9C34-B5467C9DC30E&nel=0&eid=44726389%2C44758348%2C44761692&url=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&dlt=1649111637104&idt=1424&dt=1649111638688&cookie_enabled=1&scor=608544316556767&ged=ve4_td2_tt0_pd2_la2000_er954.1175.1106.1475_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.509.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 171E 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_3&description_url=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=678248335394988&sdkv=h.3.509.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=3422057204&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.509.0&sid=7111778E-CB36-4027-9C34-B5467C9DC30E&nel=0&eid=44726389%2C44758348%2C44761692&url=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&dt=1649111638695&cookie_enabled=1&scor=1916479072420452&ged=ve4_td2_tt0_pd2_la2000_er954.1175.1106.1475_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.509.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1649108575106.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1649108659/ 		222 KB
223 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1649108659/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1649108575106.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.227 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-227.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
dde6e238b723b4b0087572c65def8dd99ff0ab427f300fcf40feb9d678f72f00

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Range
bytes=350244-577911

Response headers

Date
Mon, 04 Apr 2022 22:33:59 GMT
Cache-Tag
324835619679708949136499145517287357224,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 350244-577911/1467716
Connection
keep-alive
Content-Length
227668
X-Served-By
cache-iad-kjyo7100114-IAD
Last-Modified
Mon, 04 Apr 2022 21:44:26 GMT
Server
cloudinary
X-Timer
S1649108674.014251,VS0,VE81
ETag
"1955ffb25d705ebaf038446064a55d7b"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31554548
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
ads
pubads.g.doubleclick.net/gampad/ Frame 2940 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_2&description_url=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4127375900508554&sdkv=h.3.509.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=2771103655&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.509.0&sid=7111778E-CB36-4027-9C34-B5467C9DC30E&nel=0&eid=44726389%2C44758348%2C44761692&url=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&dt=1649111638714&cookie_enabled=1&scor=3615319805629777&ged=ve4_td2_tt0_pd2_la2000_er954.1175.1106.1475_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.509.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:33:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1649108575106.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1649108659/ 		146 KB
146 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1649108659/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1649108575106.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.227 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-227.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
66cc8a972ab5728f86e6cfd14b21f8f5ea5c208275e4aee4aead4a57c68746aa

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Range
bytes=577912-726995

Response headers

Date
Mon, 04 Apr 2022 22:33:59 GMT
Cache-Tag
324835619679708949136499145517287357224,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 577912-726995/1467716
Connection
keep-alive
Content-Length
149084
X-Served-By
cache-iad-kjyo7100114-IAD
Last-Modified
Mon, 04 Apr 2022 21:44:26 GMT
Server
cloudinary
X-Timer
S1649108674.014251,VS0,VE81
ETag
"1955ffb25d705ebaf038446064a55d7b"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31554548
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1649108575106.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1649108659/ 		154 KB
155 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1649108659/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1649108575106.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.227 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-227.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
636a500736062b2babf0e0fe92ca7036cff372da42acc0222a3da9fc68007722

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Range
bytes=726996-885103

Response headers

Date
Mon, 04 Apr 2022 22:33:59 GMT
Cache-Tag
324835619679708949136499145517287357224,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 726996-885103/1467716
Connection
keep-alive
Content-Length
158108
X-Served-By
cache-iad-kjyo7100114-IAD
Last-Modified
Mon, 04 Apr 2022 21:44:26 GMT
Server
cloudinary
X-Timer
S1649108674.014251,VS0,VE81
ETag
"1955ffb25d705ebaf038446064a55d7b"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31554548
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
css2
fonts.googleapis.com/ Frame 34A1 		4 KB
510 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;600;700&display=block
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/comments/api/page?pageUrl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&pageTitle=Angelina%20Jolie%20Admits%20Participation%20In%20Satanic%20Ritual%3F!%20-%20The%20True%20Defender%20!&integrationId=da433b6f-da8b-48a9-a735-7373e57d2199&extPageId={extPageId}&contentId=635d57c6-8f87-4eba-aa3b-b841f6299732&sessionUUID=d4aecf45-fcc6-477d-88d8-b1d4ef214231&frameUuid=e0d484c0-37fa-479c-85d9-662d0cceb6ae
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
936c6cd15149f72e7ee2ac40f9be78726cd0a9e10054ec59ceee1ff805fccf07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://comment.instiengage.com/
Origin
https://comment.instiengage.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 21:46:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 04 Apr 2022 22:34:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Apr 2022 22:34:00 GMT
css2
fonts.googleapis.com/ Frame 34A1 		4 KB
510 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;600;700&display=block
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/comments/api/page?pageUrl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&pageTitle=Angelina%20Jolie%20Admits%20Participation%20In%20Satanic%20Ritual%3F!%20-%20The%20True%20Defender%20!&integrationId=da433b6f-da8b-48a9-a735-7373e57d2199&extPageId={extPageId}&contentId=635d57c6-8f87-4eba-aa3b-b841f6299732&sessionUUID=d4aecf45-fcc6-477d-88d8-b1d4ef214231&frameUuid=e0d484c0-37fa-479c-85d9-662d0cceb6ae
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
936c6cd15149f72e7ee2ac40f9be78726cd0a9e10054ec59ceee1ff805fccf07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 22:10:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 04 Apr 2022 22:34:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Apr 2022 22:34:00 GMT
truncated
/ Frame 34A1 		721 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
47f939d447b1f96bd45972df4f933992f168f2a4d34d981a225023cc0559f37b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 34A1 		836 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ea21fcaf145d663c5436dab743625556a2621d339a8e953eb5ea8c8ff7fc914

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 34A1 		948 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
014022dccb266835d8a7aed1c885397cd848b8e1ccdc9f5a268c01c0d5c41152

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
vendors~app.js
comment.instiengage.com/live/comments/static/ Frame 34A1 		2 MB
364 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://comment.instiengage.com/live/comments/static/vendors~app.js?v=0.0.72
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/comments/api/page?pageUrl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&pageTitle=Angelina%20Jolie%20Admits%20Participation%20In%20Satanic%20Ritual%3F!%20-%20The%20True%20Defender%20!&integrationId=da433b6f-da8b-48a9-a735-7373e57d2199&extPageId={extPageId}&contentId=635d57c6-8f87-4eba-aa3b-b841f6299732&sessionUUID=d4aecf45-fcc6-477d-88d8-b1d4ef214231&frameUuid=e0d484c0-37fa-479c-85d9-662d0cceb6ae
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e088284dd39e89bb1337765d7537f2b277beb0fdc1d32755ded1c9657ff1914b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/live/comments/api/page?pageUrl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&pageTitle=Angelina%20Jolie%20Admits%20Participation%20In%20Satanic%20Ritual%3F!%20-%20The%20True%20Defender%20!&integrationId=da433b6f-da8b-48a9-a735-7373e57d2199&extPageId={extPageId}&contentId=635d57c6-8f87-4eba-aa3b-b841f6299732&sessionUUID=d4aecf45-fcc6-477d-88d8-b1d4ef214231&frameUuid=e0d484c0-37fa-479c-85d9-662d0cceb6ae
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:00 GMT
content-encoding
br
cf-cache-status
HIT
age
280
cf-polished
origSize=1675367
requestid
79634617-dba6-4b43-b354-a5c2abfa40a4
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 29 Mar 2022 02:47:29 GMT
server
cloudflare
etag
W/"199067-17fd39235e8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
6f6d82467aca0229-ZRH
cf-bgj
minify
app.js
static.instiengage.com/app-comments/ Frame 34A1
Redirect Chain
  • https://comment.instiengage.com/live/comments/static/app.js?v=0.0.72
  • https://static.instiengage.com/app-comments/app.js?v=0.0.72
321 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.instiengage.com/app-comments/app.js?v=0.0.72
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/comments/api/page?pageUrl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&pageTitle=Angelina%20Jolie%20Admits%20Participation%20In%20Satanic%20Ritual%3F!%20-%20The%20True%20Defender%20!&integrationId=da433b6f-da8b-48a9-a735-7373e57d2199&extPageId={extPageId}&contentId=635d57c6-8f87-4eba-aa3b-b841f6299732&sessionUUID=d4aecf45-fcc6-477d-88d8-b1d4ef214231&frameUuid=e0d484c0-37fa-479c-85d9-662d0cceb6ae
Protocol
H2
Server
2600:9000:2315:4400:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bb682a893698420b4fe1fc74a0d17a0f8d22437ce15aa7747e9442b7152549bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
CDgUPd.7kIUwQmu2B6c_j1JLwVA2tP5Q
content-encoding
br
last-modified
Tue, 29 Mar 2022 02:44:23 GMT
server
AmazonS3
age
81
etag
W/"69d81dadd6a546f480df5ff364dc408f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
date
Mon, 04 Apr 2022 22:32:40 GMT
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
JAzf-p0Z__wGcApbLjwpmvvTdaRnaiSUzFkC95VsjoU-lA2KYcYEPQ==

Redirect headers

date
Mon, 04 Apr 2022 22:34:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
location
https://static.instiengage.com/app-comments/app.js?v=0.0.72
cache-control
max-age=3600
cf-ray
6f6d82467acb0229-ZRH
expires
Mon, 04 Apr 2022 23:34:00 GMT
11%20-%20nature.svg
static.instiengage.com/avatars/ Frame 34A1 		1 KB
931 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/avatars/11%20-%20nature.svg
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/comments/api/page?pageUrl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&pageTitle=Angelina%20Jolie%20Admits%20Participation%20In%20Satanic%20Ritual%3F!%20-%20The%20True%20Defender%20!&integrationId=da433b6f-da8b-48a9-a735-7373e57d2199&extPageId={extPageId}&contentId=635d57c6-8f87-4eba-aa3b-b841f6299732&sessionUUID=d4aecf45-fcc6-477d-88d8-b1d4ef214231&frameUuid=e0d484c0-37fa-479c-85d9-662d0cceb6ae
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:4400:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
be6739f2f1ffcbb8eff0966af5deb524fa126bf4fa43c7691a6ad5f751544be3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
LkOPaySVOhkwNJwGLVG4R0Ba0ybI6BSk
content-encoding
gzip
last-modified
Mon, 22 Nov 2021 12:32:01 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P2
etag
W/"65564ce1462e5292a6d861ad365d56b2"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/svg+xml
via
1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
date
Mon, 04 Apr 2022 22:34:01 GMT
x-amz-cf-id
TDNrNdxtFWgClmt3E3__G54rhsNVsCpzh_ed2tp2uEL6KP10tfgrgA==
01%20-%20nature.svg
static.instiengage.com/avatars/ Frame 34A1 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/avatars/01%20-%20nature.svg
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/comments/api/page?pageUrl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&pageTitle=Angelina%20Jolie%20Admits%20Participation%20In%20Satanic%20Ritual%3F!%20-%20The%20True%20Defender%20!&integrationId=da433b6f-da8b-48a9-a735-7373e57d2199&extPageId={extPageId}&contentId=635d57c6-8f87-4eba-aa3b-b841f6299732&sessionUUID=d4aecf45-fcc6-477d-88d8-b1d4ef214231&frameUuid=e0d484c0-37fa-479c-85d9-662d0cceb6ae
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:4400:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7073c2ac41ea187279e52fd50ed532311190e33f5bc53115c0b0d5985bae6586

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
UCeLnOez402AyH0_JhslzDYSjoEa1cDf
content-encoding
gzip
last-modified
Mon, 22 Nov 2021 12:26:12 GMT
server
AmazonS3
age
265
etag
W/"f639293bf9e65e0c9435585574eaefa6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
date
Mon, 04 Apr 2022 22:33:45 GMT
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
6ZgyYxtRb_8UAtLA0GxQ5uNTz_aulISS0Y1UjnHaRY_rnyDBxU_BJA==
06%20-%20space.svg
static.instiengage.com/avatars/ Frame 34A1 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/avatars/06%20-%20space.svg
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/comments/api/page?pageUrl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&pageTitle=Angelina%20Jolie%20Admits%20Participation%20In%20Satanic%20Ritual%3F!%20-%20The%20True%20Defender%20!&integrationId=da433b6f-da8b-48a9-a735-7373e57d2199&extPageId={extPageId}&contentId=635d57c6-8f87-4eba-aa3b-b841f6299732&sessionUUID=d4aecf45-fcc6-477d-88d8-b1d4ef214231&frameUuid=e0d484c0-37fa-479c-85d9-662d0cceb6ae
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:4400:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7336396c2e3333e50e903376898153f58ec73e122fe3414b7c03f446ba8e95af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
SCcbJ6op4k1Rq47qCPod23ae4knn.oMz
content-encoding
gzip
last-modified
Mon, 22 Nov 2021 12:33:32 GMT
server
AmazonS3
age
111
etag
W/"ec349de7c0056e0939008d4f1d237cf9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
date
Mon, 04 Apr 2022 22:33:45 GMT
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
l2OQNCqkV_bf_rqInhkCH27B_9Ajjz6V4BeYf1cDTjSMhIZsGR9G_A==
truncated
/ Frame 34A1 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
229624ad9cd76da7a456326bfb601344e506ef08416fca467bbf5f2ac3f06948

Request headers

Referer
Origin
https://comment.instiengage.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v16/ Frame 34A1 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v16/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;600;700&display=block
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://comment.instiengage.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 05:34:56 GMT
x-content-type-options
nosniff
age
493144
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48480
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:24:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 30 Mar 2023 05:34:56 GMT
truncated
/ Frame 34A1 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4b3cc9023f3c8daabacc14c13478f50076e849e3657e31edb32b0fa70210f1f

Request headers

Referer
Origin
https://comment.instiengage.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
font/woff;charset=utf-8
4.js
static.instiengage.com/app-comments/ Frame 34A1 		251 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.instiengage.com/app-comments/4.js
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/comments/static/app.js?v=0.0.72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:4400:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
51ec1cb1a1588eaf47a2053f9726ce73950171eac1204df16076bbaf3940e793

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
ohXnCiPO9tcVqWePmJ0TRhfgqzSXK6Kr
content-encoding
br
last-modified
Tue, 29 Mar 2022 02:00:45 GMT
server
AmazonS3
age
8
etag
W/"1575dec235def8422e1f31afe03157f9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
date
Mon, 04 Apr 2022 22:34:00 GMT
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
_HwcNaiggUIIqs7hYAybPdzCqfZep9lR1IzTh8wsSfyHt7fiMrPNAA==
5.js
static.instiengage.com/app-comments/ Frame 34A1 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.instiengage.com/app-comments/5.js
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/comments/static/app.js?v=0.0.72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:4400:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
38a57dc461d704abe6fb6058a94ae7cf1edbee3b604265895d3869a71adcf417

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
Gf1hh6z2Wtvnmu315vlWIaxWtxShsdRL
content-encoding
br
last-modified
Tue, 29 Mar 2022 02:44:23 GMT
server
AmazonS3
age
40
etag
W/"e9951db8312e63cefdc78cab884403ac"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
date
Mon, 04 Apr 2022 22:33:33 GMT
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
DUaZdLtUTSpwHBYX914VTsH_mD2yBvLlG02Zf_SOOoc8OpMS7ePsvg==
page
comment.instiengage.com/live/community/api/ Frame DFA1 		45 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&pageTitle=Angelina%20Jolie%20Admits%20Participation%20In%20Satanic%20Ritual%3F!%20-%20The%20True%20Defender%20!&integrationId=da433b6f-da8b-48a9-a735-7373e57d2199&noAccelerate=true&sessionUUID=d4aecf45-fcc6-477d-88d8-b1d4ef214231&frameUuid=5fb6b2fe-4df8-453e-841e-d492965cddcf
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/loader/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9a1c5d267a63585e27e938e2d97319bd32a33ac2efe99000b7aca65c41145ac
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
cf-cache-status
DYNAMIC
cf-ray
6f6d824a0e210229-ZRH
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 04 Apr 2022 22:34:00 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
requestid
2eacf005-c3f6-4c15-a003-107dcfead6d6
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding Origin
events
prd-collector-anon.ex.co/main/ 		0
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/423b852b-1cd6-42bd-81f0-833a4582bb9d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.78.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-78-200.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Mon, 04 Apr 2022 22:34:00 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
track
atrack.avplayer.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M20&cb=1649111639976&cid=6194c0f876cae755cd2701fa&VERSION=4.140.1&AV_PAGE_LOAD_UID=b680fb33-af8e-4157-b5e7-599c87bdb8df&AV_CDIM4=b680fb33-af8e-4157-b5e7-599c87bdb8df&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.223.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-223-127.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:00 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
truncated
/ Frame 34A1 		942 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04b23695c5196ff9c1a5049ce1bddc19645a6403e1f94a68427ea893e460cf90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 34A1 		863 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
39c8be8e8b2b7895d4da7ed4e0fa4d89cd8e200dbb5ee886bbb7d34fb90f4f46

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 34A1 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
573f0be502559eb5ef349ede1ac802407cd2228da8e136ab2cce5d86b9d20f6e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 34A1 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e82f7358ecdf8b9b7bd1ba09b899071aa026dd07192dee4bb1c3ad9c29b1cfd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 34A1 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4663fbcb6ece2376df5b0057eb81ef062d13997e5c556146e3eb2b0d918044f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 34A1 		855 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3da7daeb348e147594792a28e2766e204d3123c4dc79432c78fe654dcb26ced8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 34A1 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5b40ab15c9b4fd99052ca5af37ce22f2379f8d2722d8e64f41bb3dc5389c75d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 34A1 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a8a07129f0d6c3c3ec92530b2fb31362c48bc4b6058f8d784c5df763232a0fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 34A1 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd6de22bea23412c07dea5014cb261e95a237556c30b6f3ec0a032d787faf0c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
event
event.instiengage.com/v1/ Frame 34A1 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_commenting-unit-load-v2
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/comments/static/vendors~app.js?v=0.0.72
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.110.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-110-18.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://comment.instiengage.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://comment.instiengage.com
date
Mon, 04 Apr 2022 22:34:00 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.instiengage.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_commenting-unit-load-v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.110.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-110-18.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://comment.instiengage.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://comment.instiengage.com
access-control-max-age
3600
content-length
0
date
Mon, 04 Apr 2022 22:34:00 GMT
vary
Origin
event
event.instiengage.com/v1/ Frame 34A1 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_user-browser-v2
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/comments/static/vendors~app.js?v=0.0.72
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.110.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-110-18.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://comment.instiengage.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://comment.instiengage.com
date
Mon, 04 Apr 2022 22:34:00 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.instiengage.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_user-browser-v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.110.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-110-18.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://comment.instiengage.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://comment.instiengage.com
access-control-max-age
3600
content-length
0
date
Mon, 04 Apr 2022 22:34:00 GMT
vary
Origin
css2
fonts.googleapis.com/ Frame DFA1 		4 KB
510 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;600;700&display=block
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&pageTitle=Angelina%20Jolie%20Admits%20Participation%20In%20Satanic%20Ritual%3F!%20-%20The%20True%20Defender%20!&integrationId=da433b6f-da8b-48a9-a735-7373e57d2199&noAccelerate=true&sessionUUID=d4aecf45-fcc6-477d-88d8-b1d4ef214231&frameUuid=5fb6b2fe-4df8-453e-841e-d492965cddcf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
936c6cd15149f72e7ee2ac40f9be78726cd0a9e10054ec59ceee1ff805fccf07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://comment.instiengage.com/
Origin
https://comment.instiengage.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 22:34:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 04 Apr 2022 22:34:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Apr 2022 22:34:00 GMT
css2
fonts.googleapis.com/ Frame DFA1 		4 KB
510 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;600;700&display=block
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&pageTitle=Angelina%20Jolie%20Admits%20Participation%20In%20Satanic%20Ritual%3F!%20-%20The%20True%20Defender%20!&integrationId=da433b6f-da8b-48a9-a735-7373e57d2199&noAccelerate=true&sessionUUID=d4aecf45-fcc6-477d-88d8-b1d4ef214231&frameUuid=5fb6b2fe-4df8-453e-841e-d492965cddcf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
936c6cd15149f72e7ee2ac40f9be78726cd0a9e10054ec59ceee1ff805fccf07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 22:34:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 04 Apr 2022 22:34:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Apr 2022 22:34:00 GMT
truncated
/ Frame DFA1 		2 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
Origin
https://comment.instiengage.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
font/woff;charset=utf-8
11%20-%20nature.svg
static.instiengage.com/avatars/ Frame DFA1 		1 KB
926 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/avatars/11%20-%20nature.svg
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&pageTitle=Angelina%20Jolie%20Admits%20Participation%20In%20Satanic%20Ritual%3F!%20-%20The%20True%20Defender%20!&integrationId=da433b6f-da8b-48a9-a735-7373e57d2199&noAccelerate=true&sessionUUID=d4aecf45-fcc6-477d-88d8-b1d4ef214231&frameUuid=5fb6b2fe-4df8-453e-841e-d492965cddcf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:4400:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
be6739f2f1ffcbb8eff0966af5deb524fa126bf4fa43c7691a6ad5f751544be3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
LkOPaySVOhkwNJwGLVG4R0Ba0ybI6BSk
content-encoding
gzip
last-modified
Mon, 22 Nov 2021 12:32:01 GMT
server
AmazonS3
age
0
etag
W/"65564ce1462e5292a6d861ad365d56b2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
date
Mon, 04 Apr 2022 22:34:01 GMT
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
GbMfxEKXt9yD7TaYNEcp9ZZEGkHfpohzVqxmT7VZKJDLeQuB9bArTg==
04%20-%20space.svg
static.instiengage.com/avatars/ Frame DFA1 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/avatars/04%20-%20space.svg
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&pageTitle=Angelina%20Jolie%20Admits%20Participation%20In%20Satanic%20Ritual%3F!%20-%20The%20True%20Defender%20!&integrationId=da433b6f-da8b-48a9-a735-7373e57d2199&noAccelerate=true&sessionUUID=d4aecf45-fcc6-477d-88d8-b1d4ef214231&frameUuid=5fb6b2fe-4df8-453e-841e-d492965cddcf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:4400:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ccb94442ced44bab1c606689f92a064e20497f6ff44b0a78880d350ba824b2e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
pZ9uljAZlE4KT_ql4i5FQ9NY.aGR4hJG
content-encoding
gzip
last-modified
Mon, 22 Nov 2021 12:34:16 GMT
server
AmazonS3
age
246
etag
W/"a85053bad77463b2b78e4fa1672ccc2d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
date
Mon, 04 Apr 2022 22:31:12 GMT
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
Nk44sag9VioD_MZph8MbuR-paalx_0e0nHKz4ZrjtYPmrkrXqapJiw==
05%20-%20nature.svg
static.instiengage.com/avatars/ Frame DFA1 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/avatars/05%20-%20nature.svg
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&pageTitle=Angelina%20Jolie%20Admits%20Participation%20In%20Satanic%20Ritual%3F!%20-%20The%20True%20Defender%20!&integrationId=da433b6f-da8b-48a9-a735-7373e57d2199&noAccelerate=true&sessionUUID=d4aecf45-fcc6-477d-88d8-b1d4ef214231&frameUuid=5fb6b2fe-4df8-453e-841e-d492965cddcf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:4400:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9e595359e6b3bd7be6af4212593e1deb5315a6470dab88914e5a1e06247aea68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
oMwxPzwdsRxV3Bol8iU9Xr_wpN.duJdM
content-encoding
br
last-modified
Mon, 22 Nov 2021 12:34:09 GMT
server
AmazonS3
age
294
etag
W/"7fd3b6e31b24393b0be6e33fd6083b4f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
date
Mon, 04 Apr 2022 22:31:12 GMT
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
c9JGg6fl4iEcKGd6VSV5g1o0MBkivPMN5bcX_w5gugDdNw305x-kOA==
07%20-%20space.svg
static.instiengage.com/avatars/ Frame DFA1 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/avatars/07%20-%20space.svg
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&pageTitle=Angelina%20Jolie%20Admits%20Participation%20In%20Satanic%20Ritual%3F!%20-%20The%20True%20Defender%20!&integrationId=da433b6f-da8b-48a9-a735-7373e57d2199&noAccelerate=true&sessionUUID=d4aecf45-fcc6-477d-88d8-b1d4ef214231&frameUuid=5fb6b2fe-4df8-453e-841e-d492965cddcf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:4400:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c13be9d2e57fcd5a72964a0b7bf79a0f02734084cf6553d8f663cfea7ed2f732

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
VaEJoSpEmycRMJlgVpVIIPfp_vCEF9Mj
content-encoding
gzip
last-modified
Mon, 22 Nov 2021 12:33:08 GMT
server
AmazonS3
age
167
etag
W/"69b4f152b04c0a5810a6f30473f7d717"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
date
Mon, 04 Apr 2022 22:31:14 GMT
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
UwUVlasBMunRqDUML0tErDk433p8HMhmPV3bDN1ke2rfGElYJNMc6w==
05%20-%20space.svg
static.instiengage.com/avatars/ Frame DFA1 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/avatars/05%20-%20space.svg
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&pageTitle=Angelina%20Jolie%20Admits%20Participation%20In%20Satanic%20Ritual%3F!%20-%20The%20True%20Defender%20!&integrationId=da433b6f-da8b-48a9-a735-7373e57d2199&noAccelerate=true&sessionUUID=d4aecf45-fcc6-477d-88d8-b1d4ef214231&frameUuid=5fb6b2fe-4df8-453e-841e-d492965cddcf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:4400:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42a55578322982b82f9092c0204cd4b08eb33e2b189180eb506c1e173a21a1fe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
ZGYT9MEdcC5z54LKrWL_vF41..q06NjC
content-encoding
gzip
last-modified
Mon, 22 Nov 2021 12:33:55 GMT
server
AmazonS3
age
255
etag
W/"54500ace9437912a3fad6a55ce3dddac"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
date
Mon, 04 Apr 2022 22:33:47 GMT
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
ZRc29o6Lc00HCozDVSKnRENcPlwR4YKHYKwQn4oFIKBfi63bAhPo4Q==
01%20-%20nature.svg
static.instiengage.com/avatars/ Frame DFA1 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/avatars/01%20-%20nature.svg
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&pageTitle=Angelina%20Jolie%20Admits%20Participation%20In%20Satanic%20Ritual%3F!%20-%20The%20True%20Defender%20!&integrationId=da433b6f-da8b-48a9-a735-7373e57d2199&noAccelerate=true&sessionUUID=d4aecf45-fcc6-477d-88d8-b1d4ef214231&frameUuid=5fb6b2fe-4df8-453e-841e-d492965cddcf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:4400:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7073c2ac41ea187279e52fd50ed532311190e33f5bc53115c0b0d5985bae6586

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
UCeLnOez402AyH0_JhslzDYSjoEa1cDf
content-encoding
gzip
last-modified
Mon, 22 Nov 2021 12:26:12 GMT
server
AmazonS3
age
265
etag
W/"f639293bf9e65e0c9435585574eaefa6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
date
Mon, 04 Apr 2022 22:33:45 GMT
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
ZrYCiy_7CbRlZIEpP6IF2G1nbaY4z0qe_sln4Ldan6ZMio6K6iT0mg==
07%20-%20nature.svg
static.instiengage.com/avatars/ Frame DFA1 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/avatars/07%20-%20nature.svg
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&pageTitle=Angelina%20Jolie%20Admits%20Participation%20In%20Satanic%20Ritual%3F!%20-%20The%20True%20Defender%20!&integrationId=da433b6f-da8b-48a9-a735-7373e57d2199&noAccelerate=true&sessionUUID=d4aecf45-fcc6-477d-88d8-b1d4ef214231&frameUuid=5fb6b2fe-4df8-453e-841e-d492965cddcf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:4400:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3d29b18490bffdd97e70aa7b69024cf8c7c445aca59d852cadb8dab800a3a3a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
eTwpbWi9LFXwjBz_zkiYbV8taRHpHn3z
content-encoding
br
last-modified
Mon, 22 Nov 2021 12:33:24 GMT
server
AmazonS3
age
13
etag
W/"01446ef2a5506aad2e06e0c994469dcc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
date
Mon, 04 Apr 2022 22:33:48 GMT
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
OBMwF0NmIQR6drbgyqYwBf4FWTQmA-bIaiGbvNW6QfpFV9QdijD3vQ==
02%20-%20nature.svg
static.instiengage.com/avatars/ Frame DFA1 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/avatars/02%20-%20nature.svg
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&pageTitle=Angelina%20Jolie%20Admits%20Participation%20In%20Satanic%20Ritual%3F!%20-%20The%20True%20Defender%20!&integrationId=da433b6f-da8b-48a9-a735-7373e57d2199&noAccelerate=true&sessionUUID=d4aecf45-fcc6-477d-88d8-b1d4ef214231&frameUuid=5fb6b2fe-4df8-453e-841e-d492965cddcf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:4400:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c84dffa4e3388c57f6fe2d4786d9c31daa05ac090d60c0fbafee3b35bc1fe268

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
ZDftkcAKm9GE_V.s8qKbWcbQ5mCEENNr
content-encoding
gzip
last-modified
Mon, 22 Nov 2021 12:35:09 GMT
server
AmazonS3
age
294
etag
W/"790cc6e02700871f9285a04e7c74a0c5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
date
Mon, 04 Apr 2022 22:30:54 GMT
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
rmPGiNt7rkBkGj7jllCY-yJxSbu24m3a_qInf21bnCIDIsPCsIYKiQ==
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v16/ Frame DFA1 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v16/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;600;700&display=block
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://comment.instiengage.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 05:34:56 GMT
x-content-type-options
nosniff
age
493144
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48480
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:24:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 30 Mar 2023 05:34:56 GMT
vendor.dll.js
comment.instiengage.com/live/vendor/ Frame DFA1 		653 KB
207 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://comment.instiengage.com/live/vendor/vendor.dll.js?v=^3.0.3-beta.1
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&pageTitle=Angelina%20Jolie%20Admits%20Participation%20In%20Satanic%20Ritual%3F!%20-%20The%20True%20Defender%20!&integrationId=da433b6f-da8b-48a9-a735-7373e57d2199&noAccelerate=true&sessionUUID=d4aecf45-fcc6-477d-88d8-b1d4ef214231&frameUuid=5fb6b2fe-4df8-453e-841e-d492965cddcf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7245256dd1c75be9ff7a76a63f1c31874e5263e8b29b083fad5ec2891f29107d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&pageTitle=Angelina%20Jolie%20Admits%20Participation%20In%20Satanic%20Ritual%3F!%20-%20The%20True%20Defender%20!&integrationId=da433b6f-da8b-48a9-a735-7373e57d2199&noAccelerate=true&sessionUUID=d4aecf45-fcc6-477d-88d8-b1d4ef214231&frameUuid=5fb6b2fe-4df8-453e-841e-d492965cddcf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 25 Mar 2022 02:20:00 GMT
server
cloudflare
age
279
etag
W/"623d26d0-a3849"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-polished
origSize=669769
strict-transport-security
max-age=15724800; includeSubDomains
cf-ray
6f6d824b9f7f0229-ZRH
cf-bgj
minify
app.js
static.instiengage.com/app-community/ Frame DFA1
Redirect Chain
  • https://comment.instiengage.com/live/community/static/app.js?v=0.0.42
  • https://static.instiengage.com/app-community/app.js?v=0.0.42
1 MB
304 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.instiengage.com/app-community/app.js?v=0.0.42
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&pageTitle=Angelina%20Jolie%20Admits%20Participation%20In%20Satanic%20Ritual%3F!%20-%20The%20True%20Defender%20!&integrationId=da433b6f-da8b-48a9-a735-7373e57d2199&noAccelerate=true&sessionUUID=d4aecf45-fcc6-477d-88d8-b1d4ef214231&frameUuid=5fb6b2fe-4df8-453e-841e-d492965cddcf
Protocol
H2
Server
2600:9000:2315:4400:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e920ae4bb1b402c4ad9d31bd5c6ecb65277f6020eb801fb3441b94d87e53f917

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
2nfszabQ94imn_WrqmX23_Y8oBdMWAeA
content-encoding
br
last-modified
Tue, 29 Mar 2022 02:44:24 GMT
server
AmazonS3
age
8
etag
W/"f0469d36d1de807d66ec18665b4f588e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
date
Mon, 04 Apr 2022 22:34:00 GMT
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
EZIyBHDDoMZ7N_1Y3m503PjVbJvc8kTyGiBpxOXZ1r8KhzkvFPH3TA==

Redirect headers

date
Mon, 04 Apr 2022 22:34:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
location
https://static.instiengage.com/app-community/app.js?v=0.0.42
cache-control
max-age=3600
cf-ray
6f6d824b9f800229-ZRH
expires
Mon, 04 Apr 2022 23:34:00 GMT
b53c432321728e151a48bbc48acda4ac
static.instiengage.com/comments-service/theadImages/da433b6f-da8b-48a9-a735-7373e57d2199/ddfd7fcf-4513-417b-9cda-24504ed0905f/ Frame DFA1 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/comments-service/theadImages/da433b6f-da8b-48a9-a735-7373e57d2199/ddfd7fcf-4513-417b-9cda-24504ed0905f/b53c432321728e151a48bbc48acda4ac
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&pageTitle=Angelina%20Jolie%20Admits%20Participation%20In%20Satanic%20Ritual%3F!%20-%20The%20True%20Defender%20!&integrationId=da433b6f-da8b-48a9-a735-7373e57d2199&noAccelerate=true&sessionUUID=d4aecf45-fcc6-477d-88d8-b1d4ef214231&frameUuid=5fb6b2fe-4df8-453e-841e-d492965cddcf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:4400:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6e8845b90125e78d8fa84f8c4c78c30789c0d00703387b1cbfda3cdf687c5a8d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
AEloaxFRjAdKUpXyeX0OKPudgG2wEQIw
via
1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
last-modified
Fri, 26 Nov 2021 14:13:23 GMT
server
AmazonS3
age
245
etag
"3c22dce11b0dd479b25fff53781a189a"
x-cache
Hit from cloudfront
content-type
image/jpeg
date
Mon, 04 Apr 2022 22:33:48 GMT
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
20468
x-amz-cf-id
5uvV4a3kFR-LsNvjao09QzHH6nIcItTuWe83JSUEhUKfbdn-4eNGrg==
240f13da0ef4853e8930645a47e9fbdb
static.instiengage.com/comments-service/theadImages/da433b6f-da8b-48a9-a735-7373e57d2199/cd8c9958-457f-4a39-bb2f-328bcbecd15c/ Frame DFA1 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/comments-service/theadImages/da433b6f-da8b-48a9-a735-7373e57d2199/cd8c9958-457f-4a39-bb2f-328bcbecd15c/240f13da0ef4853e8930645a47e9fbdb
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&pageTitle=Angelina%20Jolie%20Admits%20Participation%20In%20Satanic%20Ritual%3F!%20-%20The%20True%20Defender%20!&integrationId=da433b6f-da8b-48a9-a735-7373e57d2199&noAccelerate=true&sessionUUID=d4aecf45-fcc6-477d-88d8-b1d4ef214231&frameUuid=5fb6b2fe-4df8-453e-841e-d492965cddcf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:4400:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ec081d69e074278a6e06d15954db9b07e7a6419388e9bc82aabf66161e64b02f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
kazzj6Y1YVH.wxFzaNxjLpxymZhzA7Uf
via
1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
last-modified
Mon, 13 Dec 2021 00:26:32 GMT
server
AmazonS3
age
245
etag
"f16ec2e66ecf394e70ac9a7c5a3e8402"
x-cache
Hit from cloudfront
content-type
image/jpeg
date
Mon, 04 Apr 2022 22:31:14 GMT
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
43520
x-amz-cf-id
TWclaTj80sUsjzomSRiKhEyc2LjbupXzQQIBvb0y8-dMvgZK2wlzuA==
01282a1d0a719a3726456e0d3347bd96
static.instiengage.com/comments-service/theadImages/da433b6f-da8b-48a9-a735-7373e57d2199/7e813d12-74e5-4935-bddc-c0f3142a1d93/ Frame DFA1 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/comments-service/theadImages/da433b6f-da8b-48a9-a735-7373e57d2199/7e813d12-74e5-4935-bddc-c0f3142a1d93/01282a1d0a719a3726456e0d3347bd96
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&pageTitle=Angelina%20Jolie%20Admits%20Participation%20In%20Satanic%20Ritual%3F!%20-%20The%20True%20Defender%20!&integrationId=da433b6f-da8b-48a9-a735-7373e57d2199&noAccelerate=true&sessionUUID=d4aecf45-fcc6-477d-88d8-b1d4ef214231&frameUuid=5fb6b2fe-4df8-453e-841e-d492965cddcf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:4400:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eb8984b2c492438738712e3ac335feece4640008318654cbe35ac9ad06c41ea2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
QLVFRG8XjQiXLocAbOLK3_GGSslGRW7J
via
1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
last-modified
Fri, 03 Dec 2021 01:12:00 GMT
server
AmazonS3
age
245
etag
"abd6b16e88b49f4ebbc3184a23caa9ab"
x-cache
Hit from cloudfront
content-type
image/jpeg
date
Mon, 04 Apr 2022 22:31:14 GMT
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
42591
x-amz-cf-id
vldysrvFDWfwRdT6JGVYBCF6pu26cGmoQbNvdTeLGN_ShcZPdIa35g==
110affb91fa0a40bc682c29bdac55e9c
static.instiengage.com/comments-service/theadImages/da433b6f-da8b-48a9-a735-7373e57d2199/0dfbb468-3a48-4b90-8e1a-d188e1a365d5/ Frame DFA1 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/comments-service/theadImages/da433b6f-da8b-48a9-a735-7373e57d2199/0dfbb468-3a48-4b90-8e1a-d188e1a365d5/110affb91fa0a40bc682c29bdac55e9c
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&pageTitle=Angelina%20Jolie%20Admits%20Participation%20In%20Satanic%20Ritual%3F!%20-%20The%20True%20Defender%20!&integrationId=da433b6f-da8b-48a9-a735-7373e57d2199&noAccelerate=true&sessionUUID=d4aecf45-fcc6-477d-88d8-b1d4ef214231&frameUuid=5fb6b2fe-4df8-453e-841e-d492965cddcf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:4400:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6c6e89a4c4ad08df20576cd277d1cbf439b5ed91e17ccaf7d14d1eb5d27617fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
ANnFHdgLz7Z6HmtHlJJiqHM0dN8MUfEG
via
1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
last-modified
Fri, 26 Nov 2021 13:17:27 GMT
server
AmazonS3
age
245
etag
"d61f6bbda09956cabfe8ad283a764eff"
x-cache
Hit from cloudfront
content-type
image/jpeg
date
Mon, 04 Apr 2022 22:33:48 GMT
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
31426
x-amz-cf-id
pg7aPq2Rv0VIYJD6BVvcNHXRsAjmMZqiVNWy6bjwcwPthayGw0LYyg==
7f7f771f2b2291a12af5b79fe54f3106
static.instiengage.com/comments-service/theadImages/da433b6f-da8b-48a9-a735-7373e57d2199/181f2e43-1a76-43c1-86de-54d1c36d3496/ Frame DFA1 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/comments-service/theadImages/da433b6f-da8b-48a9-a735-7373e57d2199/181f2e43-1a76-43c1-86de-54d1c36d3496/7f7f771f2b2291a12af5b79fe54f3106
Requested by
Host: comment.instiengage.com
URL: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&pageTitle=Angelina%20Jolie%20Admits%20Participation%20In%20Satanic%20Ritual%3F!%20-%20The%20True%20Defender%20!&integrationId=da433b6f-da8b-48a9-a735-7373e57d2199&noAccelerate=true&sessionUUID=d4aecf45-fcc6-477d-88d8-b1d4ef214231&frameUuid=5fb6b2fe-4df8-453e-841e-d492965cddcf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:4400:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5c5ea8c663b65d9c0a9cffc32558b896881d27aefb0cf2acbb213a554bfa8302

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://comment.instiengage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
V7WMDPon9N_nkJ.EzTuBrpTq93YCx09B
via
1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
last-modified
Sat, 04 Dec 2021 17:56:23 GMT
server
AmazonS3
age
245
etag
"cc782038eaa1d579038def40731e843a"
x-cache
Hit from cloudfront
content-type
image/jpeg
date
Mon, 04 Apr 2022 22:33:48 GMT
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
37452
x-amz-cf-id
FMH-iFSvxZzuPFJuFBmKQOa2zLz1OO5K4SXPHaUfXk62QCoIFYlLlw==
369.json
id5-sync.com/g/v2/ 		213 B
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/369.json
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.7.205 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p28.id5-sync.com
Software
/
Resource Hash
ab7a503a470dec5a0a38adba6d3808c1bece79f94de3733d9dca78be167bcdae
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://thetruedefender.com
Date
Mon, 04 Apr 2022 22:34:00 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
sync.html
cdn.aralego.net/ucfad/cookie/ Frame BA2B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
age
6000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
6f6d825059db0f76-MXP
content-encoding
br
content-type
text/html
date
Mon, 04 Apr 2022 22:34:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 16 Dec 2020 08:30:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B2z3Qu3WrJMYOKWwNSbOx0wGnbVdMVbLbWCWZtLKPUtyJRhtHgT%2BQ%2Fl9FkVmDlhzB4qrQd23QzAdNZ6o80S8dndory4UK1wd3ZkY5oNNDKoZNyqN1xVdfY9hNVjSr0Duvzw9kCb8adM2vr17%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 9D7A 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Ff80a0650-9f32-4810-a791-ad2eb56e62d3%3Fuid%3D
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-85-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
42ae9e43ac798158a21518fd66207f78421084d000589dcfe5f57f93240a9867

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1486
Content-Type
text/html
Date
Mon, 04 Apr 2022 22:34:01 GMT
Dropped-Udsids
73|46|4|206|152|111|221|123
Expires
Mon, 04 Apr 2022 22:34:01 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
async_usersync.html
acdn.adnxs.com/dmp/ Frame 292D 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
61179
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 04 Apr 2022 22:34:01 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 01 Apr 2022 05:34:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 1116677
X-Served-By
cache-lga21970-LGA, cache-hhn4059-HHN
X-Timer
S1649111642.633044,VS0,VE0
beacon
ap.lijit.com/ Frame AB05 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406715
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Mon, 04 Apr 2022 22:34:01 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Server
nginx
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap7ams1
/
onetag-sys.com/usync/ Frame 9DC3 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1649111635502
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
2b9d395f79fd97a5
sync.e-planning.net/uspd/1/ Frame 9FA3 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2Ff80a0650-9f32-4810-a791-ad2eb56e62d3%3Fuid%3D%24UID
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
cb5f3898c937f889ac8740e9bac30d9c702ad927f1ebd4b83c8b4d9e47bb7949

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Mon, 04 Apr 2022 22:34:01 GMT
expires
Mon, 04 Apr 2022 22:34:01 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-603
check.html
biddr.brealtime.com/ Frame 9892 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Age
4509
CF-Cache-Status
HIT
CF-RAY
6f6d82508d7e3bb6-CDG
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 04 Apr 2022 22:34:01 GMT
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Expires
Mon, 04 Apr 2022 23:34:01 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
64a2/mMiEAEcE6A0Bt+2Erlf5G8/Vr6F+aKm35SudGm/mhDDMsfdh3kdR47hqOgX9Nj5IT4Nh94=
x-amz-request-id
WMCZ1XWCTS57FSV5
/
spl.zeotap.com/ Frame 820A 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01c3dd0a51f1693c7e1e71046ac12717a4c00aee994ea691f1c93d2c95709290

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://thetruedefender.com
cf-cache-status
DYNAMIC
cf-ray
6f6d8250595401fc-ZRH
content-encoding
br
content-type
text/html
date
Mon, 04 Apr 2022 22:34:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
rubicon
ex.ingage.tech/v1/syncPage/ Frame F547 		951 B
616 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/syncPage/rubicon?userId=f80a0650-9f32-4810-a791-ad2eb56e62d3&to=https%3A%2F%2Fsecure-assets.rubiconproject.com%2Futils%2Fxapi%2Fmulti-sync.html%3Fendpoint%3Dus-east%26p%3Dinsticator
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:efc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d048d1ba1fb1f78e38c3e0cc432db86fb8138d98d4b61242b1b7951f62208b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
cf-cache-status
DYNAMIC
cf-ray
6f6d825029860208-ZRH
content-encoding
gzip
content-type
text/html
date
Mon, 04 Apr 2022 22:34:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
ps
ssc-cms.33across.com/ Frame 3A72 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps?m=xch&rt=html&id=0010b00001rrPUnAAM&ru=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2F33across%2Ff80a0650-9f32-4810-a791-ad2eb56e62d3%3Fuid%3D33XUSERID33X
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP001 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:01 GMT
server
33XP001
x-33x-status
2000208
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C6D1 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=46588
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 04 Apr 2022 22:34:01 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 05 Apr 2022 11:30:29 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame 08B6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bAsyo8U7Or6PeLaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP003 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:01 GMT
server
33XP003
x-33x-status
2000208
/
onetag-sys.com/usync/ Frame 4035 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5649f68000b2f63&gdpr_consent=%7Cf80a0650-9f32-4810-a791-ad2eb56e62d3&gdpr=0
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
/
ssc-cms.33across.com/ps/ Frame 2750 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=atx4xsU7Or6R0PaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/bb28d960-28c3-46bc-ac88-49bbb3388212.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP001 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:01 GMT
server
33XP001
x-33x-status
2000208
services
sync.technoratimedia.com/ 		0
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=90&uid=f80a0650-9f32-4810-a791-ad2eb56e62d3&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsynacor%2Ff80a0650-9f32-4810-a791-ad2eb56e62d3%3Fuid%3D%5BUSER_ID%5D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
132.226.63.138 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:01 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
791151989
access-control-allow-origin
https://thetruedefender.com/
access-control-allow-credentials
true
f80a0650-9f32-4810-a791-ad2eb56e62d3
ex.ingage.tech/v1/sync/acuityads/
Redirect Chain
  • https://cs.admanmedia.com/sync/insticator_ssp?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Facuityads%2Ff80a0650-9f32-4810-a791-ad2eb56e62d3%3Fuid%3D%7B%24UID%7D
  • https://ex.ingage.tech/v1/sync/acuityads/f80a0650-9f32-4810-a791-ad2eb56e62d3?uid=44d17cb904af046e2d709ec8e7a82e43925731c8
0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/sync/acuityads/f80a0650-9f32-4810-a791-ad2eb56e62d3?uid=44d17cb904af046e2d709ec8e7a82e43925731c8
Protocol
H2
Server
2606:4700:10::ac43:efc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
cache-control
private, max-age=1296000
access-control-allow-credentials
true
cf-ray
6f6d82525b590208-ZRH

Redirect headers

Location
https://ex.ingage.tech/v1/sync/acuityads/f80a0650-9f32-4810-a791-ad2eb56e62d3?uid=44d17cb904af046e2d709ec8e7a82e43925731c8
Date
Mon, 04 Apr 2022 22:34:01 GMT
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
X-Frame-Options
DENY
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
f80a0650-9f32-4810-a791-ad2eb56e62d3
ex.ingage.tech/v1/sync/bidswitch/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=insticator&custom_data=f80a0650-9f32-4810-a791-ad2eb56e62d3
  • https://x.bidswitch.net/ul_cb/sync?ssp=insticator&custom_data=f80a0650-9f32-4810-a791-ad2eb56e62d3
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dinsti...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=ae4b42bd391840af856b4b83e5d5e34b&ssp=insticator&bsw_param=8fa858c4-3ead-4827-bd8e-a20205159fb9&gdpr=&consent=&gdpr_pd=&expires=7
  • https://ex.ingage.tech/v1/sync/bidswitch/f80a0650-9f32-4810-a791-ad2eb56e62d3?uid=8fa858c4-3ead-4827-bd8e-a20205159fb9&gdpr=&gdpr_consent=&us_privacy=
0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/sync/bidswitch/f80a0650-9f32-4810-a791-ad2eb56e62d3?uid=8fa858c4-3ead-4827-bd8e-a20205159fb9&gdpr=&gdpr_consent=&us_privacy=
Protocol
H2
Server
2606:4700:10::ac43:efc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
cache-control
private, max-age=1296000
access-control-allow-credentials
true
cf-ray
6f6d8252abb30208-ZRH

Redirect headers

Location
//ex.ingage.tech/v1/sync/bidswitch/f80a0650-9f32-4810-a791-ad2eb56e62d3?uid=8fa858c4-3ead-4827-bd8e-a20205159fb9&gdpr=&gdpr_consent=&us_privacy=
Date
Mon, 04 Apr 2022 22:34:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
ap.lijit.com/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsovrn%2Ff80a0650-9f32-4810-a791-ad2eb56e62d3%3Fuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 04 Apr 2022 22:34:01 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
usa
sync.go.sonobi.com/ 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fsonobi%2Ff80a0650-9f32-4810-a791-ad2eb56e62d3%3Fuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 22:34:01 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
/
onetag-sys.com/usync/ 		0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
f80a0650-9f32-4810-a791-ad2eb56e62d3
ex.ingage.tech/v1/sync/amx/
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Famx%2Ff80a0650-9f32-4810-a791-ad2eb56e62d3%3Fuid%3D
  • https://ex.ingage.tech/v1/sync/amx/f80a0650-9f32-4810-a791-ad2eb56e62d3?uid=eefe903e-f547-4e12-b160-93eb795c363e&gdpr=0
0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/sync/amx/f80a0650-9f32-4810-a791-ad2eb56e62d3?uid=eefe903e-f547-4e12-b160-93eb795c363e&gdpr=0
Protocol
H2
Server
2606:4700:10::ac43:efc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
cache-control
private, max-age=1296000
access-control-allow-credentials
true
cf-ray
6f6d82511a380208-ZRH

Redirect headers

location
https://ex.ingage.tech/v1/sync/amx/f80a0650-9f32-4810-a791-ad2eb56e62d3?uid=eefe903e-f547-4e12-b160-93eb795c363e&gdpr=0
date
Mon, 04 Apr 2022 22:34:01 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
f80a0650-9f32-4810-a791-ad2eb56e62d3
ex.ingage.tech/v1/sync/yahoo/
Redirect Chain
  • https://ex.ingage.tech/v1/syncPage/yahoo?userId=f80a0650-9f32-4810-a791-ad2eb56e62d3&to=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58602%2Focc
  • https://ups.analytics.yahoo.com/ups/58602/occ
  • https://ups.analytics.yahoo.com/ups/58602/occ?verify=true
  • https://ex.ingage.tech/v1/syncPage/yahoo?uid=y-aoUABRxE2uE7SvKRMbdozmhrgSqpLXP_6NiOX1M-~A
  • https://ex.ingage.tech/v1/sync/yahoo/f80a0650-9f32-4810-a791-ad2eb56e62d3?uid=y-aoUABRxE2uE7SvKRMbdozmhrgSqpLXP_6NiOX1M-~A
0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/sync/yahoo/f80a0650-9f32-4810-a791-ad2eb56e62d3?uid=y-aoUABRxE2uE7SvKRMbdozmhrgSqpLXP_6NiOX1M-~A
Protocol
H2
Server
2606:4700:10::ac43:efc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
cache-control
private, max-age=1296000
access-control-allow-credentials
true
cf-ray
6f6d8252cbdc0208-ZRH

Redirect headers

date
Mon, 04 Apr 2022 22:34:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
location
/v1/sync/yahoo/f80a0650-9f32-4810-a791-ad2eb56e62d3?uid=y-aoUABRxE2uE7SvKRMbdozmhrgSqpLXP_6NiOX1M-~A
access-control-allow-credentials
true
cf-ray
6f6d8251fae50208-ZRH
content-length
0
pixelSync
pixel.sitescout.com/dmp/ Frame 9FA3 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D16c709670005682a
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2Ff80a0650-9f32-4810-a791-ad2eb56e62d3%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:01 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
prebid
rtb.openx.net/sync/ Frame 9FA3 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D16c709670005682a%26uid%3D%24%7BUID%7D
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2Ff80a0650-9f32-4810-a791-ad2eb56e62d3%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:01 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
lre9o1gjd9tfu6j50aq69b022kv3arbq
ptag
a.audrte.com/ Frame 9FA3 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2Ff80a0650-9f32-4810-a791-ad2eb56e62d3%3Fuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.116.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-116-73.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
5cdc95d6d39476ca28f815477ec8b4f864c940703df672569fc3b42081da1e3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 22:34:02 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1680
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame 9FA3 		266 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2Ff80a0650-9f32-4810-a791-ad2eb56e62d3%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:01 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sat, 03 Apr 2027 22:34:01 GMT
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 9FA3
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D16c709670005682a
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fsync.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fsync.e-planning.net%2F
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2Ff80a0650-9f32-4810-a791-ad2eb56e62d3%3Fuid%3D%24UID
Protocol
H2
Server
162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.236.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:01 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fsync.e-planning.net%2F
date
Mon, 04 Apr 2022 22:34:01 GMT
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame 9FA3
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D16c709670005682a%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=16c709670005682a&uid=4561750498577447606
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=16c709670005682a&uid=4561750498577447606
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2Ff80a0650-9f32-4810-a791-ad2eb56e62d3%3Fuid%3D%24UID
Protocol
H2
Server
5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:01 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 22:34:01 GMT
X-Proxy-Origin
193.27.14.44; 193.27.14.44; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
57597b53-4449-401a-b82e-9dec18c5eeb2
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=16c709670005682a&uid=4561750498577447606
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 292D 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 22:34:01 GMT
X-Proxy-Origin
193.27.14.44; 193.27.14.44; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d4ea7acf-33b4-4ad8-8cb5-23b1575dcc28
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
getuid
ib.adnxs.com/ Frame 820A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 820A 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 820A
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=dd6f97d6-002e-46f5-ba40-ab50e5822bd9&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=dd6f97d6-002e-46f5-ba40-ab50e5822bd9&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6f6d8251fab101fc-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=dd6f97d6-002e-46f5-ba40-ab50e5822bd9&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
date
Mon, 04 Apr 2022 22:34:01 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame 820A 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:01 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame 820A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df2daaf28-cf87-4bc6-7afb-3bddac0b1aa2%26reqId%3De...
  • https://mwzeom.zeotap.com/mw?cid=b8eb005d-f98a-429e-9a28-2eca98b7a02c&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=b8eb005d-f98a-429e-9a28-2eca98b7a02c&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6f6d8251da9801fc-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=b8eb005d-f98a-429e-9a28-2eca98b7a02c&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
481
cm
trc.taboola.com/sg/zeotap/1/ Frame 820A 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms
24
date
Mon, 04 Apr 2022 22:34:01 GMT
via
1.1 varnish
server
nginx
x-timer
S1649111642.868869,VS0,VE24
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-mxp6955-MXP
u
dmp.v.fwmrm.net/ad/ Frame 820A 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f16:e61:3f02:363e:3490:f8eb:b263 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 22:34:02 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 820A 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df2daaf28-cf87-4bc6-7afb-3bddac0b1aa2%26reqId%3De33d3ca6-ced1-4104-72f2-4cad43ec9374%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 820A
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=660265f8-7c2e-45f1-9e66-2f0d66fb8da9&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=660265f8-7c2e-45f1-9e66-2f0d66fb8da9&zpartnerid=317&gdpr=1&gdpr_consent=
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:02 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6f6d8252db9101fc-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:02 GMT
server
Apache-Coyote/1.1
location
https://mwzeom.zeotap.com/mw?cid=660265f8-7c2e-45f1-9e66-2f0d66fb8da9&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 820A
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=90028394726646917450871788997285788326&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=90028394726646917450871788997285788326&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:02 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6f6d8252cb7d01fc-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcscanary-prod-irl1-1-v035-0e67bfa71.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
YOJ3izEtQpw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=90028394726646917450871788997285788326&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 820A 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:01 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 820A
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022040500-27977-0.216226001649111621-6dacf9bac3d1baf0ff8c0a5f482a0f9c&zdid=533&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2022040500-27977-0.216226001649111621-6dacf9bac3d1baf0ff8c0a5f482a0f9c&zdid=533&env=mWeb
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6f6d82523af001fc-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2022040500-27977-0.216226001649111621-6dacf9bac3d1baf0ff8c0a5f482a0f9c&zdid=533&env=mWeb
Date
Mon, 04 Apr 2022 22:33:41 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 820A
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7082880565563226266&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7082880565563226266&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6f6d8251da9a01fc-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7082880565563226266&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
Date
Mon, 04 Apr 2022 22:34:01 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame 820A
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2
95 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:01 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2
date
Mon, 04 Apr 2022 22:34:01 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame 820A
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=pbqzVOhQrmZbf9vbFBoz2e&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-41...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=pbqzVOhQrmZbf9vbFBoz2e&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:02 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6f6d82529b5101fc-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:01 GMT
via
1.1 google
last-modified
Mon, 04 Apr 2022 22:34:01 GMT
server
nginx/1.18.0
location
https://mwzeom.zeotap.com/mw?webouuid=pbqzVOhQrmZbf9vbFBoz2e&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 820A 		36 B
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.15.245.80 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:01 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-length
36
content-type
image/gif
mw
mwzeom.zeotap.com/ Frame 820A
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://mwzeom.zeotap.com/mw?pid=fb9d6148be821578bfae6bf32c420898&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ce...
95 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=fb9d6148be821578bfae6bf32c420898&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:02 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6f6d82526b1a01fc-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:01 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=fb9d6148be821578bfae6bf32c420898&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
cache-control
no-cache
x-server
10.45.9.40
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 820A
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-YWCkir5E2opqsiLzi74rMvUBTWvm.nO3oQ--~A&zpartnerid=570&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-YWCkir5E2opqsiLzi74rMvUBTWvm.nO3oQ--~A&zpartnerid=570&env=mWeb
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:02 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6f6d8252eba801fc-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

date
Mon, 04 Apr 2022 22:34:02 GMT
via
http/1.1 spdc0105.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-YWCkir5E2opqsiLzi74rMvUBTWvm.nO3oQ--~A&zpartnerid=570&env=mWeb
content-length
0
mw
mwzeom.zeotap.com/ Frame 820A
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=5BYANHpBhdxrKdY8ddfrYbG9vqsuQsRd%2BS41iYitP1U%3D
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=5BYANHpBhdxrKdY8ddfrYbG9vqsuQsRd%2BS41iYitP1U%3D
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:02 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6f6d8252ab6601fc-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:02 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=5BYANHpBhdxrKdY8ddfrYbG9vqsuQsRd%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
usermatch.gif
beacon.krxd.net/ Frame 820A 		0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.247.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-247-247.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:02 GMT
cache-control
private, no-cache, no-store
x-request-time
D=29 t=1649111642
x-served-by
beacon-n010-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 820A 		95 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.236.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:01 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame 820A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YktyVgASWkuzKABH&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4ca...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YktyVgASWkuzKABH&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6f6d82524af801fc-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:01 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1649111642.817516,VS0,VE89
x-served-by
cache-hhn4058-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YktyVgASWkuzKABH&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame 820A
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=a531624b-725a-4c00-918c-7e97be19413b&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=a531624b-725a-4c00-918c-7e97be19413b&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:02 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6f6d82541cbe01fc-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Mon, 04 Apr 2022 22:34:02 GMT
Server
MT3 4320 2f2dfe5 master cdg-pixel-x7 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=a531624b-725a-4c00-918c-7e97be19413b&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Mon, 04 Apr 2022 22:34:01 GMT
usermatch.gif
beacon.krxd.net/ Frame 820A
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec...
0
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
Protocol
H2
Server
52.215.247.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-247-247.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:02 GMT
cache-control
private, no-cache, no-store
x-request-time
D=31 t=1649111642
x-served-by
beacon-n003-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
date
Mon, 04 Apr 2022 22:34:02 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a013-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 820A
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7af...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7af...
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361&dcc=t
Protocol
HTTP/1.1
Server
52.95.115.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 22:34:02 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
CE8EEQ3VGZ04VHTMGG9B
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 22:34:02 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
2V0BH845SRBXD010AACM
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 820A 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 22:34:02 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 820A
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df2d...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:02 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6f6d82531bdf01fc-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
date
Mon, 04 Apr 2022 22:34:02 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame 820A 		557 B
469 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c178ffbcb1390babbb89606e256ee6f4a296cf6af1c19ad74538077715ca873

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cf-ray
6f6d82515a2001fc-ZRH
date
Mon, 04 Apr 2022 22:34:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
YktyVpZBRnjg0Bbiom4IrAAABIYAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9D7A 		43 B
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YktyVpZBRnjg0Bbiom4IrAAABIYAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Ff80a0650-9f32-4810-a791-ad2eb56e62d3%3Fuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:8032:ea84:336c:262b Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:01 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
getuid
secure.adnxs.com/ Frame 9D7A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Ff80a0650-9f32-4810-a791-ad2eb56e62d3%3Fuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 9D7A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3527854499195768663
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3527854499195768663
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Ff80a0650-9f32-4810-a791-ad2eb56e62d3%3Fuid%3D
Protocol
HTTP/1.1
Server
2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-85-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 22:34:01 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 04 Apr 2022 22:34:01 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3527854499195768663
pragma
no-cache
date
Mon, 04 Apr 2022 22:34:01 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sync
ups.analytics.yahoo.com/ups/55940/ Frame 9D7A 		0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YktyVpZBRnjg0Bbiom4IrAAABIYAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Ff80a0650-9f32-4810-a791-ad2eb56e62d3%3Fuid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:01 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 9D7A
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=f035df18-8a5b-4be0-ab93-b3510091b5b2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=f035df18-8a5b-4be0-ab93-b3510091b5b2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Ff80a0650-9f32-4810-a791-ad2eb56e62d3%3Fuid%3D
Protocol
HTTP/1.1
Server
2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-85-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 22:34:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 04 Apr 2022 22:34:02 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 22:34:02 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=f035df18-8a5b-4be0-ab93-b3510091b5b2
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame 9D7A 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Ff80a0650-9f32-4810-a791-ad2eb56e62d3%3Fuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:01 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
qmap
sync.crwdcntrl.net/ Frame 9D7A
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=6725&tp=INDX&tpid=YktyVpZBRnjg0Bbiom4IrAAA%261158&gdpr=1&gdpr_consent=&us_privacy=
  • https://sync.crwdcntrl.net/qmap?c=6725&tp=INDX&tpid=YktyVpZBRnjg0Bbiom4IrAAA%261158&gdpr=1&gdpr_consent=&us_privacy=&ct=y
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=6725&tp=INDX&tpid=YktyVpZBRnjg0Bbiom4IrAAA%261158&gdpr=1&gdpr_consent=&us_privacy=&ct=y
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Ff80a0650-9f32-4810-a791-ad2eb56e62d3%3Fuid%3D
Protocol
H2
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:01 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.27.73
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:01 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=6725&tp=INDX&tpid=YktyVpZBRnjg0Bbiom4IrAAA%261158&gdpr=1&gdpr_consent=&us_privacy=&ct=y
cache-control
no-cache
x-server
10.45.26.134
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 9D7A
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=vVRBRK0NT2xMwyPpKSCS_MEbDiw
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=vVRBRK0NT2xMwyPpKSCS_MEbDiw
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Ff80a0650-9f32-4810-a791-ad2eb56e62d3%3Fuid%3D
Protocol
HTTP/1.1
Server
2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-85-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 22:34:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 04 Apr 2022 22:34:02 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=vVRBRK0NT2xMwyPpKSCS_MEbDiw
Date
Mon, 04 Apr 2022 22:34:02 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
f80a0650-9f32-4810-a791-ad2eb56e62d3
ex.ingage.tech/v1/sync/ix/ Frame 9D7A 		0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/sync/ix/f80a0650-9f32-4810-a791-ad2eb56e62d3?uid=YktyVpZBRnjg0Bbiom4IrAAABIYAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2Ff80a0650-9f32-4810-a791-ad2eb56e62d3%3Fuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:efc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
cache-control
private, max-age=604800
access-control-allow-credentials
true
cf-ray
6f6d82517a6f0208-ZRH
usync.html
eus.rubiconproject.com/ Frame 546C
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2Ff80a0650-9f32-4810-a791-ad2eb56e62d3%3Fuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Apr 2022 22:34:01 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Apr 2022 22:34:01 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9B18 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D16c709670005682a%26uid%3D
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2Ff80a0650-9f32-4810-a791-ad2eb56e62d3%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=46588
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 04 Apr 2022 22:34:01 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 05 Apr 2022 11:30:29 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame ED41 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D16c709670005682a%26uid%3D
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2Ff80a0650-9f32-4810-a791-ad2eb56e62d3%3Fuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-85-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1e3dbf22ec653d6007e2790ffc97cc378f5f8b920bf3c76c50016551dca94c8c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1637
Content-Type
text/html
Date
Mon, 04 Apr 2022 22:34:01 GMT
Dropped-Udsids
3|65|81|64|39|241|13|196
Expires
Mon, 04 Apr 2022 22:34:01 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame A72E 		1 KB
987 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2Ff80a0650-9f32-4810-a791-ad2eb56e62d3%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
0
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Mon, 04 Apr 2022 22:34:02 GMT
etag
W/"61ddbb71-5f5"
expires
Sun, 10 Jan 2027 17:30:12 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-rand
58.812
x-cf-tsc
1641922213
x-cf1
29080:dA.waw1:co:1585621119:cacheN.waw1-01:D
x-cf2
H
x-cf3
M
x-cff
B
/
onetag-sys.com/usync/ Frame 576E 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2Ff80a0650-9f32-4810-a791-ad2eb56e62d3%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 3401 		530 B
803 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2Ff80a0650-9f32-4810-a791-ad2eb56e62d3%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
178ccd7a75136917b732bb9c96be9647d45503641869806bbf5ede7695dfe770

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://sync.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
6f6d82514a0e01fc-ZRH
content-encoding
br
content-type
text/html
date
Mon, 04 Apr 2022 22:34:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
sync
odr.mookie1.com/t/v2/ Frame BA2B
Redirect Chain
  • https://sync.aralego.com/idsync?
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/a6d1eea6-c987-4a3f-ad57-d462b8d19818?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-JE6fw6VE2oWSv3QPTP3rbx8eB.v9BHKHOWuKcP0-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=b8eb005d-f98a-429e-9a28-2eca98b7a02c
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/a6d1eea6-c987-4a3f-ad57-d462b8d19818?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-JE6fw6VE2oWSv3QPTP3rbx8eB.v9BHKHOWuKcP0-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=b8eb005d-f98a-429e-9a28-2eca98b7a02c
  • https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=a6d1eea6-c987-4a3f-ad57-d462b8d19818&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=ucfunnel&bsw_param=8fa858c4-3ead-4827-bd8e-a20205159fb9&google_hm=OGZhODU4YzQtM2VhZC00ODI3LWJkOGUtYTIwMjA1MTU5ZmI5
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEI-zOwS52Ky4853t4SjDikI&google_cver=1&ssp=ucfunnel&bsw_param=8fa858c4-3ead-4827-bd8e-a20205159fb9
  • https://sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=8fa858c4-3ead-4827-bd8e-a20205159fb9
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=b8eb005d-f98a-429e-9a28-2eca98b7a02c
  • https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=a6d1eea6-c987-4a3f-ad57-d462b8d19818&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8fa858c4-3ead-4827-bd8e-a20205159fb9&ssp=ucfunnel&gdpr=0&gdpr_consent=
43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8fa858c4-3ead-4827-bd8e-a20205159fb9&ssp=ucfunnel&gdpr=0&gdpr_consent=
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/sync.html
Protocol
H2
Server
34.98.67.61 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:04 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8fa858c4-3ead-4827-bd8e-a20205159fb9&ssp=ucfunnel&gdpr=0&gdpr_consent=
Date
Mon, 04 Apr 2022 22:34:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame C6D1 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=68723229&p=95054&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
168cb6d635247ff4aae2a0381bae3483c3c22c93c298219996ac1f93eb50cde5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:00 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.html
eus.rubiconproject.com/ Frame F547
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?endpoint=us-east&p=insticator
  • https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Requested by
Host: ex.ingage.tech
URL: https://ex.ingage.tech/v1/syncPage/rubicon?userId=f80a0650-9f32-4810-a791-ad2eb56e62d3&to=https%3A%2F%2Fsecure-assets.rubiconproject.com%2Futils%2Fxapi%2Fmulti-sync.html%3Fendpoint%3Dus-east%26p%3Dinsticator
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ex.ingage.tech/v1/syncPage/rubicon?userId=f80a0650-9f32-4810-a791-ad2eb56e62d3&to=https%3A%2F%2Fsecure-assets.rubiconproject.com%2Futils%2Fxapi%2Fmulti-sync.html%3Fendpoint%3Dus-east%26p%3Dinsticator
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Apr 2022 22:34:01 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Apr 2022 22:34:01 GMT
location
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame 546C 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b7781f6fa62c80c336671d895754a77ce8d0f5e9fe30e0b1f40d08c66261408b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 22:34:01 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=53415
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9541
Expires
Tue, 05 Apr 2022 13:24:16 GMT
crum
dsum-sec.casalemedia.com/ Frame ED41
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=30e7624b-7259-4d00-bf87-79838231cfba&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=30e7624b-7259-4d00-bf87-79838231cfba&gdpr=1&gdpr_consent=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D16c709670005682a%26uid%3D
Protocol
HTTP/1.1
Server
2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-85-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 22:34:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 04 Apr 2022 22:34:02 GMT

Redirect headers

Date
Mon, 04 Apr 2022 22:34:02 GMT
Server
MT3 4320 2f2dfe5 master zrh-pixel-x2 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=30e7624b-7259-4d00-bf87-79838231cfba&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 04 Apr 2022 22:34:01 GMT
rum
dsum.casalemedia.com/ Frame ED41
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1649198041&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1649198041&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D16c709670005682a%26uid%3D
Protocol
HTTP/1.1
Server
2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-85-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 22:34:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 04 Apr 2022 22:34:02 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1649198041&gdpr=1
pragma
no-cache
date
Mon, 04 Apr 2022 22:34:01 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame ED41
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=V3N2_VZzd6ZMJCf5UXdvrlF5IP5Mcyf-WXHZ-WJf
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=V3N2_VZzd6ZMJCf5UXdvrlF5IP5Mcyf-WXHZ-WJf
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D16c709670005682a%26uid%3D
Protocol
HTTP/1.1
Server
2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-85-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 22:34:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 04 Apr 2022 22:34:02 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:01 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=V3N2_VZzd6ZMJCf5UXdvrlF5IP5Mcyf-WXHZ-WJf
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame ED41 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D16c709670005682a%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:01 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
casale
match.adsrvr.org/track/cmf/ Frame ED41 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D16c709670005682a%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:01 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame ED41
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YktyVpZBRnjg0Bbiom4IrAAABIYAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YktyVpZBRnjg0Bbiom4IrAAABIYAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YktyVpZBRnjg0Bbiom4IrAAABIYAAAIB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D16c709670005682a%26uid%3D
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 22:34:02 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
WEKE4FNTCY4VWYG8AW5V
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 22:34:01 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
6GZHJMASDWY3Q0FN8HX4
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YktyVpZBRnjg0Bbiom4IrAAABIYAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame ED41
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D16c709670005682a%26uid%3D
Protocol
HTTP/1.1
Server
2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-85-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 22:34:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 04 Apr 2022 22:34:02 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
date
Mon, 04 Apr 2022 22:34:02 GMT
access-control-allow-credentials
true
x-powered-by
Express
content-length
0
vary
Origin
keep-alive
timeout=5
crum
dsum-sec.casalemedia.com/ Frame ED41
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D16c709670005682a%26uid%3D
Protocol
HTTP/1.1
Server
2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-85-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 22:34:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 04 Apr 2022 22:34:02 GMT

Redirect headers

date
Mon, 04 Apr 2022 22:34:02 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
um
u-ams02.e-planning.net/ Frame ED41 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=16c709670005682a&uid=YktyVpZBRnjg0Bbiom4IrAAA%261158
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D16c709670005682a%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:01 GMT
server
openresty
content-type
image/gif
mw
mwzeom.zeotap.com/ Frame 3401
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df2d...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=438f8644-d869-422d-69ee-936ab5554f2d&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=438f8644-d869-422d-69ee-936ab5554f2d&zdid=1361
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2Ff80a0650-9f32-4810-a791-ad2eb56e62d3%3Fuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:02 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6f6d8252db8b01fc-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=438f8644-d869-422d-69ee-936ab5554f2d&zdid=1361
date
Mon, 04 Apr 2022 22:34:02 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame 3401 		557 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=438f8644-d869-422d-69ee-936ab5554f2d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2f66dedb80bcab1bb1720527fd58ad2eb9b0b72f1c1a2080476cdaf165835f1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cf-ray
6f6d8251eaa601fc-ZRH
date
Mon, 04 Apr 2022 22:34:01 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
usync.js
eus.rubiconproject.com/ Frame F547 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b7781f6fa62c80c336671d895754a77ce8d0f5e9fe30e0b1f40d08c66261408b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 22:34:01 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=53415
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9541
Expires
Tue, 05 Apr 2022 13:24:16 GMT
cmp
spl.zeotap.com/ Frame 820A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
cf-cache-status
DYNAMIC
cf-ray
6f6d8251eaa801fc-ZRH
date
Mon, 04 Apr 2022 22:34:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
match
c1.adform.net/serving/cookie/ Frame C361
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=A1295F5F-02C9-4604-9366-45002358F767
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A1295F5F-02C9-4604-9366-45002358F767
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A1295F5F-02C9-4604-9366-45002358F767
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 04 Apr 2022 22:34:01 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Mon, 04 Apr 2022 22:34:01 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A1295F5F-02C9-4604-9366-45002358F767
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 13C7
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8031219224026110045
42 B
365 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8031219224026110045
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 04 Apr 2022 20:54:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
sfopug005:0:278

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8031219224026110045
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame E33A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:49d7624b-7259-4600-b959-966676ca4e53&gdpr=0&gdpr_consent=
42 B
499 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:49d7624b-7259-4600-b959-966676ca4e53&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 04 Apr 2022 22:34:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
amspug020:0:339

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 04 Apr 2022 22:34:02 GMT
Expires
Mon, 04 Apr 2022 22:34:01 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4320 2f2dfe5 master zrh-pixel-x15 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:49d7624b-7259-4600-b959-966676ca4e53&gdpr=0&gdpr_consent=
usersync.aspx
dis.criteo.com/dis/ Frame 9008 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Mon, 04 Apr 2022 22:34:01 GMT
expires
Mon, 04 Apr 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
877863
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame C208
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7082880565563226266
42 B
385 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7082880565563226266
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 04 Apr 2022 22:34:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
amspug019:0:581

Redirect headers

Connection
keep-alive
Date
Mon, 04 Apr 2022 22:34:01 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7082880565563226266
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 21C4
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YktyVgASWkuzKABH&gdpr=0&gdpr_consent=
1 B
551 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YktyVgASWkuzKABH&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 04 Apr 2022 17:57:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
amspug0025:0:436

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 04 Apr 2022 22:34:01 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YktyVgASWkuzKABH&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn4058-HHN
x-timer
S1649111642.923747,VS0,VE0
Pug
simage2.pubmatic.com/AdServer/ Frame 8E92
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
88 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 04 Apr 2022 22:34:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
amspug008:2:380

Redirect headers

content-length
0
date
Mon, 04 Apr 2022 22:34:01 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
server
_
redir
rtb-csync.smartadserver.com/ Frame 03F1
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDRFJFN0VsdVVBQURXZjJQWk1zUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACDRE7EluUAADWf2PZMsQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACDRE7EluUAADWf2PZMsQ&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACDRE7EluUAADWf2PZMsQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...
43 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACDRE7EluUAADWf2PZMsQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Apr 2022 22:34:02 GMT
transfer-encoding
chunked

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 04 Apr 2022 22:34:02 GMT
Server
nginx
location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACDRE7EluUAADWf2PZMsQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 98CF
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=upkfSp34RpVekGFYlSdXh8EbDiw
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=upkfSp34RpVekGFYlSdXh8EbDiw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 04 Apr 2022 22:34:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
amspug013:0:394

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Mon, 04 Apr 2022 22:34:02 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=upkfSp34RpVekGFYlSdXh8EbDiw
i.match
s.tribalfusion.com/z/ Frame 2B75
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
6f6d8253bddccc36-ZRH
content-length
43
content-type
image/gif; charset=utf-8
date
Mon, 04 Apr 2022 22:34:02 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
6f6d82526d11cc36-ZRH
content-type
text/html
date
Mon, 04 Apr 2022 22:34:02 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
13445
pub
matching.truffle.bid/sync/ Frame A216 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.212.181 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.181.212.90.157.clients.your-server.de
Software
nginx/1.19.10 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 04 Apr 2022 22:34:01 GMT
Server
nginx/1.19.10
Strict-Transport-Security
max-age=15768000
Pug
image2.pubmatic.com/AdServer/ Frame A368
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=L0pbRrn6WoIdFjOqnO0wYl7K
42 B
526 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=L0pbRrn6WoIdFjOqnO0wYl7K
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 04 Apr 2022 22:34:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
sfopug022:0:383

Redirect headers

content-length
0
date
Mon, 04 Apr 2022 22:34:01 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=L0pbRrn6WoIdFjOqnO0wYl7K
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server
openresty
strict-transport-security
max-age=0; includeSubDomains;
cookiesync
core.iprom.net/ Frame 6405 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Apr 2022 22:34:02 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-ab018f734942@version_1.406
X-core-time
1ms
X-server-arch
v2
bridge
cm.adgrx.com/ Frame F1C5 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Apr 2022 22:34:02 GMT
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Pragma
no-cache
X-RealServer-NX
ams-delivery-6
server
Cowboy
Pug
simage2.pubmatic.com/AdServer/ Frame 337D
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1649111641991
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
42 B
373 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 04 Apr 2022 22:34:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
amspug005:0:485

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Mon, 04 Apr 2022 22:34:02 GMT
etag
OPTOUT
expires
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
pragma
no-cache
server
Tengine
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame EAB7
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=e13032f3-b54a-4bfc-9747-64898995a261-tuct944f7d9&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
147 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=e13032f3-b54a-4bfc-9747-64898995a261-tuct944f7d9&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
content-length
0
date
Mon, 04 Apr 2022 22:34:02 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-cdg20740-CDG
x-timer
S1649111642.044240,VS0,VE10

Redirect headers

accept-ranges
bytes
content-length
0
date
Mon, 04 Apr 2022 22:34:01 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=e13032f3-b54a-4bfc-9747-64898995a261-tuct944f7d9&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mxp6955-MXP
x-timer
S1649111642.956278,VS0,VE26
x-vcl-time-ms
26
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C6D1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=oSlfXwLJRgSTZkUAI1j3Zw%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:01 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=46588
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Tue, 05 Apr 2022 11:30:29 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame C6D1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3797624b-7259-4900-8fa6-ad428780ffac
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3797624b-7259-4900-8fa6-ad428780ffac
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Server
204.237.133.121 West Chester, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:02 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 04 Apr 2022 22:34:02 GMT
Server
MT3 4320 2f2dfe5 master zrh-pixel-x2 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=3797624b-7259-4900-8fa6-ad428780ffac
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 04 Apr 2022 22:34:01 GMT
/
spl.zeotap.com/ Frame C6D1
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=A1295F5F-02C9-4604-9366-45002358F767
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=9c9ca445f1781765/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=fb9d6148be821578bfae6bf32c420898&gdpr=1
  • https://spl.zeotap.com/?zdid=1332&zcluid=9c9ca445f1781765
95 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spl.zeotap.com/?zdid=1332&zcluid=9c9ca445f1781765
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:02 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6f6d82531be601fc-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://spl.zeotap.com?zdid=1332&zcluid=9c9ca445f1781765
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame C6D1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTEyOTVGNUYtMDJDOS00NjA0LTkzNjYtNDUwMDIzNThGNzY3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 20:45:50 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug004:0:427
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C6D1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP6bgdj8lpnAkCt_8k4RpVg&google_cver=1
42 B
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP6bgdj8lpnAkCt_8k4RpVg&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 20:47:18 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug013:0:371
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEP6bgdj8lpnAkCt_8k4RpVg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame C6D1 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:02 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 03 Apr 2022 22:34:02 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C6D1
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2850510323904849933
42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2850510323904849933
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:00 GMT
cache-control
no-store, no-cache, private
x-lat
amspug007:0:410
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:01 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2850510323904849933
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame C6D1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b8eb005d-f98a-429e-9a28-2eca98b7a02c
42 B
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b8eb005d-f98a-429e-9a28-2eca98b7a02c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:01 GMT
cache-control
no-store, no-cache, private
x-lat
amspug001:0:449
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b8eb005d-f98a-429e-9a28-2eca98b7a02c
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame C6D1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4561750498577447606&gdpr=0&gdpr_consent=
42 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4561750498577447606&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 20:45:54 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug006:0:743
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 22:34:01 GMT
X-Proxy-Origin
193.27.14.44; 193.27.14.44; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
6aeb9654-79d8-4d3a-b6a1-18eb3f526876
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4561750498577447606&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C6D1
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=mRltB5gZbFyCTj9VnE50VZ0fa1OCHmtWmkjjryib
42 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=mRltB5gZbFyCTj9VnE50VZ0fa1OCHmtWmkjjryib
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 20:46:09 GMT
cache-control
no-store, no-cache, private
x-lat
sfopug009:0:288
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:01 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=mRltB5gZbFyCTj9VnE50VZ0fa1OCHmtWmkjjryib
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
A1295F5F-02C9-4604-9366-45002358F767
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame C6D1 		43 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/A1295F5F-02C9-4604-9366-45002358F767?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:8032:ea84:336c:262b Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:01 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame C6D1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A1295F5F-02C9-4604-9366-45002358F767&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-jn0INtBE2uVUwxHpclgMY8CrDXhRBq0-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-jn0INtBE2uVUwxHpclgMY8CrDXhRBq0-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Server
204.237.133.121 West Chester, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:02 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-jn0INtBE2uVUwxHpclgMY8CrDXhRBq0-~A&gdpr=0&gdpr_consent=
date
Mon, 04 Apr 2022 22:34:01 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame C6D1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=8fa858c4-3ead-4827-bd8e-a20205159fb9&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=5ed663ea-5abe-48df-880d-c778755a7e6a&expires=1&user_group=5&ssp=pubmatic&bsw_param=8fa858c4-3ead-4827-bd8e-a20205159fb9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8fa858c4-3ead-4827-bd8e-a20205159fb9&gdpr=&gdpr_consent=&gdpr_pd=
1 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8fa858c4-3ead-4827-bd8e-a20205159fb9&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:00 GMT
cache-control
no-store, no-cache, private
x-lat
amspug004:0:455
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8fa858c4-3ead-4827-bd8e-a20205159fb9&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 04 Apr 2022 22:34:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame C6D1
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:10650246-0073-4cdf-9532-df8e0198ae1c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:10650246-0073-4cdf-9532-df8e0198ae1c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:01 GMT
cache-control
no-store, no-cache, private
x-lat
amspug006:0:494
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:10650246-0073-4cdf-9532-df8e0198ae1c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 04 Apr 2022 22:34:02 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
current
pubmatic-match.dotomi.com/match/bounce/ Frame C6D1 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=A1295F5F-02C9-4604-9366-45002358F767&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:02 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame C6D1
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3527854499195768663&gdpr=0&gdpr_consent=&us_privacy=
1 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3527854499195768663&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:02 GMT
cache-control
no-store, no-cache, private
x-lat
amspug010:0:540
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3527854499195768663&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 04 Apr 2022 22:34:01 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame C6D1
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4561750498577447606
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4561750498577447606
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:00 GMT
cache-control
no-store, no-cache, private
x-lat
amspug006:0:335
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 22:34:02 GMT
X-Proxy-Origin
193.27.14.44; 193.27.14.44; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
1e2a3d31-d2b6-41d7-bd57-d545ed741940
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4561750498577447606
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame C6D1 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:01 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
khaos.jpg
token.rubiconproject.com/ Frame 546C 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame F547 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/jpg
cmp
spl.zeotap.com/ Frame 3401 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=438f8644-d869-422d-69ee-936ab5554f2d&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=438f8644-d869-422d-69ee-936ab5554f2d&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
cf-cache-status
DYNAMIC
cf-ray
6f6d82527b2c01fc-ZRH
date
Mon, 04 Apr 2022 22:34:02 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 546C 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame F547 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=insticator
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
Content-Type
image/gif
cc.js
tags.crwdcntrl.net/c/15238/ Frame 9FA3 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-33.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 14:00:33 GMT
content-encoding
gzip
etag
W/"2b2f816f40499d384e118ce88a266e02"
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
57640
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
-c2Baj19QY_3VT-nMNBmC6-JtKtCLVtSJFTbVOsi5J_P8CsmwvuJMg==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 305B 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2Ff80a0650-9f32-4810-a791-ad2eb56e62d3%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Mon, 04 Apr 2022 22:34:01 GMT
etag
W/"601b131c-27c"
expires
Sat, 03 Apr 2027 22:34:01 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
f80a0650-9f32-4810-a791-ad2eb56e62d3
ex.ingage.tech/v1/sync/eplanning/ Frame 73D2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/sync/eplanning/f80a0650-9f32-4810-a791-ad2eb56e62d3?uid=AG3ygzsXQd8IMMaA
Requested by
Host: sync.e-planning.net
URL: https://sync.e-planning.net/uspd/1/2b9d395f79fd97a5?ruidm=1&du=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Feplanning%2Ff80a0650-9f32-4810-a791-ad2eb56e62d3%3Fuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:efc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
cache-control
private, max-age=1296000
cf-cache-status
DYNAMIC
cf-ray
6f6d8253ecd60208-ZRH
date
Mon, 04 Apr 2022 22:34:02 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
GS.d
js.cookieless-data.com/ Frame 305B 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fsync.e-planning.net%2F&s=&rand=1649111641576
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.29.13 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-29-13.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 22:34:02 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1649108575106.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1649108659/ 		194 KB
195 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1649108659/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1649108575106.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.227 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-227.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
0e9988f428e27ca356fb935ee647c9010c5aafac1b0bddd6fa9757270b8e5e04

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Range
bytes=885104-1084007

Response headers

Date
Mon, 04 Apr 2022 22:34:02 GMT
Cache-Tag
324835619679708949136499145517287357224,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 885104-1084007/1467716
Connection
keep-alive
Content-Length
198904
X-Served-By
cache-iad-kjyo7100114-IAD
Last-Modified
Mon, 04 Apr 2022 21:44:26 GMT
Server
cloudinary
X-Timer
S1649108674.014251,VS0,VE81
ETag
"1955ffb25d705ebaf038446064a55d7b"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31554545
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
ptrack
a.audrte.com/ Frame 9FA3 		368 B
878 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=193.27.14.44&p=M1353665098&artime=2022-04-04T22:34:01.742Z&arlocation=c3luYy5lLXBsYW5uaW5nLm5ldC91c3BkLzEvMmI5ZDM5NWY3OWZkOTdhNT9ydWlkbT0xJmR1PWh0dHBzJTNBJTJGJTJGZXguaW5nYWdlLnRlY2glMkZ2MSUyRnN5bmMlMkZlcGxhbm5pbmclMkZmODBhMDY1MC05ZjMyLTQ4MTAtYTc5MS1hZDJlYjU2ZTYyZDMlM0Z1aWQlM0QlMjRVSUQ=&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=dGhldHJ1ZWRlZmVuZGVyLmNvbS8=
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.116.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-116-73.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
ebcc4bc4a44b563fe22be877da599d09f4901392b2359ec506b9ca3818a6d313

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 22:34:02 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://sync.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
263
pixel
ps.eyeota.net/ Frame 9FA3 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=i8iUHl2WaFrQEaNZwn15KSX5g&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 22:34:02 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
p
a.audrte.com/ Frame 9FA3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=i8iUHl2WaFrQEaNZwn15KSX5g&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=i8iUHl2WaFrQEaNZwn15KSX5g&gdpr=0&gdpr_consent=&google_gid=CAESEKOMSxdoBTQJwhu3v-_izEw&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
3.228.116.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-116-73.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 22:34:02 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 04 Apr 2022 22:34:02 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
match
ps.eyeota.net/ Frame 9FA3
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=4878786587521698097
  • https://ps.eyeota.net/match?bid=kh51m51&uid=i8iUHl2WaFrQEaNZwn15KSX5g&gdpr=0&gdpr_consent=
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=kh51m51&uid=i8iUHl2WaFrQEaNZwn15KSX5g&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 22:34:02 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date
Mon, 04 Apr 2022 22:34:02 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://ps.eyeota.net/match?bid=kh51m51&uid=i8iUHl2WaFrQEaNZwn15KSX5g&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
async_usersync
ib.adnxs.com/ Frame 292D 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Apr 2022 22:34:02 GMT
X-Proxy-Origin
193.27.14.44; 193.27.14.44; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c5ee36f3-bc1d-4eb3-9b4b-feb206934377
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=thetruedefender.com&rs=thetruedefender.com&sid=89358&t=1649111638&cip=193.27.14.44&sn=&tgt=0&osv=10&bv=100.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1649111638245-943256073884-007731-002-005079&cha=0.7&stagid=&stplid=&d35=&d36=6.2.13&cb=74451309230&cd1=4.140.1&cd4=b680fb33-af8e-4157-b5e7-599c87bdb8df&cd5=default&d9=1000&d37=realtime&AV_WIDTH=410&AV_HEIGHT=231
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.223.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-223-127.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 04 Apr 2022 22:34:03 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
SPug
simage4.pubmatic.com/AdServer/ Frame C6D1 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=95054&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.24 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:04 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame F1A5 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=57351373&p=158901&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
80ce0978d5b7d3d3f109957556f3cc8d8b8a6dc5e139b91c2141b25c5c449210

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
2014
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame 023F
Redirect Chain
  • https://docker.creative-serving.com/cm?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=${UUID}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=e1dc98df-a0a4-40e0-b408-39c25eff58bc
42 B
192 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=e1dc98df-a0a4-40e0-b408-39c25eff58bc
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 04 Apr 2022 22:34:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
amspug012:0:313

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Mon, 04 Apr 2022 22:34:04 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=e1dc98df-a0a4-40e0-b408-39c25eff58bc
141
match.deepintent.com/usersync/ Frame EE10 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 -, , ASN (),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-length
0
date
Mon, 04 Apr 2022 22:34:04 GMT
server
c
usersync
match.bnmla.com/ Frame 623B 		0
112 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.126 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Date
Mon, 04 Apr 2022 22:34:04 GMT
Server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame B5EE
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:RMGDpqcX1NBvgU5&gdpr=0&gdpr_consent=
42 B
367 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:RMGDpqcX1NBvgU5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 04 Apr 2022 22:34:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
amspug006:0:355

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Mon, 04 Apr 2022 22:34:04 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:RMGDpqcX1NBvgU5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-022b0454a7aa0bd60@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame E591
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2EF48AF89C9F4EFB80BC582F12D1AA59
1 B
146 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2EF48AF89C9F4EFB80BC582F12D1AA59
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158901
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 04 Apr 2022 15:33:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
amspug0024:0:354

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
138
content-type
text/html
date
Mon, 04 Apr 2022 22:34:04 GMT
expires
Sun, 03 Apr 2022 22:34:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2EF48AF89C9F4EFB80BC582F12D1AA59
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Artemis
aud.pubmatic.com/AdServer/ Frame F1A5
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A1295F5F-02C9-4604-9366-45002358F767&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=A1295F5F-02C9-4604-9366-45002358F767&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=A1295F5F-02C9-4604-9366-45002358F767&addseg=19,36,42
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=A1295F5F-02C9-4604-9366-45002358F767&addseg=19,36,42
Protocol
H2
Server
185.64.190.87 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Redirect headers

date
Mon, 04 Apr 2022 22:34:04 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=A1295F5F-02C9-4604-9366-45002358F767&addseg=19,36,42
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame F1A5
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=A1295F5F-02C9-4604-9366-45002358F767&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A1295F5F-02C9-4604-9366-45002358F767&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=A1295F5F-02C9-4604-9366-45002358F767&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.60.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:04 GMT
frontend-id
13
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:04 GMT
frontend-id
4
location
/pubmatic/1/info2?sType=sync&sExtCookieId=A1295F5F-02C9-4604-9366-45002358F767&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame F1A5 		95 B
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=A1295F5F-02C9-4604-9366-45002358F767
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:04 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6f6d8261aa2101fc-ZRH
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame F1A5
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=A1295F5F-02C9-4604-9366-45002358F767
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
3.228.116.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-116-73.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 22:34:04 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 04 Apr 2022 22:34:04 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
d1ba4609
rtb.gumgum.com/getuid/ Frame F1A5 		35 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.167.98 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:04 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame F1A5
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=555975eb-b467-11ec-8565-0101009ce73f&gdpr=0&gdpr_consent=
1 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=555975eb-b467-11ec-8565-0101009ce73f&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 15:34:25 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0027:0:451
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=555975eb-b467-11ec-8565-0101009ce73f&gdpr=0&gdpr_consent=
Date
Mon, 04 Apr 2022 22:34:04 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
555975ec-b467-11ec-8565-0101009ce73f
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=thetruedefender.com&rs=thetruedefender.com&sid=89358&t=1649111638&cip=193.27.14.44&sn=&tgt=0&osv=10&bv=100.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1649111638245-943256073884-007731-002-005079&cha=0.7&stagid=&stplid=&d35=&d36=6.2.13&cb=74451309230&cd1=4.140.1&cd4=b680fb33-af8e-4157-b5e7-599c87bdb8df&cd5=default&d9=1000&d37=realtime&AV_WIDTH=410&AV_HEIGHT=231&nid=56ea678d181f46c76f8b45fb&ncid=6194c0f876cae755cd2701fa&e=request&cb=1649111643770&asid=5fbe5add3443ef680f0480d7%2C604e0c8861e0794a7a3b232a%2C5fbe5d4370a94c4b696b7ccc%2C604e0bb1f199b154cc115338%2C60ebfe86a4a7792110515aa4%2C60ebfe94ebe867570438e997%2C5e1b272e28a06142643c20cd%2C61129c5f0e70e663bd7c5b71%2C60c60c3b1731ed2b383f0908%2C5f8c4fcaf3eefc7b4d24fc09%2C5fa2711a54dbb238c9289f7d%2C5fbe1a1fd09dbe29472667bb%2C5ee3d57071193a26344a4076%2C59f5f23628a0612040036b8f&ofpr=%2C2%2C2.8%2C2%2C%2C%2C2.25%2C%2C%2C%2C2%2C4%2C%2C3&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.223.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-223-127.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:04 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
vast2
tag.targeting.unrulymedia.com/rmp/216513/0/ 		168 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/216513/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&w=410&h=231&cbb=9111643768
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Utrecht, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:04 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://thetruedefender.com
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
vast2
tag.targeting.unrulymedia.com/rmp/236691/0/ 		168 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/236691/0/vast2?adtype=video&compMode=and&dim=101&z=1r&url=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&w=410&h=231&cbb=9111643769
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Utrecht, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:04 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://thetruedefender.com
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
vast2
tag.targeting.unrulymedia.com/rmp/234705/0/ 		168 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.targeting.unrulymedia.com/rmp/234705/0/vast2?adtype=video&compMode=and&dim=101&vastfw=vpaid&z=1r&url=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&w=410&h=231&cbb=9111643769
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Utrecht, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:04 GMT
server
Tengine
content-type
application/xml
access-control-allow-origin
https://thetruedefender.com
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
168
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Mon, 04 Apr 2022 22:34:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
mvo
tag.1rx.io/rmp/203144/0/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/203144/0/mvo?z=1r&hbv=6.15,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Utrecht, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
pragma
no-cache
date
Mon, 04 Apr 2022 22:34:04 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Mon, 04 Apr 2022 22:34:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
auction
prebid-server.rubiconproject.com/openrtb2/ 		187 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.37.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-37-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
025fb1d74b3f7cdeba6f4e8820c8983f15ff10e17e2d902e153ee338b5400d90

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:04 GMT
content-encoding
gzip
x-prebid
pbs-java/1.85.0
content-type
application/json
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.37.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-37-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb368d75697693a54b8b1c08d99819cb17875248d18d582d0a4598ffd7bfaf69

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:04 GMT
content-encoding
gzip
x-prebid
pbs-java/1.85.0
content-type
application/json
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
mvo
tag.1rx.io/rmp/216551/0/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/216551/0/mvo?z=1r&hbv=6.15,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Utrecht, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
pragma
no-cache
date
Mon, 04 Apr 2022 22:34:04 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
auction
prebid-server.rubiconproject.com/openrtb2/ 		187 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.37.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-37-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
25b28f56eb83b2d202a51f58676e668a72044030f51eb691bd652b41c34299ff

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:04 GMT
content-encoding
gzip
x-prebid
pbs-java/1.85.0
content-type
application/json
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=thetruedefender.com&rs=thetruedefender.com&sid=89358&t=1649111638&cip=193.27.14.44&sn=&tgt=0&osv=10&bv=100.0&brn=Chrome&wi=679&he=383&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1649111638245-943256073884-007731-002-005079&cha=0.7&stagid=&stplid=&d35=&d36=6.2.13&cb=74451309230&cd1=4.140.1&cd4=b680fb33-af8e-4157-b5e7-599c87bdb8df&cd5=default&d9=1000&d37=realtime&AV_WIDTH=410&AV_HEIGHT=231&nid=56ea678d181f46c76f8b45fb&ncid=6194c0f876cae755cd2701fa&e=bid&cb=1649111643829&asid=60ebfe86a4a7792110515aa4%2C60ebfe94ebe867570438e997%2C5f8c4fcaf3eefc7b4d24fc09%2C5ee3d57071193a26344a4076&ofpr=%2C%2C%2C&fpo=%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.223.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-223-127.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:04 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
bridge3.509.0_en.html
imasdk.googleapis.com/js/core/ Frame D1A0 		632 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.509.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d78fa11d49d6f5896519ee387440209a4ad363f68a816146c03b732b3fd45809
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
244425
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209648
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 02 Apr 2022 02:40:19 GMT
expires
Sun, 02 Apr 2023 02:40:19 GMT
last-modified
Sat, 02 Apr 2022 02:33:22 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame C41E 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=thetruedefender.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Apr 2022 22:34:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.509.0_en.html
imasdk.googleapis.com/js/core/ Frame 58A1 		632 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.509.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d78fa11d49d6f5896519ee387440209a4ad363f68a816146c03b732b3fd45809
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
244425
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209648
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 02 Apr 2022 02:40:19 GMT
expires
Sun, 02 Apr 2023 02:40:19 GMT
last-modified
Sat, 02 Apr 2022 02:33:22 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.509.0_en.html
imasdk.googleapis.com/js/core/ Frame 36FA 		632 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.509.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d78fa11d49d6f5896519ee387440209a4ad363f68a816146c03b732b3fd45809
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
244425
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209648
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 02 Apr 2022 02:40:19 GMT
expires
Sun, 02 Apr 2023 02:40:19 GMT
last-modified
Sat, 02 Apr 2022 02:33:22 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.509.0_en.html
imasdk.googleapis.com/js/core/ Frame C6C7 		632 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.509.0_en.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d78fa11d49d6f5896519ee387440209a4ad363f68a816146c03b732b3fd45809
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
244425
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209648
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 02 Apr 2022 02:40:19 GMT
expires
Sun, 02 Apr 2023 02:40:19 GMT
last-modified
Sat, 02 Apr 2022 02:33:22 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E3AD 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 21:52:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2512
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 04 Apr 2022 22:52:12 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame AEF4 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 21:52:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2512
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 04 Apr 2022 22:52:12 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 30EC 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 21:52:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2512
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 04 Apr 2022 22:52:12 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D56C 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 21:52:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2512
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 04 Apr 2022 22:52:12 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame D1A0 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_450&description_url=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4266258146068106&sdkv=h.3.509.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=870912817&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.509.0&sid=7111778E-CB36-4027-9C34-B5467C9DC30E&nel=0&eid=44726389%2C44758348%2C44761692&url=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&dt=1649111644553&cookie_enabled=1&scor=3100839761288903&ged=ve4_td8_tt6_pd8_la8000_er954.1175.1106.1475_vi0.0.1200.1600_vp100_ts6_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.509.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 9B18 		289 B
575 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=5018104&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D16c709670005682a%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
41d4336e64b3cb39314befe13ba0192edd55cc2e05f76d731f1b9dd2a3f9f8ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
289
content-type
text/html; charset=UTF-8
ads
pubads.g.doubleclick.net/gampad/ Frame 58A1 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_3&description_url=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1093283704999172&sdkv=h.3.509.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=3422057204&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.509.0&sid=7111778E-CB36-4027-9C34-B5467C9DC30E&nel=0&eid=44726389%2C44758348%2C44761692&url=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&dt=1649111644570&cookie_enabled=1&scor=125742357512180&ged=ve4_td8_tt6_pd8_la8000_er954.1175.1106.1475_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.509.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
rt=ifr
bcp.crwdcntrl.net/5/c=15238/rand=238291225/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20thetruedefender.com/ Frame 560C 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/c=15238/rand=238291225/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20thetruedefender.com/rt=ifr
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
afb5e4dca79ff517355b0b56979b43e4fc6461ccdafb1e46fa3b2f5a2a587a57

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-length
1180
content-type
text/html;charset=utf-8
date
Mon, 04 Apr 2022 22:34:05 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.45.15.192
ads
pubads.g.doubleclick.net/gampad/ Frame 36FA 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3074662218715195&sdkv=h.3.509.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=2771103655&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.509.0&sid=7111778E-CB36-4027-9C34-B5467C9DC30E&nel=0&eid=44726389%2C44758348%2C44761692&url=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&dt=1649111644584&cookie_enabled=1&scor=3744220674928840&ged=ve4_td8_tt6_pd8_la8000_er954.1175.1106.1475_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.509.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame C6C7 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1234840083440752&sdkv=h.3.509.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=3669612853&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.509.0&sid=7111778E-CB36-4027-9C34-B5467C9DC30E&nel=0&eid=44726389%2C44758348%2C44761692&url=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&dt=1649111644592&cookie_enabled=1&scor=537507045502369&ged=ve4_td8_tt6_pd8_la8000_er954.1175.1106.1475_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.509.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 560C 		0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=fb9d6148be821578bfae6bf32c420898
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=238291225/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20thetruedefender.com/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.247.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-247-247.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:05 GMT
cache-control
private, no-cache, no-store
x-request-time
D=26 t=1649111645
x-served-by
beacon-n013-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
gdpr=1
sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3527854499195768663/ Frame 560C
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/fb9d6148be821578bfae6bf32c420898/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=1
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3527854499195768663/gdpr=1
49 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3527854499195768663/gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=238291225/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20thetruedefender.com/rt=ifr
Protocol
H2
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:05 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
expires
0
cache-control
no-cache
x-server
10.45.18.128
content-type
image/gif
content-length
49
x-consent
absent

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3527854499195768663/gdpr=1
pragma
no-cache
date
Mon, 04 Apr 2022 22:34:04 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 560C 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZmI5ZDYxNDhiZTgyMTU3OGJmYWU2YmYzMmM0MjA4OTg&gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=238291225/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20thetruedefender.com/rt=ifr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
image.sbxx
global.ib-ibi.com/ Frame 560C 		0
0
tpid=dd6f97d6-002e-46f5-ba40-ab50e5822bd9
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 560C
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=fb9d6148be821578bfae6bf32c420898&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=dd6f97d6-002e-46f5-ba40-ab50e5822bd9
49 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=dd6f97d6-002e-46f5-ba40-ab50e5822bd9
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=238291225/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20thetruedefender.com/rt=ifr
Protocol
H2
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:05 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
expires
0
cache-control
no-cache
x-server
10.45.18.60
content-type
image/gif
content-length
49
x-consent
absent

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=dd6f97d6-002e-46f5-ba40-ab50e5822bd9
date
Mon, 04 Apr 2022 22:34:05 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
5907
tags.bluekai.com/site/ Frame 560C 		62 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=56468597a14e9cdff3bd0d3219047440
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=238291225/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23sync.e-planning.net%20%3A%20Referral%20Site%20%3A%20thetruedefender.com/rt=ifr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 22:34:05 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif
um
u-ams02.e-planning.net/ Frame AF5F 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=16c709670005682a&uid=A1295F5F-02C9-4604-9366-45002358F767
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D16c709670005682a%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Apr 2022 22:34:05 GMT
server
openresty
ids
idsync.frontend.weborama.fr/ Frame 9B18
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=A1295F5F-02C9-4604-9366-45002358F767
0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=A1295F5F-02C9-4604-9366-45002358F767
Protocol
H3
Server
35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
244.81.201.35.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:05 GMT
via
1.1 google
last-modified
Mon, 04 Apr 2022 22:34:05 GMT
server
nginx/1.18.0
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=A1295F5F-02C9-4604-9366-45002358F767
date
Mon, 04 Apr 2022 22:34:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
qmap
sync.crwdcntrl.net/ Frame 9B18 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=A1295F5F-02C9-4604-9366-45002358F767&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 22:34:05 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.5.187
content-type
image/gif
content-length
49
expires
0
events
prd-collector-anon.ex.co/main/ 		0
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/423b852b-1cd6-42bd-81f0-833a4582bb9d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.78.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-78-200.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Mon, 04 Apr 2022 22:34:05 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
track
atrack.avplayer.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=playerLoaded&cb=1649111645114&cid=6194c0f876cae755cd2701fa&VERSION=4.140.1&AV_PAGE_LOAD_UID=b680fb33-af8e-4157-b5e7-599c87bdb8df&AV_CDIM4=b680fb33-af8e-4157-b5e7-599c87bdb8df&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=default&AV_CDIM5=default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.223.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-223-127.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:05 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
c.mgid.com/vs/ 		43 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/vs/?tid=601&iid=1229463&e=load&o=%7B%22timeOffset%22%3A0%2C%22adPlayer%22%3Anull%2C%22uuid%22%3A%2250b7a9cc-b467-11ec-82a0-e43d1a2a04aa%22%2C%22subId%22%3A0%2C%22sticky%22%3A0%2C%22viewable%22%3A0%2C%22tt%22%3A%22Direct%22%7D&t=0&c=10608&h=iqGdYZxjM4NKi_E0HBnk8m_MHmXami5An1IhDh5LtfwGXIZW8C60B5tFCvTbsrSj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 22:34:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6f6d826a3f5f693a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
mgPlayer_v2_sprite.svg
video-native.mgid.com/mgPlayer/img/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video-native.mgid.com/mgPlayer/img/mgPlayer_v2_sprite.svg
Requested by
Host: video-native.mgid.com
URL: https://video-native.mgid.com/mgPlayer/css/1.11/performance.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e59c0f735471d90ea02234c6d94ee8fb9033ddd50f3f6b50ecf238dba336b842

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://video-native.mgid.com/mgPlayer/css/1.11/performance.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-id
fr5-up-gc34
date
Mon, 04 Apr 2022 22:34:05 GMT
content-encoding
gzip
last-modified
Wed, 07 Jul 2021 14:37:30 GMT
server
nginx
etag
"c1c-5c6897a74212b-gzip"
vary
Accept-Encoding
x-cached-since
2022-02-02T12:01:14+00:00
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=290304000, public
cache
HIT
accept-ranges
bytes
content-length
1154
expires
Thu, 02 Feb 2023 12:01:14 GMT
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1649108575106.jpg
mcd.ex.co/video/upload/so_4/v1490095101/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcd.ex.co/video/upload/so_4/v1490095101/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1649108575106.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.227 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-227.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
5897f0e4f0de03a50a32f596ca98c3c9bfb2ee257ef007db3124546b05a1cdff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 22:34:05 GMT
Cache-Tag
324835619679708949136499145517287357224,500985839247587350039760902055362878337,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
24819
X-Served-By
cache-iad-kiad7000053-IAD
Last-Modified
Mon, 04 Apr 2022 21:44:28 GMT
Server
cloudinary
X-Timer
S1649108673.872021,VS0,VE1
ETag
"54f18f2fe8d4a8bc8c9dcbe15764cc4c"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31554603
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1649108575106.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1649108659/ 		113 KB
114 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1649108659/landscapeae8b4d30-b458-4b4a-886f-79299b48dc17_1649108575106.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.227 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-227.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
da9caffab89bae2574218d0f5e407391ffc56d83c4d5fc07833ae6b18b697215

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Range
bytes=1084008-1200003

Response headers

Date
Mon, 04 Apr 2022 22:34:06 GMT
Cache-Tag
324835619679708949136499145517287357224,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 1084008-1200003/1467716
Connection
keep-alive
Content-Length
115996
X-Served-By
cache-iad-kjyo7100114-IAD
Last-Modified
Mon, 04 Apr 2022 21:44:26 GMT
Server
cloudinary
X-Timer
S1649108674.014251,VS0,VE81
ETag
"1955ffb25d705ebaf038446064a55d7b"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31554541
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
SPug
simage4.pubmatic.com/AdServer/ Frame F1A5 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dashboard.insticator.com
URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Domain
dashboard.insticator.com
URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Domain
dashboard.insticator.com
URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Domain
dashboard.insticator.com
URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Domain
dashboard.insticator.com
URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Domain
dashboard.insticator.com
URL
https://dashboard.insticator.com/embeds/backfillad?dimension=300x250&siteURL=thetruedefender.com
Domain
global.ib-ibi.com
URL
https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=fb9d6148be821578bfae6bf32c420898
Domain
simage4.pubmatic.com
URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158901&gdpr=0&gdpr_consent=&us_privacy=

Verdicts & Comments Add Verdict or Comment

268 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| tieSkin object| html string| htmlSkin undefined| tieSkinInverted string| em_version boolean| em_track_user string| em_no_track_reason object| disableStrs function| __gtagTrackerIsOptedOut undefined| index function| __gtagTrackerOptout function| gaOptout function| __gtagDataLayer function| __gtagTracker object| dataLayer object| ExactMetricsDualTracker function| gtag function| __gaTracker object| _wpemojiSettings object| twemoji object| wp object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| exactmetrics_frontend object| gaplugins object| gaGlobal object| gaData function| ExactMetrics object| ExactMetricsObject undefined| $ function| jQuery object| FullworksAntiSpamFELO object| Insticator object| header boolean| mnIsDark boolean| tnIsDark object| ldAdInit boolean| jQueryScriptOutputted function| initJQuery object| _peq object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate function| sprintf function| vsprintf object| JetpackInstantSearchOptions object| webpackChunkwebpack object| wpcom object| _tkq object| _stq object| _ldStickyConfig object| InsticatorXmess function| lightboxjs function| lightboxlib object| jetpackLazyImagesL10n object| tie function| tieFlexMenu function| tieLazyLoad function| tieTabs function| tie_animate_element function| tie_animate_reviews object| $doc object| $window object| $html object| $body object| $themeHeader object| $mainNav object| $container boolean| is_RTL number| intialWidth boolean| isDuringAjax boolean| scrollBarWidth boolean| mobileMenu object| emergence object| browserPrefixes boolean| is_boxed_layout boolean| megaMenuAjax object| Modernizr function| TieSticky object| $the_post object| $postContent object| addComment function| loadCSS string| c object| _peSd object| _peD object| _peE object| _pe object| jeengConfig object| core function| __extends function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __values function| __read function| __spread function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault object| jeeng function| st_go function| linktracker_init object| _ldAdIdMap object| php_js number| distance number| time object| animationAction object| $jscomp function| $jscomp$lookupPolyfilledValue object| InsticatorApp string| insticatorHeaderCodeVersion object| googletag object| instBid object| ads_list object| embeds_list boolean| isPageviewSent object| federatedObj boolean| insticatorIframeLoaded object| confiant object| _mgIntExchangeNews object| MarketGidInfC1229983 function| MarketGidCContextBlock1229983 function| MarketGidCMainBlock1229983 function| MarketGidCInternalExchangeBlock1229983 function| MarketGidCRejectBlock1229983 function| MarketGidCInternalExchangeLoggerBlock1229983 function| MarketGidCObserverBlock1229983 function| MarketGidCSendDimensionsBlock1229983 function| MarketGidCRtbBlock1229983 function| MarketGidCIframeSizeChangerBlock1229983 function| MarketGidCContentPreviewBlock1229983 function| MarketGidCResponsiveBlock1229983 boolean| mg_loaded_674711_1229983 boolean| _ldStickyRendered object| MarketGidInfC1229464 function| MarketGidCContextBlock1229464 function| MarketGidCMainBlock1229464 function| MarketGidCInternalExchangeBlock1229464 function| MarketGidCRejectBlock1229464 function| MarketGidCInternalExchangeLoggerBlock1229464 function| MarketGidCObserverBlock1229464 function| MarketGidCSendDimensionsBlock1229464 function| MarketGidCRtbBlock1229464 function| MarketGidCIframeSizeChangerBlock1229464 function| MarketGidCContentPreviewBlock1229464 function| MarketGidCResponsiveBlock1229464 boolean| mg_loaded_674711_1229464 object| _mgq object| MarketGidInfC1229463 function| MarketGidCContextBlock1229463 function| MarketGidCMainBlock1229463 function| MarketGidCInternalExchangeBlock1229463 function| MarketGidCRejectBlock1229463 function| MarketGidCInternalExchangeLoggerBlock1229463 function| MarketGidCObserverBlock1229463 function| MarketGidCSendDimensionsBlock1229463 function| MarketGidCRtbBlock1229463 function| MarketGidCDiscountBlock1229463 function| MarketGidCIframeSizeChangerBlock1229463 function| MarketGidCContentPreviewBlock1229463 boolean| mg_loaded_674711_1229463 function| _mgLib1_11_89 function| _mgwqp boolean| isCommentingRequested function| instBidChunk object| _pbjsGlobals object| DIGIOH_API object| LIGHTBOX_API boolean| SENT_LIGHTBOX_PV undefined| jQuery17106533203934874858_1649111635288 object| InsticatorCommenting object| $SO function| owpbjsChunk object| owpbjs object| PWT string| partnerName string| key object| __connect object| jQuery17106533203934874858 object| onClickExcludes function| mgReject1229983 function| mgLoadAds1229983_0505f function| MarketGidCReject1229983 function| MarketGidLoadGoods1229983_0505f function| mgReject1229464 function| mgLoadAds1229464_177e8 function| MarketGidCReject1229464 function| MarketGidLoadGoods1229464_177e8 function| mgReject1229463 function| mgLoadAds1229463_0cb38 function| MarketGidCReject1229463 function| MarketGidLoadGoods1229463_0cb38 function| _mgqp number| _mgqt number| _mgqi boolean| MarketGidCSvsdsFlag string| _mgCanonicalUri boolean| _mgPageViewEndPoint674711 string| _mgPvid boolean| _mgPageView674711 boolean| i.js.loaded boolean| i-noref.js.loaded object| com object| STREAM_CONFIGS string| STREAM_ID string| __EXCO_INTEGRATION_TYPE function| _avcp object| __EXCO string| pbPageIdentifier function| Hls object| ats function| av_sciv_hndlr1649111637285 object| storageAni object| ggeac object| google_js_reporting_queue number| google_global_correlator undefined| google_measure_js_timing object| closure_lm_363090

121 Cookies

Domain/Path Name / Value
thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual Name: exco-uid
Value: 591rde8100nps6lq
thetruedefender.com/ Name: PHPSESSID
Value: 24b7d647de02f360e384aff4e4f3ca6d
.thetruedefender.com/ Name: _ga
Value: GA1.2.887997127.1649111635
.thetruedefender.com/ Name: _gid
Value: GA1.2.353712049.1649111635
.thetruedefender.com/ Name: _gat_gtag_UA_186892928_1
Value: 1
.mgid.com/ Name: __cf_bm
Value: TEgbQ.vUlAXJTqtkyRgK._6bQ7nCp1LHVpml6FWf5Bo-1649111635-0-AakjHZ1p7W44NsG54Qnymjz4M1P7OoRE9kFeUCDH4c1zXH0BsE5kFI0bZmk1AyL54JlAXcJvUbvaNgbOlDfYeCY=
.thetruedefender.com/ Name: InstiSession
Value: eyJpZCI6IjdiZGQyNDYzLTg5NDMtNDAzMS05Y2E0LWUyYjQ1NDVkZGI3MSIsInJlZmVycmVyIjoiIiwiY2FtcGFpZ24iOnsic291cmNlIjpudWxsLCJtZWRpdW0iOm51bGwsImNhbXBhaWduIjpudWxsLCJ0ZXJtIjpudWxsLCJjb250ZW50IjpudWxsfX0=
thetruedefender.com/ Name: plsVisitorGeo
Value: DE
thetruedefender.com/ Name: plsVisitorCity
Value: Hessen
thetruedefender.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
thetruedefender.com/ Name: hb_insticator_uid
Value: f80a0650-9f32-4810-a791-ad2eb56e62d3
thetruedefender.com/ Name: ucf_uid
Value: a6d1eea6-c987-4a3f-ad57-d462b8d19818
ads.us.e-planning.net/ Name: CT
Value: 1
.go.sonobi.com/ Name: HAPLB5A
Value: s56128|YktyV
.thetruedefender.com/ Name: tk_ai
Value: j%2Bg%2BkQLiX62csxD38Oty7DPI
.e-planning.net/ Name: E
Value: AG3ygzsXQd8IMMaA
.adnxs.com/ Name: icu
Value: ChgIgdR8EAoYASABKAEw1OStkgY4AUABSAEQ1OStkgYYAA..
.adnxs.com/ Name: uuid2
Value: 4561750498577447606
prebid.a-mo.net/ Name: __amc
Value: 1_1649111636_1649111636
.aralego.com/ Name: sspid
Value: a6d1eea6-c987-4a3f-ad57-d462b8d19818
.thetruedefender.com/ Name: _pubcid
Value: 5c4b491b-f8d3-4cb5-87a2-4d26bbc7cf9c
.thetruedefender.com/ Name: _gat_Insticator_Embed_v4
Value: 1
thetruedefender.com/ Name: cto_bidid
Value: PMRgWF9IWEZDWFl2cUpKQVpxTFhiUFJMMmZsNG0lMkZuZ01nbSUyRkFyMVVxNU52Zlh6aEdlTDVZVXNEQU5IUnV1JTJGTjB3VUowUjdOdXBPalBpdVNNMXlxMjNLYTZ1dyUzRCUzRA
thetruedefender.com/ Name: cto_bundle
Value: ui71LF9iRlp1Z1pDQ1pyUm0lMkJaUGlxOExzUm00YmxBa2tmM28wUHFxWTVkWkNEVklOSFR4OUl6bjNJYUtlb0dxNXBlM09Qb2lCcmtBU09hJTJGa09FJTJGZmIzVXVyMGJLYTJsdmxzeWVnYUNIcGxVcmh4c2hRWFcxMmhuJTJGZ21JQlFKRllNTXRR
thetruedefender.com/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%7D%2C%22C1229983%22%3A%7B%22page%22%3A1%2C%22time%22%3A1649111636447%7D%2C%22C1229464%22%3A%7B%22page%22%3A1%2C%22time%22%3A1649111636440%7D%2C%22C1229463%22%3A%7B%22page%22%3A1%2C%22time%22%3A1649111636545%7D%7D
thetruedefender.com/ Name: _lr_geo_location
Value: DE
.aniview.com/ Name: aniC
Value: 1649111638245-943256073884-007731-002-005079
thetruedefender.com/ Name: _lr_retry_request
Value: true
thetruedefender.com/ Name: _lr_env_src_ats
Value: false
.casalemedia.com/ Name: CMID
Value: YktyVpZBRnjg0Bbiom4IrAAA
.casalemedia.com/ Name: CMPS
Value: 3238
.adsrvr.org/ Name: TDID
Value: b8eb005d-f98a-429e-9a28-2eca98b7a02c
thetruedefender.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22b8eb005d-f98a-429e-9a28-2eca98b7a02c%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-04-04T22%3A33%3A58%22%7D
.thetruedefender.com/ Name: panoramaId_expiry
Value: 1649198038555
.casalemedia.com/ Name: CMPRO
Value: 1158
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YktyVgASWkuzKABH
.doubleclick.net/ Name: IDE
Value: AHWqTUnA9SU9qyYsX_3_S_5k3uouwUlvAbrLusqPb1CfkG1O6LStUsOhQTYJ2QlOl5M
.aniview.com/ Name: 2_C_42
Value: YktyVpZBRnjg0Bbiom4IrAAA&1158
sync.aniview.com/ Name: 2_C_42
Value: YktyVpZBRnjg0Bbiom4IrAAA&1158
.bidr.io/ Name: bito
Value: AACDRE7EluUAADWf2PZMsQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.owneriq.net/ Name: si
Value: Q7023980391279563944
.owneriq.net/ Name: p2
Value: cc
live.instiengage.com/ Name: route
Value: 51e07c8bbacfa25d5f2b01157d482196|bc2e8509d1108493c0fbabaa9aff431f
.bidswitch.net/ Name: tuuid
Value: 8fa858c4-3ead-4827-bd8e-a20205159fb9
.bidswitch.net/ Name: c
Value: 1649111641
.bidswitch.net/ Name: tuuid_lu
Value: 1649111641
.zeotap.com/ Name: zc
Value: f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2
.a-mo.net/ Name: amuid2
Value: eefe903e-f547-4e12-b160-93eb795c363e
ex.ingage.tech/ Name: instUid
Value: f80a0650-9f32-4810-a791-ad2eb56e62d3
.pubmatic.com/ Name: KADUSERCOOKIE
Value: A1295F5F-02C9-4604-9366-45002358F767
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 95054:2
.pubmatic.com/ Name: DPSync3
Value: 1650240000%3A201_197_219%7C1649116800%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1650240000%3A13_71_176_165_21_56_233_204_222_8_81_234_3_238_161_7_54_22_166_55_88_220_243_99%7C1649635200%3A223_15_2%7C1650326400%3A35%7C1651622400%3A203%7C1649894400%3A63
.tapad.com/ Name: TapAd_TS
Value: 1649111641838
.tapad.com/ Name: TapAd_DID
Value: dd6f97d6-002e-46f5-ba40-ab50e5822bd9
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.adfarm1.adition.com/ Name: UserID1
Value: 7082880565563226266
.yahoo.com/ Name: A3
Value: d=AQABBFlyS2ICEFh7lHhwSxaVKS-rVHUnZxEFEgEBAQHDTGJVYgAAAAAA_eMAAA&S=AQAAAmqQVCZEeEEBvy3QngO2hzA
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.turn.com/ Name: uid
Value: 3527854499195768663
.admanmedia.com/ Name: admtr
Value: 44d17cb904af046e2d709ec8e7a82e43925731c8
.weborama.fr/ Name: AFFICHE_W
Value: bH6Re6f2GJps48
.adform.net/ Name: C
Value: 1
.admixer.net/ Name: am-uid
Value: ae4b42bd391840af856b4b83e5d5e34b
.analytics.yahoo.com/ Name: IDSYNC
Value: "197u~245a:18z8~245a"
.adform.net/ Name: uid
Value: 4878786587521698097
.theadex.com/ Name: axd
Value: 4290469112214721814
.theadex.com/ Name: tis_LgL
Value: LgLeAvYw
.demdex.net/ Name: demdex
Value: 90028394726646917450871788997285788326
.quantserve.com/ Name: d
Value: EIwBCwHpJfijAA
.quantserve.com/ Name: mc
Value: 624b7259-ef03e-02426-5235c
.richaudience.com/ Name: avcid-zeo-uid
Value: f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2
ads.playground.xyz/ Name: connect.sid
Value: s%3AVbNnrA1-vZ-AmStWK2LWjXSxVdyM9CNd.IivTaWoZoshiYisiDUGSXv%2BAVTBQLkobwpxC39Mv4ww
.erne.co/ Name: u
Value: L0pbRrn6WoIdFjOqnO0wYl7K
.tidaltv.com/ Name: tidal_ttid
Value: 660265f8-7c2e-45f1-9e66-2f0d66fb8da9
.onaudience.com/ Name: cookie
Value: 9c9ca445f1781765
.onaudience.com/ Name: done_redirects104
Value: 1
.agkn.com/ Name: ab
Value: 0001%3AVBzPs7AXIB0lF988cYl5giNYA2YoiWum
.de17a.com/ Name: guid2
Value: 1.8031219224026110045
.simpli.fi/ Name: suid
Value: 2EF48AF89C9F4EFB80BC582F12D1AA59
.dpm.demdex.net/ Name: dpm
Value: 90028394726646917450871788997285788326
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.casalemedia.com/ Name: CMST
Value: YktyVmJLcloA
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjA3tzK0MAIAaRhrEwkAAAA="
.nrich.ai/ Name: _nauid
Value: 5ed663ea-5abe-48df-880d-c778755a7e6a
.onaudience.com/ Name: done_redirects219
Value: 1
.krxd.net/ Name: _kuid_
Value: OwlO4nLo
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YktyVgASWkuzKABH&KRTB&22978-YktyVgASWkuzKABH&KRTB&23194-YktyVgASWkuzKABH&KRTB&23209-YktyVgASWkuzKABH
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7082880565563226266
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-OPTOUT&KRTB&17107-OPTOUT
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:49d7624b-7259-4600-b959-966676ca4e53&KRTB&16736-uid:49d7624b-7259-4600-b959-966676ca4e53&KRTB&23019-uid:49d7624b-7259-4600-b959-966676ca4e53&KRTB&23208-uid:49d7624b-7259-4600-b959-966676ca4e53
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-2850510323904849933&KRTB&23263-2850510323904849933
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-b8eb005d-f98a-429e-9a28-2eca98b7a02c&KRTB&22918-b8eb005d-f98a-429e-9a28-2eca98b7a02c&KRTB&23031-b8eb005d-f98a-429e-9a28-2eca98b7a02c
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3527854499195768663
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-8fa858c4-3ead-4827-bd8e-a20205159fb9
.zeotap.com/ Name: zsc
Value: %C6y_%C3O%C0n%E8%EE0%BC%D4r%AE%1A%8E%B9%B5%D4%CA%92%BDQ%C2%0EJ%879%C78%B9%A3%02%B0l%15%EBxq%8E%B0%60%10%90%2Axn%AE%B7%21%60Q%91V%A2%12%3F%85%21%F3%AA%60%23%7Bq%897E%E6%F7%16%F1%04%C2%EB%11%C1T%5C%C4v%23F%AD%0Cd%1B%96YM.%40%856%EA%10%0B%10%3D%D3t%8D%1E%CE%1F%C1P%11%B0%AC%8Fc%FE%40U%7B%16A%95_%03p%B5%C9M6%FA%AD%A3%ADj%EF%07%F8%C5U1%11%13g%97%E7%F2%AB%9B%B3%95%D4%B0%A8%04i%8B%28%85%F7%0A%FFr%C4-%9C%CEM%9D%94%0BH
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-upkfSp34RpVekGFYlSdXh8EbDiw
.mathtag.com/ Name: uuid
Value: a531624b-725a-4c00-918c-7e97be19413b
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 8b556133853c6715
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-bd544144-ad0d-4f6c-4cc3-23e9292092fc.l8r8OOMEariPJgWEYz39roIssXOx57LZYt6II%2F2ungw
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AvVRBRK0NT2xMwyPpKSCS_MEbDiw.kyH5R%2F5v1Wt2vN%2Fn5BmV%2Bd6CfF5He0b7zmLLYii209I
.casalemedia.com/ Name: CMRUM3
Value: 51624b725905a0&03624b725a276030e7624b-7259-4d00-bf87-79838231cfba&6f624b725905a0&2e624b725905a0&2d624b725605a0&7b624b725a2760vVRBRK0NT2xMwyPpKSCS_MEbDiw&dd624b72592760&41624b725905a0&69624b725605a00&27624b72590b40&c4624b725905a0&49624b725905a0&1f624b725605a00&82624b72572760AACDRE7EluUAADWf2PZMsQ&58624b72572760YktyVgASWkuzKABH&ce624b725905a0&e6624b72562760&f1624b725905a0&04624b725927603527854499195768663&40624b725905a0&98624b725a2760f035df18-8a5b-4be0-ab93-b3510091b5b2
.adsby.bidtheatre.com/ Name: __kuid
Value: 10650246-0073-4cdf-9532-df8e0198ae1c.418325642
.tribalfusion.com/ Name: ANON_ID
Value: aOnseFSyZaRGRT8vnQXf4yWeBFxqHwZdA1AHWrUxNrEX2V79PHJZaxNcjPNI6mDDRBGZcRFN3JWZb3wXTFIuUqJql
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-L0pbRrn6WoIdFjOqnO0wYl7K
.pubmatic.com/ Name: PUBMDCID
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-8031219224026110045
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-mRltB5gZbFyCTj9VnE50VZ0fa1OCHmtWmkjjryib&KRTB&19420-mRltB5gZbFyCTj9VnE50VZ0fa1OCHmtWmkjjryib&KRTB&22979-mRltB5gZbFyCTj9VnE50VZ0fa1OCHmtWmkjjryib
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEP6bgdj8lpnAkCt_8k4RpVg&KRTB&16514-CAESEP6bgdj8lpnAkCt_8k4RpVg&KRTB&23025-CAESEP6bgdj8lpnAkCt_8k4RpVg
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4561750498577447606&KRTB&23339-4561750498577447606
.pubmatic.com/ Name: PugT
Value: 1649105154
.audrte.com/ Name: arcki2_ddp
Value: CAESEKOMSxdoBTQJwhu3v-_izEw!20210804!1649111642579
.eyeota.net/ Name: SERVERID
Value: 21975~DM
.pubmatic.com/ Name: SPugT
Value: 1649111642
.audrte.com/ Name: arcki2_adform
Value: 4878786587521698097!20210804!1649111642684
.audrte.com/ Name: arcki2_TTT
Value: 1649111642685!i8iUHl2WaFrQEaNZwn15KSX5g!H4sIAAAAAAAAAB2WyXEEIQxFg+GsKhYBUjggIP8Q5vUcbI+naRBff9FpMa0uk6nHRPfJslZ+sktbru9GHiU5D9vuWbzcI9r1ibccYtpvfm16by3lcWs7K+TU69LeXuK1LNne4vR26iubnY73qlVmuUPUVxVfM0tzjo64du5MZef6uoZUXVv0liN+XxY947USr+/nKefS3qhb8s0sKv2JLc0SI2LW3cbyl9qo442lcrmItLaP7NeezOGceNZpXtOoOqztIS2fJ0qlYt0CCPptPbe4PtM5s04v1GQKTn0YF5td4q4ZPsz7W6neHuZR+XY4YN7OJkaJ5ttOf3e/nsa9BwSmdPMPzG3icaZYa/num0/ekaZZvTPzLZ9YRGFee0hp6u9UunNLalaO1TKlWHQQn9RUhsoBmJl9+vaS9GxdGkP6DBVVbm9e6dK9K16ZZz1LYe2a5yxHX6HwMsCpF+mFm2rk8Oyp9H485pI1JjjpvOz0QmZeufPsvdzSnHe2tbqc5TRYnQbzXGyUU9bwAijpesnwQaFao6bJciv0buWyzubeZp5W4S7PpoBdlRadgy2WWM7eYOeCYmmv5fV5F2AcH30Dquwt9bab68mzZk2wODzofRttidYDC7yaZDjwRrm1mKXcJoiwaPTZpNU1ZfX7JICo20AG0ZK1wm36hE8VPs5bQLxsCpujFF+l1q/wWnN5lPMeLKgD+mbrAqB59LX3yCt1g+DFVHZrJu1YY6ejAvPP2BXatZ2G74icuyilcDtV8bF557ZzjmabcdL8dpj9E1KjJprN7cCpD7qlhibfS8dUL5QCzDZFg7bYpiZWrHne6Pl6uu/4cUf8zhW1A/vKHtzuNdhR99ScYmxbFYgUoSHJysFzu/CyXrX2slpq2kZ/eUhE/S8C8ba5go9q1xcyfuhuBddg/6BjqmPArAsz3xv2aGA7kE4vZO9NVkUjij+I95EF8l5/Y8wSI9UOZz6cG198pIPjJ4MDbbNda2uzpWX33awLhygfmPDFD1pt9OrOsU8dm0W2otYnw3EA3bt+dkiDx8tnqX5KTpOb9ULhJ76d2vf85SV5hLud0NM1jVY0nuGZiy5jXVvsdUcIsAoiTCuR3IALBkmFFZ+JQd9BYQtoLh+Qw00dYt6YLJr5fBCAGFeiS8cp13T2mfLtk06qPJ9AMPVDrDmL+LNLhfk3heYe/CNtAiZNggD1+Od0Fd9b9Oykk+PWPlXKqXhBpnrc98ryiPfOXgoE1TMGQDm9DNQyUDDs/LCN1Tc6tacp17qNj7JnfOJEfK6tyig64Qwxgjjpyo6NGusXBroxTmziSkFGNpv10WbCPPOu7ITlYT1UIkj1o+81eLcu7EqaYdtCjadV6Nmv4k8H2PH1TZ24pCaNNvKrGMYl9BT7ACew7a/hCbP0XBeeyZawmTtziKo9WToKPt7Q7eP3vYlfZBFU3NFpcMMz7TaIvM7gdhk7XemQqqOgO8oswtv4l2LR+9zmeNaDAIn9Ob00OflLuclxO8Mcut7joQuQS1qfDc9FJhfGVf6SwvsbmWEKNpyUoP/FAIrEPzYeCt8ddxxYVYcoXlZAlUb8EM9nkRgt2BMqhQR2STifV+xirIYHQUrS5gH7x6eCWr7EmA43G8y0+LyzQJBFA5tjPWvyziZ65hzXovXkjVScr2E4+gXQ4HaGu9Z9ve5FyN5KAAF471tQLMPD555rKP9arUFINzZIOL9RLQFnDphwn7ZgGAQE186fOnPadstab+Kkyk4ZKu1DTR3bbmfOwqSQHJ9WeEdQb6hS1+e+t0oJh9Uw5OhkUedA4pmfr8Hk4VqL7bJbdZxnY4c31liksHTfZPBFN9YDx3+4xGxlYeckAqKrDDQlz2+gyR8YqAG+9OIbl9ibgWZxOjX7P4P5TNS9T1KbhGTG6NdSp523fIhTJV6wJ7r7JPH2p8y+78nMBTmMfan580QchdGIBr11iZ45SQZL5uT2fk/u+XwcC8QLGNyIXvobDE4NHydCOB2IST5w0gMLPg4e3nxhTE40mAlwMXAxMtQlcGaL+8Cn1QlWCjv5JuXk+8BJ82f29eC+lYNpltVACFh/wlTiVNq6vwZqRpc2i0vBnM9bO4+zgWAWeww8NIOajORbTKmSyznE5RsxR9o5mDT49tgXZRNE97fcuxIfWNF4JS0vAy18mzDYaaUt++EKfhlbrLRQjLXGRMwMPPebSBXH/iYxjss36tR6d1A4k+GfKkxm/gUQ1jSZI8cjHTBB9PLSYgqxgXETMDATNRJAGGvvNK2HtlZ66vFNLnQsgqlJF/HKlHoEj7m0ZCMTJowFH5zn85sJmWMJoAN9M/asTEP7aElEiAJVIJQPAsZKIc4YYIkRxtT3cfUHEL7wt/4LAAA=
.audrte.com/ Name: arcki2
Value: i8iUHl2WaFrQEaNZwn15KSX5g!20210804!1649111642771
.fwmrm.net/ Name: _uid
Value: "o086e_7082880569843688576"
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwjEiJaDqKXLOhAFGAEgASgCMgsIoOrlwL6lyzoQBTgBWgdud3VzbHVtYAI.

13 Console Messages

Source Level URL
Text
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=88
Message:
Failed to load resource: the server responded with a status of 451 ()
javascript warning URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Message:
The resource https://i0.wp.com/thetruedefender.com/wp-content/uploads/2022/04/Untitled-34.png?resize=613%2C358&ssl=1 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
other warning URL: https://comment.instiengage.com/live/comments/api/page?pageUrl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&pageTitle=Angelina%20Jolie%20Admits%20Participation%20In%20Satanic%20Ritual%3F!%20-%20The%20True%20Defender%20!&integrationId=da433b6f-da8b-48a9-a735-7373e57d2199&extPageId={extPageId}&contentId=635d57c6-8f87-4eba-aa3b-b841f6299732&sessionUUID=d4aecf45-fcc6-477d-88d8-b1d4ef214231&frameUuid=e0d484c0-37fa-479c-85d9-662d0cceb6ae(Line 194)
Message:
A preload for 'https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;600;700&display=block' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other warning URL: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&pageTitle=Angelina%20Jolie%20Admits%20Participation%20In%20Satanic%20Ritual%3F!%20-%20The%20True%20Defender%20!&integrationId=da433b6f-da8b-48a9-a735-7373e57d2199&noAccelerate=true&sessionUUID=d4aecf45-fcc6-477d-88d8-b1d4ef214231&frameUuid=5fb6b2fe-4df8-453e-841e-d492965cddcf(Line 20)
Message:
A preload for 'https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;600;700&display=block' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://tags.bluekai.com/site/87734?id=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f2daaf28-cf87-4bc6-7afb-3bddac0b1aa2&reqId=e33d3ca6-ced1-4104-72f2-4cad43ec9374&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
javascript warning URL: https://comment.instiengage.com/live/comments/api/page?pageUrl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&pageTitle=Angelina%20Jolie%20Admits%20Participation%20In%20Satanic%20Ritual%3F!%20-%20The%20True%20Defender%20!&integrationId=da433b6f-da8b-48a9-a735-7373e57d2199&extPageId={extPageId}&contentId=635d57c6-8f87-4eba-aa3b-b841f6299732&sessionUUID=d4aecf45-fcc6-477d-88d8-b1d4ef214231&frameUuid=e0d484c0-37fa-479c-85d9-662d0cceb6ae
Message:
The resource https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;600;700&display=block was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://comment.instiengage.com/live/community/api/page?pageUrl=https%3A%2F%2Fthetruedefender.com%2Fangelina-jolie-admits-participation-in-satanic-ritual%2F&pageTitle=Angelina%20Jolie%20Admits%20Participation%20In%20Satanic%20Ritual%3F!%20-%20The%20True%20Defender%20!&integrationId=da433b6f-da8b-48a9-a735-7373e57d2199&noAccelerate=true&sessionUUID=d4aecf45-fcc6-477d-88d8-b1d4ef214231&frameUuid=5fb6b2fe-4df8-453e-841e-d492965cddcf
Message:
The resource https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;600;700&display=block was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://thetruedefender.com/angelina-jolie-admits-participation-in-satanic-ritual/
Message:
The resource https://i0.wp.com/thetruedefender.com/wp-content/uploads/2022/04/Untitled-34.png?resize=613%2C358&ssl=1 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
network error URL: https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=fb9d6148be821578bfae6bf32c420898
Message:
Failed to load resource: net::ERR_CONNECTION_RESET

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads.us.e-planning.net
adservice.google.com
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
atrack.avplayer.com
ats.rlcdn.com
aud.pubmatic.com
auth.instiengage.com
b2c.insticator.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
biddr.brealtime.com
bn01.er.bemail.it
c.mgid.com
c0.wp.com
c1.adform.net
casale-match.dotomi.com
cdn.aralego.net
cdn.mgid.com
cdn1.lockerdomecdn.com
cdn2.lockerdomecdn.com
clientcdn.pushengage.com
cm.adgrx.com
cm.g.doubleclick.net
cm.mgid.com
cmp.optad360.io
cms.analytics.yahoo.com
cms.instiengage.com
comment.instiengage.com
confiant-integrations.global.ssl.fastly.net
core.iprom.net
cr.frontend.weborama.fr
cs.admanmedia.com
csync.loopme.me
d.adroll.com
d.turn.com
d2s3kjdp77ms5k.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
d5p.de17a.com
dashboard.insticator.com
df80k0z3fi8zg.cloudfront.net
dis.criteo.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
docker.creative-serving.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
dsum.casalemedia.com
eua.instiengage.com
eus.rubiconproject.com
event.insticator.com
event.instiengage.com
ex.ingage.tech
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
geoip.insticator.com
geoip.instiengage.com
get.optad360.io
get.s-onetag.com
global.ib-ibi.com
green.erne.co
gu.dyntrk.com
gum.criteo.com
hb.aralego.com
hb.emxdgt.com
hbopenbid.pubmatic.com
i.e-planning.net
i0.wp.com
i1.wp.com
i2.wp.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
inv-nets.admixer.net
js.cookieless-data.com
jsc.mgid.com
lightboxapi.azurewebsites.net
loadeu.exelator.com
lockerdome.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
matching.truffle.bid
mcd.ex.co
mug.criteo.com
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-geo.s-onetag.com
onetag-sys.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.mathtag.com
pixel.onaudience.com
pixel.quantserve.com
pixel.sitescout.com
pixel.tapad.com
pixel.wp.com
player.aniview.com
player.avplayer.com
player.ex.co
pm.w55c.net
pr-bh.ybp.yahoo.com
prd-collector-anon.ex.co
prebid-server.rubiconproject.com
prebid.a-mo.net
premiumsrv.aniview.com
product.instiengage.com
ps.eyeota.net
pubads.g.doubleclick.net
public-api.wordpress.com
pubmatic-match.dotomi.com
px.owneriq.net
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
rumble.com
s-img.mgid.com
s.amazon-adsystem.com
s.e-planning.net
s.tribalfusion.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.gravatar.com
securepubads.g.doubleclick.net
servicer.mgid.com
signal-beacon.s-onetag.com
simage2.pubmatic.com
simage4.pubmatic.com
sp.rmbl.ws
spl.zeotap.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.instiengage.com
stats.g.doubleclick.net
stats.wp.com
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.aniview.com
sync.aralego.com
sync.crwdcntrl.net
sync.e-planning.net
sync.extend.tv
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.technoratimedia.com
sync.tidaltv.com
tag.1rx.io
tag.targeting.unrulymedia.com
tags.bluekai.com
tags.crwdcntrl.net
telemetries.jeeng.com
thetruedefender.com
token.rubiconproject.com
track1.aniview.com
trc.taboola.com
u-ams02.e-planning.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
use.fontawesome.com
usermatch.krxd.net
users.api.jeeng.com
video-native.mgid.com
visitor.fiftyt.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.lightboxcdn.com
x.bidswitch.net
dashboard.insticator.com
global.ib-ibi.com
simage4.pubmatic.com
104.102.28.254
104.109.78.125
104.111.215.191
104.154.142.214
104.17.120.107
104.19.133.78
104.19.135.78
104.36.113.107
104.36.113.24
104.90.179.100
108.138.7.78
108.157.4.11
108.157.4.71
132.226.63.138
141.94.170.77
142.250.186.162
142.250.186.66
146.0.227.109
147.75.38.124
151.1.205.165
151.101.1.194
151.101.1.44
151.101.194.49
151.101.65.108
151.101.66.132
151.139.128.11
157.90.212.181
159.65.197.210
162.210.196.208
162.55.236.225
169.197.150.8
169.50.137.182
169.59.64.184
178.162.133.149
178.162.133.150
178.250.0.163
178.250.2.146
18.185.251.21
18.198.126.47
18.66.139.34
18.66.248.33
18.66.248.79
18.66.248.86
185.15.245.80
185.183.112.155
185.29.132.245
185.64.189.110
185.64.189.112
185.64.190.87
185.86.139.115
192.0.76.3
192.0.77.2
192.0.77.37
192.0.78.23
192.96.200.41
195.5.165.20
198.148.27.140
198.47.127.19
2.18.233.201
2.19.35.65
2.20.85.164
20.40.202.0
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
204.237.133.121
205.234.175.175
212.82.100.182
213.155.156.165
213.19.147.43
213.19.147.44
216.52.2.39
23.36.163.227
23.88.75.186
2600:1f16:e61:3f02:363e:3490:f8eb:b263
2600:9000:223c:6400:6:b871:4f00:93a1
2600:9000:223c:f400:b:6268:b880:93a1
2600:9000:223d:2c00:9:78a:e540:93a1
2600:9000:223e:4e00:1c:f0ba:c200:21
2600:9000:224a:4e00:1c:386f:ec80:21
2600:9000:225e:4600:a:cbb7:a940:93a1
2600:9000:225e:5000:11:a4de:2580:93a1
2600:9000:2315:4400:17:5bae:c7c0:93a1
2600:9000:2315:6800:10:3422:3f00:21
2606:4700:10::6816:1957
2606:4700:10::ac43:264e
2606:4700:10::ac43:a93
2606:4700:10::ac43:efc
2606:4700:20::681a:467
2606:4700:20::681a:842
2606:4700::6810:4fa5
2606:4700::6812:d05
2620:116:800d:21:3175:5196:e3fd:8c1d
2a00:1450:4001:803::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2004
2a00:1450:4001:811::200a
2a00:1450:4001:828::2006
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a00:1450:400c:c07::9c
2a02:2638::1c
2a02:26f0:3500:58c::2c79
2a02:26f0:3500:c::5c7b:6837
2a02:fa8:8806:20::2010
2a03:90c0:41:2801::254
2a04:4e42::300
2a04:fa87:fffe::c000:4902
2a05:d018:24:b002:eeee:33cd:8e98:b126
2a05:d018:d29:3602:8032:ea84:336c:262b
2a06:98c1:3120::7
3.120.1.163
3.125.247.50
3.126.56.137
3.127.178.105
3.209.156.238
3.216.55.148
3.228.116.73
3.233.223.17
3.33.220.150
34.102.253.54
34.120.133.55
34.120.247.19
34.149.20.76
34.194.30.250
34.79.192.155
34.98.67.61
35.157.226.32
35.201.81.244
35.201.96.126
35.227.248.159
35.227.252.103
37.157.3.30
37.157.6.241
37.187.69.198
37.252.172.37
37.252.173.22
38.27.122.126
5.178.65.246
5.178.65.253
51.158.29.13
51.178.20.139
51.68.39.188
51.89.7.205
51.89.9.252
52.20.240.56
52.206.128.29
52.21.142.155
52.215.247.247
52.3.110.18
52.30.140.199
52.31.55.178
52.46.130.91
52.51.87.182
52.57.37.214
52.58.101.33
52.73.223.127
52.95.115.255
54.171.52.214
54.216.37.155
54.229.167.98
54.87.78.200
66.155.71.150
67.202.105.23
69.173.144.139
69.173.151.100
72.251.241.204
77.243.60.138
85.114.159.93
88.214.206.247
014022dccb266835d8a7aed1c885397cd848b8e1ccdc9f5a268c01c0d5c41152
01c3dd0a51f1693c7e1e71046ac12717a4c00aee994ea691f1c93d2c95709290
025fb1d74b3f7cdeba6f4e8820c8983f15ff10e17e2d902e153ee338b5400d90
028f30bdbf06b77047c332af8464a6d7843dd0afe214b8ebe912482fd84ab460
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02f7a0377f32ef90c7033eefa936a9a57f7549b0bff843d1d5064445def57f15
032748afc697ad6c81591cf5304a1395a1045dff8604fdfeaaa06d8365ea92bf
04b23695c5196ff9c1a5049ce1bddc19645a6403e1f94a68427ea893e460cf90
04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138
04ecbc9b770010b601da6d00953e93604a0cdf2de710367f6fa8b0cc6edec51d
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336
05ecb098b0380cf751745d81f0c9aa3786e56c2f6bb1275a9e05ab894e3c087c
07fb5599beabbcde358a65f89854578c707de793733296d5b22dd35677cf2cb0
08c539ea3ee28d2e211c712cd221d934db1861e66194b78067bf67b80d96c9a9
0979e97fa96897d21508fc15698ed30abd08f8492a37a2aabc55bdb637899f2a
0a8a07129f0d6c3c3ec92530b2fb31362c48bc4b6058f8d784c5df763232a0fd
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
0c97c6ce5fdeb2d91e4bc6263d3714ca800b990c1994cf0b6dac0f23c8fbabfe
0d58ed357479de5380fd43f06c908b8ed5013616c7a2f15a76c7eca3bba8122f
0e1510eb3810dff89be65f6853b303116b435ff17420f1553182b8cc94d961ce
0e9988f428e27ca356fb935ee647c9010c5aafac1b0bddd6fa9757270b8e5e04
106e00f12d7d9f23a00ea0db58be0a367eba9607194181af2c0e86117d0ac2f2
10cc40dcb38bca647813497bbcf816cc2dc8be63acc788b647094732a3ef2665
11a53b21c5daaa20815e136afb4ce9efd0563f298f60c500f22ba45405101916
12154ae4f04266164ceeaf2ba970276422c0b602ed4953662b0fc29508d38816
127af483872f885ce78fc10c826d0368b4918bf70baccfafdb6e7c31713f5f5c
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
151c4c52c25dd28c33321aaaeabe879c4814087d4eaf7545d93f5d81d4d1c4f3
1555ab743d7ad5bfc38acffd473228660cb76a378f7f0166dd0b9d37317f1694
15ab3a6aa5a55a2ad00fbe9deeadec407eae230590857ee15b3c6ad496a8ef2f
168cb6d635247ff4aae2a0381bae3483c3c22c93c298219996ac1f93eb50cde5
16e7ce75396ac5d065ca1da050778e0f162b37a8496266690926957eeebbbebc
178ccd7a75136917b732bb9c96be9647d45503641869806bbf5ede7695dfe770
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18f838d2d7fcdb0cc2bf11e8c016ec130a027a931c604524b60aafb87c98808c
1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed
1e3dbf22ec653d6007e2790ffc97cc378f5f8b920bf3c76c50016551dca94c8c
1f0961ae015216cae439ab6c766970d493be0d41221ac59d8b44f074ccd2928d
2027125ba73adc31e16ccbc439fcbd81452b0337d22c7fcd6a492e3890f4a6b4
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
2096841c3410e85005c5a2a96c400bef02412ec9c73ee35cbc97d80d0279b980
20a1b6037d631c831619894b096958b7a2844252d41b0bf9d07e44675035ef0a
20d5792833082d0f85e2f04c42639163756afb385c0e4cf69b2e19139a2314d2
217b9e539bd55ad03f86545c4afc436c1d61f04aa131a4679181a3d30bde9480
229624ad9cd76da7a456326bfb601344e506ef08416fca467bbf5f2ac3f06948
22e56b7e66a75203914f5f0cb9cf1c4e95c065f101ace2189cc31de2da60f61e
2365a1c4415706420a899a6efbeda8aa7aa1567a7d35f9eb9b67f79628d0d08e
24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25b28f56eb83b2d202a51f58676e668a72044030f51eb691bd652b41c34299ff
28650d886026af1c4c93f50d5f9b32f1793bf3f828a6a82f66cf1b713f07e98e
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2aba8f1b636194b427ff174e08152a812153724445da970fbb5119f9657cc4bd
2b174c2de49f6aa7f8b72125c63c163012b9ff34afdbdaea39b4c499e1d16df8
2b9a0d5329c389e193ed2fae53565c29490424a21402dfd02b35878841d932eb
2d9b26faf90740ca23ace600524884715fcda38cc4769864a2c2c0b57be1c49a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2ea21fcaf145d663c5436dab743625556a2621d339a8e953eb5ea8c8ff7fc914
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
300c2a57d0ed169063b3daaff0550227cf8be6e702a58ab79f40a351df655243
33691f2272bc468aed5a87b2e74f92e195d31077061595017f06137064a3fe0f
360cb757953c12a86e5cab86a14bc19f343fae4b09fa758b1a0535dca3c5f26f
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38a57dc461d704abe6fb6058a94ae7cf1edbee3b604265895d3869a71adcf417
39c8be8e8b2b7895d4da7ed4e0fa4d89cd8e200dbb5ee886bbb7d34fb90f4f46
3bbe41583dbd2995aa57f2f02ff61f985f76285aeab4e82be2df72e4a601d393
3c086a6d21a6d4accb512b7fe4800280f35574845cbd9eb4ca151814e04f59ef
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d7a3dca6cb4bccb97b70de73a8246ca11e1945aa69114a16df27df7ade0102a
3da7daeb348e147594792a28e2766e204d3123c4dc79432c78fe654dcb26ced8
3e994c6b869ce31ac6a8997cfcdaca22ac6c47f137ec735b2ac413e466b7ca0c
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ebe3ff6e3d8d47304ff7bbcb28cc0579ca64c2cd7989015db2fbdb08ec8dd92
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41b60d2262cffca90f6cd644983a2d813336dc959558bdd6ae54b35ef06dd9fb
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
41d4336e64b3cb39314befe13ba0192edd55cc2e05f76d731f1b9dd2a3f9f8ca
42a55578322982b82f9092c0204cd4b08eb33e2b189180eb506c1e173a21a1fe
42ae9e43ac798158a21518fd66207f78421084d000589dcfe5f57f93240a9867
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
454e275a24548d7c90f785185bef0f45a1a31227dbdf262e23663d3a1c893d34
454fd8e1f928c12f9950a1c30f29965c5fce9fb95735f3d3c6fb4349ec9c1bdf
4663fbcb6ece2376df5b0057eb81ef062d13997e5c556146e3eb2b0d918044f4
47f939d447b1f96bd45972df4f933992f168f2a4d34d981a225023cc0559f37b
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4aedd618e5afdcceeaeb82c1d6926175a4bb43dd363e9c64eacfca2ae80c9b60
4b125c2e7291fba7e7954efe2085e4b7d7ab9a2000e39db8a9e720364c360431
4d5f7527112a0fa7229a14a053ffb3e93f902baa4497b8dc60e60f6683118326
4da1c4f9b122553bed33f4ada4915dca3f4109a589d79b327ee4dd226d78a1fe
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e82f7358ecdf8b9b7bd1ba09b899071aa026dd07192dee4bb1c3ad9c29b1cfd
4f1c901b02ff5cc2f49aa931b1bec9610f5cab6481c15fcef1fa353d4005eef0
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
51ec1cb1a1588eaf47a2053f9726ce73950171eac1204df16076bbaf3940e793
545f7284439440fac6a2ce4a53a16cf7e9c7f9f6dc7a6f09877bd2af7c85e3b1
573f0be502559eb5ef349ede1ac802407cd2228da8e136ab2cce5d86b9d20f6e
57909edb3403ab66ad2d1fee2fc449f04803525fb7f583bd30dfe619b3ac65f8
5897f0e4f0de03a50a32f596ca98c3c9bfb2ee257ef007db3124546b05a1cdff
5b07d4df6a5cdfbafda3066f6884fa9d7b141897e39a5f72efd40742762624eb
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5bf7378bca4930ee4e9fb8ab093c16ab60489c74376390de855b71d0c706ea57
5c5ea8c663b65d9c0a9cffc32558b896881d27aefb0cf2acbb213a554bfa8302
5cdc95d6d39476ca28f815477ec8b4f864c940703df672569fc3b42081da1e3e
5d048d1ba1fb1f78e38c3e0cc432db86fb8138d98d4b61242b1b7951f62208b1
5d69634ffd80c606e7a6c37606f7a13e10c9c5eee694a8024df29a32487c62ec
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29
5eaddb09f331de307e587736737c57d129e68160aa2f6bab695635d054155ec2
5f50c9e9a5d8596a5adf3552efbfdc5f0194ef532616926e2a53d73e6e528631
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
636a500736062b2babf0e0fe92ca7036cff372da42acc0222a3da9fc68007722
648a63712061b4375896432b5d7a5408ea81a4c3a0037107876e229450c33278
65012936d9047ff97d6cc799a532adf69538a35af1ab714e29380d13079a0e62
65564d9d96dc3284cd96fee47dff1169c6d9fba70f9563884e8272ac02cbf6d1
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66cc8a972ab5728f86e6cfd14b21f8f5ea5c208275e4aee4aead4a57c68746aa
695ce10188e5306fcbf679b7cc125b6eac681d124a85a5908bbd8d0079a47e9a
6990ea232bb26e9f419f1c364efc4d46ab62288a58f57aff6f289f4a98459240
6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c6e89a4c4ad08df20576cd277d1cbf439b5ed91e17ccaf7d14d1eb5d27617fb
6c84b15475645a583ebcacf9dce3e2ac8ada4feacf3640b2ba60c9139dc9e382
6e8845b90125e78d8fa84f8c4c78c30789c0d00703387b1cbfda3cdf687c5a8d
6e90e39de2011c817efd32336f3a400b6fec29f919b05de16a041ca027f36408
6f3d43ba1fa9260111e1537962c6899697e6bff8075bc76ea390d19acba904dc
6f6eeba7d41a74f215acdecfb35980cdf37fbba10119b999992fb4f79e9cd16e
7073c2ac41ea187279e52fd50ed532311190e33f5bc53115c0b0d5985bae6586
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
7245256dd1c75be9ff7a76a63f1c31874e5263e8b29b083fad5ec2891f29107d
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229
72cbd458acb6541bae40971f2d3b61ad670847d8867089613a9b2a3ef198ac09
7336396c2e3333e50e903376898153f58ec73e122fe3414b7c03f446ba8e95af
74248e123d313a91788febd533fe7c81970a7b9a145cdaf6a71c3ab27fd62a77
7462bdf789a89db34e26ce9deeb27e2d532113145d71bb560aad30c67dceaf88
763a7103710991882cbff5d9ceaacc5355908d83f6e88b9a0a10800286a5718c
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
772082343a8afb4bc481b2e252b6e1249bfb97ae1ddfb40e5dbc638d4a5a9a18
7731e3105eac21392a0e469d856150542f164d885ba20b00f465986705866ea3
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
79a50b54ab50fca6c20f6fe556c85051835cb1c9e5076904a92ce33324db91c1
7a3bd602068c7daea0d19d55932af2b932f1c4e51b5d21188ee78b6aa6a40964
7c178ffbcb1390babbb89606e256ee6f4a296cf6af1c19ad74538077715ca873
7d694378a918429a4e72b476bab1d5204e345caa90b3fa5b46ef5ffc75c90ace
7dcbd9ddb813cf06084d60b6158da5289b9e33ba3f9e7c463fd20e7ec8462014
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
7fee5488f247de155c84a033494401076018c81062f48180373e3cf05ae47c69
80ce0978d5b7d3d3f109957556f3cc8d8b8a6dc5e139b91c2141b25c5c449210
82649ad7d4ec9c61f1e525b2dade75153ffb03610b88d22e1ba3ba98fd55de81
828df8d8ddf6843a47d051c254f3614491d6499a94b6c628f9755b01b3635625
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83af3eed9bc9713193f2ad86f6214e2554ec29f8022e054dcf696a10d59ff9d2
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
863fc3c532c55a73bf3c8745a700ac31ed9a44b4cc77fd59f8f5f9fe5c026e5d
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8ce4cfaffdd9e11b62043557ba2744d5d99a885181c6250d6dcc890ce49d5c2b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e7097b115d08aff66761cc01b8ab3a61d61edd784b71674251f3a9313cfaee4
8fb9b46fcb5342f3fac2bd5272a214a91613b2b24bd99fecf9ab4aed2828df47
9013854b5bb446878dc7fbb34f6b3d8b2eda5cec70ed60b12d36d9d70ab9df21
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
91f968f09c49a6345a7acd0902a6ece2829820ab73fee23ecfc3f11e57035c53
929cacdf110aefd4e1ebc549f553caf275c00db80c7ad62c07a5dd365e44bdcf
92d20a5c04d6e6275bfe8c45e20063b49592d62404acb6633a0660877ce09d96
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
936c6cd15149f72e7ee2ac40f9be78726cd0a9e10054ec59ceee1ff805fccf07
9370e9c821b5e6700f74ea83167aee7dd4988f1092fcfd727cb07a4db615f9cd
97f9639ee27e7951f93e6507ab9d203e2d003b72cfc06c6bcaffe3e8687bbc8d
984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a012d6f3f8e2868a3dddfda6d67fe94ea26edcc937da8667dd41b1736f27165
9a211890e04f6342daafeab7c7d11cd15419e8a4830f530176b28d872e6a1d9a
9b706436e7668d34e9e2b2e7cbaf2aff8ca6c0d07bbdb4b1bfe328fcc02f92cb
9de938b53f37d72869dfc95282a6cf8f0e13f6404992274e781c62fecf42ff44
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
9e595359e6b3bd7be6af4212593e1deb5315a6470dab88914e5a1e06247aea68
9f090a586c1218b4e90fa8717695844297f6284439071c8688e0db1e5062c03e
9feea3fef7e224f01c5e035fa45418845b6113b053523fb2bdfd04fa33d2aed7
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0abdc9f0cc53d83b528a3e144d45ad945de92971a647ac46cefad667325c2e1
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4cc6696aa07f6d30c40b78120630256a4dc0253fa916d6f8662874c52c31bfb
a58d46d853c21c8e11eb057aba26dbeeb32041b51a61d4e2c3adc86c09c08704
a5b40ab15c9b4fd99052ca5af37ce22f2379f8d2722d8e64f41bb3dc5389c75d
a7145e35459692778d48ee4720e0897425811356b8e60ecdf87decaa8db0fdd6
a99ec5984ec0d266d89c0325a074ebe5c5a141dc5be84e85f22a853dd9c1f32a
a9a1c5d267a63585e27e938e2d97319bd32a33ac2efe99000b7aca65c41145ac
a9a2efb586384abd3f38091b00ddc5a8686be44da7edd7ea28ec1d0ec4958cbd
a9d343914b0f12c2a1adcc93428cc4945c9d01d2eee000642b38ca5c22fd1501
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa40ab4f89a7c52dd9cb78a8b5a293e16d06595c62ed13db9bacc8e45353b61a
aae68d7418f7820c7267d6dc0ec4f3f0935d15e965d5dfd0730ee15265cb932e
ab7a503a470dec5a0a38adba6d3808c1bece79f94de3733d9dca78be167bcdae
ab989d8d50b5572e0277ee175d8c2cc89bf543453f53a32f729296344e843ea3
abe42187e43a02b8f2b80b04583ffbf215b2b39dd605df9fcb2bdc0508be91ea
ae5df397c5c0dac0b9a5156343d18306f38b277664010be4121bd082f795131c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afb5e4dca79ff517355b0b56979b43e4fc6461ccdafb1e46fa3b2f5a2a587a57
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2f66dedb80bcab1bb1720527fd58ad2eb9b0b72f1c1a2080476cdaf165835f1
b4e54900492e7fa37b1da9dfb701b52ce20eb8709219e48f9db66b9fd547c429
b5bc1db7ed60018d990a297991ab95786d756c6eb9f7c8d04648eae382eddb36
b60deb0a2079173ef23e3525d66b6a0681b8305a2a699ae059c1f360bfbb882c
b66dee0a29302defc25d9de45dccad5911f133ac34fd0f0730d60c4b349bc14a
b68e79f20dd12410c58c35be5038fe8fb34b9c64bcecc6c2621b7a89be8d263a
b7781f6fa62c80c336671d895754a77ce8d0f5e9fe30e0b1f40d08c66261408b
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b943ac9eb37bac5937d3fdec8a4295e7e330f8c1ff4b481fb2810d3ae4bca8dd
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b
ba49e63a1d2bb341e32ece3dd7a19990dc507078f3099227c7723e3165c4d14d
ba58ed4e8dd5b19dda4a55b9ea0e7561c8365d5999673ddbcbb7269fca2d3dd0
bb368d75697693a54b8b1c08d99819cb17875248d18d582d0a4598ffd7bfaf69
bb682a893698420b4fe1fc74a0d17a0f8d22437ce15aa7747e9442b7152549bf
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdb4379d36bd89b8f42933e63230ed7c56a579304c63bab8dffc6f2acefc0865
be6739f2f1ffcbb8eff0966af5deb524fa126bf4fa43c7691a6ad5f751544be3
bf21c724b364a68ffa3299baa6f6014254ae6c51441f24dc2f0b818d6ad25d6f
bf3b52f874aebd7cfc4c49cc840977ec1fa179df6026c7cbb23794a3ccbde172
bff5f0e1d70317e19a8a5e44c239fb411011db6a8667c0abf8b0a2be9370ba80
c13be9d2e57fcd5a72964a0b7bf79a0f02734084cf6553d8f663cfea7ed2f732
c1b5edcb4325a1e9825a3dfeda051c8e5fbd285eaaf3475c597eb04eab23cff9
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2c2e2dea982c4ba32b3f0ae0687e602bd2069639be42e1bdcdf0c303071600b
c2e338406df7d7767265eb5d4f0974fbacf6d05ab326e08d83797e0b71089142
c2feb61e9658afad30338c5c5ebd2b10f5b0c9ded5ec08b7f911279fe8ff68ad
c3372afc57b6c3cbc817b01d0aa4690b372cb55c6021266048ebef5141fd87b3
c55d9b3489d33b7ba1907cbb7c0e20ea0f4b4db804300dda1ed32c5edb9159df
c7e43777c3637ebe3330efe852001b58edc5c6c2fa217fb65b1c3ebec8f679d1
c84dffa4e3388c57f6fe2d4786d9c31daa05ac090d60c0fbafee3b35bc1fe268
c8e703da99eff70ee901628fc4c461ccb880e9c9a1d990ecde106b3f27c55267
c93597f47f53dc63d1240237f5e29975805f3c75126cdd52f0d9ae2c3f6546c9
c9c1859cbcea4ad24f2d618310e045d37eb0674db0e406347ff5bb835d500e2d
cb20feb7873601d3c9ffc7e5dcab810ac97b6fd5964d14600c5c3ce84bfa417a
cb5f3898c937f889ac8740e9bac30d9c702ad927f1ebd4b83c8b4d9e47bb7949
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccb94442ced44bab1c606689f92a064e20497f6ff44b0a78880d350ba824b2e6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf59871c87ce926991eb9b430d0ed68972fab10078e539342186fb4986066c6b
cf7de8c404695b58f78c458dedc6d73ad88a5f69b0174789946010230c79d8f2
cfb776c956ce2c994dff3cb1e2f84304af47e78ade6286f519e0a810c22f0154
d0a099309cb5b7024a35caf026a10456be4f36c105c43f706aaeb112dc492d0a
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d3890ac24302a21e7eb190eab6d9cc0df3840c76e722cbd0dbfa8e4d4b78611a
d4587b41854ad9a6da58ebcdafa01d426d1f8945810c656891cda431603a567e
d4b3cc9023f3c8daabacc14c13478f50076e849e3657e31edb32b0fa70210f1f
d502e709482059724504b737c42a8794ea20b18df1b8776fcdd4e92689e7db00
d78fa11d49d6f5896519ee387440209a4ad363f68a816146c03b732b3fd45809
d8e88d3f28585075686faf1f27292f18cc775ac912b66e6ac6618e60b363a645
d90a92a7cfa091e8b08b8a24572b8c67d1aa35d4e2a9b09887cfb412acc3adfc
d9aa13a53642c4a5c2939af8359106dbceb85bd44dcaff668ab3518a77056293
d9e7ede5239908c5fcbd6de89b4825812d26371ec318f93f458024e7250582be
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
da9caffab89bae2574218d0f5e407391ffc56d83c4d5fc07833ae6b18b697215
dceda745a0fb58233a95eff6d10796026df6792cb960cdf675eb7b8a6750a2d2
dde6e238b723b4b0087572c65def8dd99ff0ab427f300fcf40feb9d678f72f00
dea6c93bbc5eb2ca724555eeccb47056becfdc84687400f28d38154a2ebc5fb1
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df0f6440bfff5ad7ea3b8e6a09007a50337e2e3f579efc30546391b7a7df740a
e04a7746251843cf567a9b27c7ae4d244ce9575519ff3daf328e19696d1bbd1a
e088284dd39e89bb1337765d7537f2b277beb0fdc1d32755ded1c9657ff1914b
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d29b18490bffdd97e70aa7b69024cf8c7c445aca59d852cadb8dab800a3a3a
e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992
e59c0f735471d90ea02234c6d94ee8fb9033ddd50f3f6b50ecf238dba336b842
e6043999a1ec95206f0f922357e70d544fa9da191a363fa267372605977fe001
e644548c86792b1f90ae112c8a0377419122be9d45a03221df99c3ab3ce198c8
e6a689bb8e2ab93a922269f3a5f0f37eab89045dd6a9669bbfa30323028d2653
e84a340caf47fb7f52d6d4eef3db512e84c911268acf1c5eb66b44887f343457
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
e920ae4bb1b402c4ad9d31bd5c6ecb65277f6020eb801fb3441b94d87e53f917
e9ce8afae03600db59109b564730525fd955e46ce83f14bab377dfd7647d392d
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
eb0b44522322e3379c9c3519c63813eab096880b9860a50a17712c5f085580e3
eb8984b2c492438738712e3ac335feece4640008318654cbe35ac9ad06c41ea2
ebcc4bc4a44b563fe22be877da599d09f4901392b2359ec506b9ca3818a6d313
ec081d69e074278a6e06d15954db9b07e7a6419388e9bc82aabf66161e64b02f
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec7c4c90e31092c6253cddb718655a1e3ac5f4f83425b1e16d54b25ff80f263f
ed748eabea3237e3fa0cac6fb04d0b8e64f937cf5a717105ed3dc1f3c6e0e20d
edc7421be3d8be848703191314fe053532fb8736678ba596cc9a505a0a54720f
edf77ee39ae244062a1940991c0782b8d61798908ceb9baeedd81419e63416da
ee02bda6b79afe3baee262f70c9c4ec750cad28d068e1f2834ef7dca3ef83e8b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd5ad608d8f3603b3eb9ca9f2c65ed45d7ca18acd0296fe5fc24b150eb4c4e9
efd9e824a1e4ebcc1191decc082d4718bc50ca3ac692bb9529753d4cc97c5ecc
f1672b6adb575ab5321d426ebcca1e8b00217bfb2704fb41797f0dc91f5f5061
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4f039602be2038e0926a327c4d74c12faa59101f87717ad7ea6f145a11c2401
f5010764339d94d1fa6a5cc219dd0ab07cfca326a11e866768b80d6081773950
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f70f5abc18bf684f6addecfea3e23698643d31a4aed6d1fff2f336097aa1172e
f9d061f3e4ee1b8551d5d1c322ecc1e6ab2bed7c9bf06aaf17c1d0719afa2cd7
fb7e70becd9b9f29c4afe8b2b82eef24739e120c0abafc812e24c8362657f37d
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e
fc67a0da87266fb0a131fadf1c593c71f2c20cc2b4f0263e256e742f36275502
fd6de22bea23412c07dea5014cb261e95a237556c30b6f3ec0a032d787faf0c9
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
ff033508b8624a0129f8ea258ac6173094026133ce8bc8a33aeb7bddcf7ab33d
ff17f08db808e813e0f3270329ce38e06376065502acddb467d39eea8d84d67c
ff7bd2e700fb2c3b244648edafccb3871300629d5fb042a2110fef675aab3ebe