urlscan.io logo urlscan.io
SecurityTrails logo

thetruedefender.com Open in urlscan Pro
2606:4700:20::681a:842  Public Scan

Go To Rescan Add Verdict Report
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Submission: On November 01 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 76 IPs in 12 countries across 80 domains to perform 403 HTTP transactions. The main IP is 2606:4700:20::681a:842, located in United States and belongs to CLOUDFLARENET, US. The main domain is thetruedefender.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 5th 2021. Valid for: a year.
This is the only time thetruedefender.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
33 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2600:9000:215... 16509 (AMAZON-02)
2 2600:9000:215... 16509 (AMAZON-02)
4 192.0.77.2 2635 (AUTOMATTIC)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
7 192.0.77.37 2635 (AUTOMATTIC)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 143.204.98.22 16509 (AMAZON-02)
2 192.0.76.3 2635 (AUTOMATTIC)
2 2600:9000:215... 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
9 95.216.186.40 24940 (HETZNER-AS)
3 172.217.18.98 15169 (GOOGLE)
4 199.232.196.134 54113 (FASTLY)
9 2a00:1450:400... 15169 (GOOGLE)
3 104.154.142.214 15169 (GOOGLE)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
5 147.75.38.124 54825 (PACKET)
5 185.184.8.65 204995 (RTB-HOUSE...)
10 31 37.252.173.215 29990 (ASN-APPNEX)
5 60 2606:4700:10:... 13335 (CLOUDFLAR...)
10 212.77.99.29 12827 (WIRTUALNA...)
11 2606:4700:10:... 13335 (CLOUDFLAR...)
5 178.250.2.131 44788 (ASN-CRITE...)
15 51.89.9.252 16276 (OVH)
5 185.86.139.58 201081 (SMARTADSE...)
1 16 88.212.252.22 7979 (SERVERS-COM)
15 2600:9000:215... 16509 (AMAZON-02)
4 151.101.0.134 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
21 149.154.164.25 62041 (TELEGRAM)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 143.204.98.125 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 199.232.198.49 54113 (FASTLY)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638::3 44788 (ASN-CRITE...)
2 4 2a02:2638::1c 44788 (ASN-CRITE...)
3 178.250.0.157 44788 (ASN-CRITE...)
5 2.18.232.130 16625 (AKAMAI-AS)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
5 185.86.138.144 201081 (SMARTADSE...)
1 2600:9000:215... 16509 (AMAZON-02)
2 3 185.64.190.78 62713 (AS-PUBMATIC)
1 1 162.55.6.212 24940 (HETZNER-AS)
2 2 35.244.159.8 15169 (GOOGLE)
6 6 3.127.209.187 16509 (AMAZON-02)
1 1 146.0.227.110 29066 (VELIANET-...)
2 2 193.232.148.142 48061 (UMA-TECH-AS)
11 11 216.52.2.39 30282 (AS-INAPCD...)
5 5 31.172.81.158 44066 (DE-FIRSTC...)
2 3 31.172.81.172 44066 (DE-FIRSTC...)
13 13 3.126.56.137 16509 (AMAZON-02)
5 146.20.128.182 27357 (RACKSPACE)
10 178.162.133.149 60781 (LEASEWEB-...)
3 8 54.36.109.156 16276 (OVH)
15 15 213.19.147.45 26120 (RHYTHMONE)
10 15 3.33.220.150 16509 (AMAZON-02)
5 5 18.157.150.79 16509 (AMAZON-02)
10 10 18.159.140.98 16509 (AMAZON-02)
5 212.77.98.32 12827 (WIRTUALNA...)
1 151.236.71.146 204720 (CDNETWORKS)
8 35 2.18.234.21 16625 (AKAMAI-AS)
5 2.18.233.180 16625 (AKAMAI-AS)
11 11 142.250.185.226 15169 (GOOGLE)
5 10 52.46.154.242 16509 (AMAZON-02)
2 3 104.111.242.53 16625 (AKAMAI-AS)
2 2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 192.132.33.46 18568 (BIDTELLECT)
2 51.178.20.139 16276 (OVH)
3 3 52.18.183.31 16509 (AMAZON-02)
2 2 151.101.130.49 54113 (FASTLY)
2 2 3.125.99.7 16509 (AMAZON-02)
1 72.251.241.196 29791 (VOXEL-DOT...)
1 2a05:d018:d29... 16509 (AMAZON-02)
1 1 3.217.109.237 14618 (AMAZON-AES)
2 2 52.16.229.21 16509 (AMAZON-02)
2 2 66.155.71.25 13768 (COGECO-PEER1)
1 1 168.119.168.202 24940 (HETZNER-AS)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 54.174.249.39 14618 (AMAZON-AES)
2 2 89.108.119.43 197695 (AS-REG)
1 1 23.37.42.132 ()
2 23.79.143.124 ()
1 69.173.144.139 ()
1 2 2001:6d0:4001... ()
1 2 2a02:6b8::90 ()
1 82.145.213.8 ()
403 76
33    2606:4700:20::681a:842 (United States)

ASN13335 (CLOUDFLARENET, US)
thetruedefender.com
1    2600:9000:2156:5000:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.optad360.io
2    2600:9000:2156:d400:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
4    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com
i1.wp.com
i2.wp.com
1    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
c0.wp.com
2    2606:4700:10::ac43:264e (United States)

ASN13335 (CLOUDFLARENET, US)
users.api.jeeng.com
2    143.204.98.22 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-22.fra50.r.cloudfront.net
clientcdn.pushengage.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
2    2600:9000:2156:a00:b:6268:b880:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn1.lockerdomecdn.com
1    2600:9000:2156:6200:a:cbb7:a940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn2.lockerdomecdn.com
9    95.216.186.40 (Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.40.186.216.95.clients.your-server.de
xn--r1a.website
tlgr.org
3    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
securepubads.g.doubleclick.net
4    199.232.196.134 (United States)

ASN54113 (FASTLY, US)
thetruedefender-com.disqus.com
referrer.disqus.com
9    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
3    104.154.142.214 (United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com
lockerdome.com
1    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
5    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
5    185.184.8.65 (Poland)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
prebid-eu.creativecdn.com
31    37.252.173.215 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
60    2606:4700:10::6816:387e (United States)

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
sync.quantumdex.io
ms.quantumdex.io
10    212.77.99.29 (GdaÅ„sk, Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: ssp.wp.pl
ssp.wp.pl
11    2606:4700:10::6816:36ce (United States)

ASN13335 (CLOUDFLARENET, US)
i.connectad.io
cdn.connectad.io
sync-eu.connectad.io
5    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
15    51.89.9.252 (Germany)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
5    185.86.139.58 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
16    88.212.252.22 (Russian Federation)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
15    2600:9000:2156:a600:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
c.disquscdn.com
4    151.101.0.134 (United States)

ASN54113 (FASTLY, US)
disqus.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
21    149.154.164.25 (United Kingdom)

ASN62041 (TELEGRAM, VG)
cdn4.telesco.pe
2    2606:4700:20::681a:a19 (United States)

ASN13335 (CLOUDFLARENET, US)
rtb.adpone.com
3    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    143.204.98.125 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-125.fra50.r.cloudfront.net
assetscdn.pushengage.com
3    2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    199.232.198.49 (United States)

ASN54113 (FASTLY, US)
a.disquscdn.com
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:827::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
2    2606:4700::6810:a30d (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.viglink.com
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
5    2.18.232.130 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
5    185.86.138.144 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    2600:9000:2156:5600:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    162.55.6.212 (United States)

ASN24940 (HETZNER-AS, DE)
PTR: static.212.6.55.162.clients.your-server.de
csync.loopme.me
2    35.244.159.8 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
eu-u.openx.net
6    3.127.209.187 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-209-187.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    146.0.227.110 (Germany)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
inv-nets.admixer.net
2    193.232.148.142 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp3.sender.ltmse.com
px.adhigh.net
11    216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
5    31.172.81.158 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
3    31.172.81.172 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync3.adsniper.ru
sync3.sniperlog.ru
13    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
5    146.20.128.182 (San Antonio, United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
10    178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
8    54.36.109.156 (Germany)

ASN16276 (OVH, FR)
PTR: p07.id5-sync.com
id5-sync.com
15    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
15    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
5    18.157.150.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-150-79.eu-central-1.compute.amazonaws.com
match.sharethrough.com
10    18.159.140.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-140-98.eu-central-1.compute.amazonaws.com
pixel.advertising.com
5    212.77.98.32 (GdaÅ„sk, Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: wifi32.ras.wp.pl
std.wpcdn.pl
1    151.236.71.146 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)
cache.betweendigital.com
35    2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
5    2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
11    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net
10    52.46.154.242 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    104.111.242.53 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com
px.owneriq.net
2    2a02:fa8:8806:16::1370 (Sweden)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
2    51.178.20.139 (France)

ASN16276 (OVH, FR)
PTR: ns31193669.ip-51-178-20.eu
gu.dyntrk.com
3    52.18.183.31 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-183-31.eu-west-1.compute.amazonaws.com
d.adroll.com
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    3.125.99.7 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-99-7.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    72.251.241.196 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    2a05:d018:d29:3601:df82:91d9:7297:1e70 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    3.217.109.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-109-237.compute-1.amazonaws.com
nep.advangelists.com
2    52.16.229.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-229-21.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    66.155.71.25 (Southampton, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    168.119.168.202 (United States)

ASN24940 (HETZNER-AS, DE)
PTR: static.202.168.119.168.clients.your-server.de
bidswitch-eu.splicky.com
1    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    54.174.249.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-249-39.compute-1.amazonaws.com
um2.eqads.com
2    89.108.119.43 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51370.reg.regrucolo.ru
x01.aidata.io
1    23.37.42.132 (None, )

ASN- ()
secure-assets.rubiconproject.com
2    23.79.143.124 (None, )

ASN- ()
eus.rubiconproject.com
1    69.173.144.139 (None, )

ASN- ()
token.rubiconproject.com
2    2001:6d0:4001::226 (None, )

ASN- ()
www.tns-counter.ru
2    2a02:6b8::90 (None, )

ASN- ()
an.yandex.ru
1    82.145.213.8 (None, )

ASN- ()
t.adx.opera.com
Apex Domain
Subdomains		 Transfer
60 quantumdex.io
useast.quantumdex.io
sync.quantumdex.io
ms.quantumdex.io
10 KB
36 adnxs.com
ib.adnxs.com
acdn.adnxs.com
111 KB
35 casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
38 KB
33 thetruedefender.com
thetruedefender.com
415 KB
21 telesco.pe
cdn4.telesco.pe
1 MB
20 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
static.doubleclick.net
cm.g.doubleclick.net
200 KB
17 betweendigital.com
ads.betweendigital.com
cache.betweendigital.com
10 KB
16 disquscdn.com
c.disquscdn.com
a.disquscdn.com
547 KB
15 adsrvr.org
match.adsrvr.org
6 KB
15 onetag-sys.com
onetag-sys.com
9 KB
14 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
13 KB
13 wp.com
i1.wp.com
c0.wp.com
stats.wp.com
i2.wp.com
pixel.wp.com
441 KB
12 criteo.com
bidder.criteo.com
gum.criteo.com
mug.criteo.com
9 KB
11 lijit.com
ap.lijit.com
6 KB
11 connectad.io
i.connectad.io
cdn.connectad.io
sync-eu.connectad.io
4 KB
10 amazon-adsystem.com
s.amazon-adsystem.com
7 KB
10 advertising.com
pixel.advertising.com
3 KB
10 1rx.io
sync.1rx.io
6 KB
10 sonobi.com
sync.go.sonobi.com
5 KB
10 smartadserver.com
prg.smartadserver.com
rtb-csync.smartadserver.com
11 KB
10 wp.pl
ssp.wp.pl
2 KB
9 youtube.com
www.youtube.com Failed
692 KB
8 id5-sync.com
id5-sync.com
10 KB
8 pubmatic.com
image6.pubmatic.com
ads.pubmatic.com
27 KB
8 disqus.com
thetruedefender-com.disqus.com
disqus.com
referrer.disqus.com
links.services.disqus.com Failed
62 KB
7 tlgr.org
tlgr.org
108 KB
6 bidswitch.net
x.bidswitch.net
3 KB
5 wpcdn.pl
std.wpcdn.pl
136 KB
5 sharethrough.com
match.sharethrough.com
1 KB
5 unrulymedia.com
sync.targeting.unrulymedia.com
2 KB
5 lkqd.net
cs.lkqd.net
2 KB
5 bumlam.com
sync.bumlam.com
3 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
65 KB
5 creativecdn.com
prebid-eu.creativecdn.com
905 B
5 a-mo.net
prebid.a-mo.net
1 KB
4 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
11 KB
3 adroll.com
d.adroll.com
334 B
3 owneriq.net
px.owneriq.net
1 KB
3 lockerdome.com
lockerdome.com
5 KB
3 lockerdomecdn.com
cdn1.lockerdomecdn.com
cdn2.lockerdomecdn.com
22 KB
3 pushengage.com
clientcdn.pushengage.com
assetscdn.pushengage.com
26 KB
3 google-analytics.com
www.google-analytics.com
21 KB
3 optad360.io
cmp.optad360.io
get.optad360.io
232 KB
2 yandex.ru
an.yandex.ru
673 B
2 tns-counter.ru
www.tns-counter.ru
706 B
2 aidata.io
x01.aidata.io
1 KB
2 eqads.com
um2.eqads.com
563 B
2 sitescout.com
pixel-sync.sitescout.com
598 B
2 bidr.io
match.prod.bidr.io
1 KB
2 w55c.net
pm.w55c.net
2 KB
2 everesttech.net
sync-tm.everesttech.net
645 B
2 dyntrk.com
gu.dyntrk.com
430 B
2 dotomi.com
casale-match.dotomi.com
373 B
2 adsniper.ru
sync3.adsniper.ru
1 KB
2 adhigh.net
px.adhigh.net
821 B
2 openx.net
eu-u.openx.net
725 B
2 criteo.net
static.criteo.net
54 KB
2 viglink.com
cdn.viglink.com
532 B
2 adpone.com
rtb.adpone.com
2 KB
2 4dex.io
script.4dex.io
23 KB
2 xn--r1a.website
xn--r1a.website
18 KB
2 jeeng.com
users.api.jeeng.com
120 KB
1 opera.com
t.adx.opera.com
410 B
1 sniperlog.ru
sync3.sniperlog.ru
516 B
1 ad4m.at
ad4m.at
1 splicky.com
bidswitch-eu.splicky.com
221 B
1 advangelists.com
nep.advangelists.com
232 B
1 adgrx.com
cm.adgrx.com
408 B
1 bttrack.com
bttrack.com
380 B
1 admixer.net
inv-nets.admixer.net
582 B
1 loopme.me
csync.loopme.me
242 B
1 smaato.net
s.ad.smaato.net
240 B
1 adition.com
dsp.adfarm1.adition.com
487 B
1 ytimg.com
i.ytimg.com
70 KB
1 ggpht.com
yt3.ggpht.com
2 KB
1 google.com
www.google.com
14 KB
1 googleapis.com
fonts.googleapis.com
1 KB
1 jsdelivr.net
cdn.jsdelivr.net
1 KB
1 gravatar.com
secure.gravatar.com
39 KB
1 googletagmanager.com
www.googletagmanager.com
35 KB
403 80
Domain Requested by
50 sync.quantumdex.io get.optad360.io
sync.quantumdex.io
ssum-sec.casalemedia.com
33 thetruedefender.com thetruedefender.com
31 ib.adnxs.com 10 redirects get.optad360.io
acdn.adnxs.com
ssum-sec.casalemedia.com
21 cdn4.telesco.pe xn--r1a.website
20 dsum-sec.casalemedia.com 5 redirects ssum-sec.casalemedia.com
um2.eqads.com
16 ads.betweendigital.com 1 redirects get.optad360.io
ads.betweendigital.com
15 match.adsrvr.org 10 redirects ssum-sec.casalemedia.com
15 c.disquscdn.com thetruedefender-com.disqus.com
disqus.com
c.disquscdn.com
15 onetag-sys.com get.optad360.io
sync.quantumdex.io
cache.betweendigital.com
13 ssum-sec.casalemedia.com 3 redirects sync.quantumdex.io
ssum-sec.casalemedia.com
13 ups.analytics.yahoo.com 13 redirects
11 cm.g.doubleclick.net 11 redirects
11 ap.lijit.com 11 redirects
10 s.amazon-adsystem.com 5 redirects ssum-sec.casalemedia.com
10 pixel.advertising.com 10 redirects
10 sync.1rx.io 10 redirects
10 sync.go.sonobi.com sync.quantumdex.io
10 ssp.wp.pl get.optad360.io
9 www.youtube.com thetruedefender.com
c0.wp.com
www.youtube.com
8 id5-sync.com 3 redirects sync.quantumdex.io
7 tlgr.org xn--r1a.website
7 c0.wp.com thetruedefender.com
6 x.bidswitch.net 6 redirects
5 ads.pubmatic.com sync.quantumdex.io
5 std.wpcdn.pl ssp.wp.pl
5 ms.quantumdex.io 5 redirects
5 match.sharethrough.com 5 redirects
5 sync.targeting.unrulymedia.com 5 redirects
5 cs.lkqd.net sync.quantumdex.io
5 sync.bumlam.com 5 redirects
5 rtb-csync.smartadserver.com
5 cdn.connectad.io get.optad360.io
5 acdn.adnxs.com get.optad360.io
5 prg.smartadserver.com get.optad360.io
5 bidder.criteo.com get.optad360.io
5 i.connectad.io get.optad360.io
5 useast.quantumdex.io get.optad360.io
5 prebid-eu.creativecdn.com get.optad360.io
5 prebid.a-mo.net get.optad360.io
4 gum.criteo.com 2 redirects static.criteo.net
4 disqus.com thetruedefender-com.disqus.com
c.disquscdn.com
3 d.adroll.com 3 redirects
3 px.owneriq.net 2 redirects ssum-sec.casalemedia.com
3 image6.pubmatic.com 2 redirects ads.pubmatic.com
3 mug.criteo.com
3 stats.g.doubleclick.net lockerdome.com
3 fonts.gstatic.com www.youtube.com
fonts.googleapis.com
3 lockerdome.com cdn2.lockerdomecdn.com
3 securepubads.g.doubleclick.net get.optad360.io
securepubads.g.doubleclick.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 i1.wp.com thetruedefender.com
2 an.yandex.ru 1 redirects
2 www.tns-counter.ru 1 redirects
2 eus.rubiconproject.com cache.betweendigital.com
eus.rubiconproject.com
2 x01.aidata.io 2 redirects
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 pixel-sync.sitescout.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 pm.w55c.net 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 gu.dyntrk.com ssum-sec.casalemedia.com
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 casale-match.dotomi.com 2 redirects
2 sync3.adsniper.ru 2 redirects
2 px.adhigh.net 2 redirects
2 eu-u.openx.net 2 redirects
2 static.criteo.net get.optad360.io
static.criteo.net
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 cdn.viglink.com thetruedefender.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 referrer.disqus.com c.disquscdn.com
thetruedefender.com
2 rtb.adpone.com get.optad360.io
2 script.4dex.io get.optad360.io
script.4dex.io
2 thetruedefender-com.disqus.com thetruedefender.com
2 xn--r1a.website thetruedefender.com
tlgr.org
2 cdn1.lockerdomecdn.com thetruedefender.com
cdn1.lockerdomecdn.com
2 clientcdn.pushengage.com thetruedefender.com
clientcdn.pushengage.com
2 users.api.jeeng.com thetruedefender.com
users.api.jeeng.com
2 get.optad360.io thetruedefender.com
get.optad360.io
1 t.adx.opera.com
1 token.rubiconproject.com eus.rubiconproject.com
1 secure-assets.rubiconproject.com 1 redirects
1 sync3.sniperlog.ru
1 ad4m.at ssum-sec.casalemedia.com
1 bidswitch-eu.splicky.com 1 redirects
1 nep.advangelists.com 1 redirects
1 pr-bh.ybp.yahoo.com ssum-sec.casalemedia.com
1 cm.adgrx.com ssum-sec.casalemedia.com
1 bttrack.com ssum-sec.casalemedia.com
1 sync-eu.connectad.io cdn.connectad.io
1 cache.betweendigital.com ads.betweendigital.com
1 inv-nets.admixer.net 1 redirects
1 csync.loopme.me 1 redirects
1 s.ad.smaato.net
1 dsp.adfarm1.adition.com 1 redirects
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 a.disquscdn.com thetruedefender.com
1 assetscdn.pushengage.com thetruedefender.com
1 fonts.googleapis.com xn--r1a.website
1 cdn.jsdelivr.net get.optad360.io
1 secure.gravatar.com thetruedefender.com
1 pixel.wp.com thetruedefender.com
1 i2.wp.com thetruedefender.com
1 cdn2.lockerdomecdn.com thetruedefender.com
1 stats.wp.com thetruedefender.com
1 www.googletagmanager.com thetruedefender.com
1 cmp.optad360.io thetruedefender.com
0 links.services.disqus.com Failed c.disquscdn.com
403 111
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-01-05 -
2022-01-04		 a year crt.sh
*.optad360.io
Amazon		 2020-12-17 -
2022-01-15		 a year crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
jeeng.com
Cloudflare Inc ECC CA-3		 2021-09-13 -
2022-09-12		 a year crt.sh
*.pushengage.com
Amazon		 2021-01-27 -
2022-02-24		 a year crt.sh
*.lockerdomecdn.com
Amazon		 2021-02-24 -
2022-03-25		 a year crt.sh
xn--r1a.website
R3		 2021-10-28 -
2022-01-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.disqus.com
DigiCert SHA2 Secure Server CA		 2020-04-20 -
2022-05-09		 2 years crt.sh
*.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.lockerdome.com
Go Daddy Secure Certificate Authority - G2		 2021-09-27 -
2022-10-29		 a year crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-11-16		 2 years crt.sh
*.a-mo.net
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.wp.pl
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-05 -
2022-03-14		 a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2021-05-16 -
2022-05-15		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
onetag-sys.com
R3		 2021-10-14 -
2022-01-12		 3 months crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-06 -
2022-02-16		 2 years crt.sh
a.disquscdn.com
Amazon		 2021-10-31 -
2022-11-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
tlgr.org
R3		 2021-10-26 -
2022-01-24		 3 months crt.sh
*.telesco.pe
Go Daddy Secure Certificate Authority - G2		 2020-03-10 -
2022-04-13		 2 years crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.disquscdn.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
ssl1029306.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2021-07-12 -
2022-06-30		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
s.ad.smaato.net
Amazon		 2021-09-21 -
2022-10-20		 a year crt.sh
*.lkqd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-09 -
2022-07-14		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.wpcdn.pl
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-05-14 -
2022-05-15		 a year crt.sh
cache.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2019-11-08 -
2022-02-05		 2 years crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.id5-sync.com
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
*.dyntrk.com
R3		 2021-10-23 -
2022-01-21		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2022-02-16		 6 months crt.sh
um3.eqads.com
Amazon		 2021-06-26 -
2022-07-25		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-14 -
2022-06-10		 a year crt.sh

This page contains 64 frames:

Primary Page: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Frame ID: 3E3DE6CA201D806409060A8964C1158D
Requests: 145 HTTP requests in this frame

Frame: https://xn--r1a.website/s/TheTrueDefender
Frame ID: D00E65797A9A1BC36D85ACB1368B8B7B
Requests: 34 HTTP requests in this frame

Frame: https://www.youtube.com/embed/sWMKxJSjfo8?feature=oembed
Frame ID: 596C36466E6D30182BAE2A1D13C1C7B1
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/sWMKxJSjfo8?feature=oembed
Frame ID: EFFBD6CA0D1E304159B6318073E6EB1B
Requests: 18 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13997836195017830?pubid=ld-5318-880&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Frame ID: 638B252E8EC688CC11500F8F26F7ADCB
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/14009642120598886?pubid=ld-7836-312&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Frame ID: ACC2EB06F069D1AE7FC8DB4B0B1804E4
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/14447308783736934?pubid=ld-14447308783736934&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=1560
Frame ID: 1559ED5318F1E8FD041AFEE24DFEA4D0
Requests: 2 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34394%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34394&t_u=https%3A%2F%2Fthetruedefender.com%2Fbiden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself%2F&t_e=Biden%20Almost%20Expelled%20From%20The%20G20%20Summit%20Stage%20In%20Rome!%20He%20Was%20Talking%20To%20Himself!&t_d=Biden%20Almost%20Expelled%20From%20The%20G20%20Summit%20Stage%20In%20Rome!%20He%20Was%20Talking%20To%20Himself!&t_t=Biden%20Almost%20Expelled%20From%20The%20G20%20Summit%20Stage%20In%20Rome!%20He%20Was%20Talking%20To%20Himself!&s_o=default
Frame ID: F7B84F9E8CAB28E52857AC70DEF2C4A4
Requests: 16 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 46822FFFF46440B29C1ADEB389341BC3
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: BD9A29168A6AFA49CBD2AA4926A35B5D
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=thetruedefender.com
Frame ID: B05434F1202A77ADBF6134A61D944A35
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8188973B95E78558B1BFF14C5D0D5168
Requests: 3 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: BC96CBD8BDAE0D11BDB0F474C482EB2C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 90CF5C5D6000060A1608BA1666141149
Requests: 3 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: FB419678100CDDBF310D39D0B2718843
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: 87C46BC5CAA8ECC8E6430EBDABAAB665
Requests: 12 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: F51C1431D2791116B5E8442D799BAC38
Requests: 2 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: DBBCBB6B89A08A234462E2A2B98FE6D3
Requests: 5 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: F1FFA886F5066D1942F203BF3839BC6D
Requests: 2 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: BD41FFBE4BAC506B3A5D575F98C5EAA8
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 588AAB0DD32EBD0906F8C4B8843D3E45
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1635731319690
Frame ID: 531636CA1F8DD833677E29287CC3907E
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: 3BD59750D59DE18870E450B8C87BE081
Requests: 12 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 3A572764BC50CF752EC18C08B29AEB61
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BC9C504B9773191C26D2A62D3ADDB07A
Requests: 3 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: 21BC68D58EBDAEF5198F6354C4E47DA4
Requests: 12 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2A0DF2F2C1101AF7BE03194CCFA56C5C
Requests: 3 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 7FB3F38368A3A5265E337CC46FD8898C
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1635731319723
Frame ID: 78DCF84B49CA5C66E678A0974B30363D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9C0099D264E3D5F3CB6B7E443B8C8CBB
Requests: 3 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: D2F155CECCB759B173070AC4F00AA894
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: ADA1C7C92257B437FEED5368685D2553
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: C2D8207C1B348E049A9FBCAEBEFE55CF
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: 02917D3BCE5DF6C3D3A5E24053DF0FF8
Requests: 12 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 3EA77347682C2490473F186AFE6E5A70
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: B95314636CD617F671D15C908B472500
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: 676B99CC7E17B3568DAE17586AB62660
Requests: 12 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 5A349FCE3DCB542F0584E15DCD8A5720
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1635731319689
Frame ID: 19B3943A3F52E9F15CABE03A1C584A7F
Requests: 1 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=fc0ef1b3-bc48-5131-8fa1-9f99eeded8ee&CACHEBUSTER=205705
Frame ID: 29C8EC8916B775D969A55AAB9934B2B9
Requests: 7 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 03110B7F7CDF8E9E82DFA0E50BDB7951
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 4F340E499939A830E71D008B2D6BB2EB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: AF67B3A50721DBE65B9318207F96DC59
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 7CD30F3408BA37654AA352A1D4AAC936
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 8DCE15FB36CCE054CC2111D4A87CD125
Requests: 9 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 47F7D0132238770357625EA10B3232DF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: EFA46087D4EDFFC6A0F3706C3403C67D
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: E77986E55F382D040D745BEE890F0E93
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: FBE5F0A71DF65D3F083FED92A25B2814
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: DA3E592AB4A48B30C45D4264CABCA4DA
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 6049BA088E92D3CAF726E54AA0DD2D70
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 9676F148CD868F60F01862D857E62769
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: A60AD1DC785ABB47F4C80CBF1AC7E572
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: F0BFCA9E0877F232B02E6C7D22027956
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 5B0A7157425D670D9153ADBF95F73C8B
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 748B43296CEA0A9005CADF98DDBBE0D9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 1353D58AF7905FC5C7D488412519CEB8
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: AC08D93E5C196538F57922A82B9BD4A4
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: C816C6745E345F31046483256E1C2932
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 45807CA537620FAB962420C22008EA73
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1
Frame ID: AAB3DF9740E65422BBAE74477EF963F7
Requests: 1 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 00E951DA43E764823056CCC94080E50B
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: B4B3CDFB040B6EDC90F6E1CE9AD6EFE4
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: BDDEFC7A16E4B31D6569194235BD6531
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Biden Almost Expelled From The G20 Summit Stage In Rome! He Was Talking To Himself! - The True Defender !

Page Statistics

403
Requests

78 %
HTTPS

35 %
IPv6

80
Domains

111
Subdomains

76
IPs

12
Countries

4630 kB
Transfer

10326 kB
Size

82
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 190
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 213
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=thetruedefender.com&sn=ChromeSyncframe&so=0&topUrl=thetruedefender.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=TQBVgHxEdFR0UGhSRE1CSm8za0VKTHkzRnhwVE1JOXFaejlhVFhENHRQMjM1ejV4bUNYRFFUNmh4VGpHUGlTU2p3R0laMlY4MTVQTTgyMVlwSDc0UlZZa1VIZFllK0FKQVd6TGdEbUZ5WXhObm5BaXZPeDZDLytnckU1amhkbTEzMENGc1cyT1VQSFpRVDF0S0dSTWdITUtxTEV5TjlYVFdQVkE1TTY3dkJqMGd3U0ZOVDhkVThYVlcwUzRVWlMwdmszNGZxQjBUQ2Y4YlJiUXdWZkJRbms0NmxmUTVyVlAxbGJqN1JjalFablpQUnhTdnh3d1NmMitveE5RcFRFTTQwR0o2ME9DVjgxY3k2aXlZam5wK2JvS0trUT09fA&cppv=2
Request Chain 216
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthetruedefender.com%2F&domain=thetruedefender.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=fkFrVXwxa2lRaWRLK2R5bmx2bXErQjYrZksxRkJHdEg2NlYyY3ByZGk5b1JtSXgvMnpxbzZLenREdFloWG1udG9xamc3RVR6eGxQcERzN3hnT0xVaWtRdHVNRXV6SUFveEducVJEUzlGdHkxak13RUJNemJ5UTdPaUJJdG1Hby9nbFB4MEFvNnQyTjRZNFpmOXdRdDBYS3dDSVplZDNwSFJBa2dsTWNhdjVLbWNpMC9QdGptS2gwWnZhanB4dE5EVXpOVlJrZ3VKM2NXZkdrUGlkUEJ6eVlqblUzTldTcTVQelFKeFdyUVVDQ0ZCR3V4Umdpc09JVm5MdDNXMGdCU3F2MkoyTXNER2dTaWJXMFFxYWpzNm1TMTlDZkhPQ1h5NmNKbld5RTlaa0ZheGhLRT18&cppv=2
Request Chain 246
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7025412537328466064&gdpr=0&gdpr_consent=
Request Chain 249
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT&gdpr=0&gdpr_consent=&rdf=1 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=45D82A35-8016-4EDD-86FF-9E673E2D9254&gdpr=0&gdpr_consent=
Request Chain 250
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=bea6d3f0-2a63-4863-a682-083f342a5a44&gdpr_consent=null&gdpr=0
Request Chain 251
  • https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://eu-u.openx.net/w/1.0/cm?cc=1&id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=fa70d7da-8988-03d3-2c13-6d9a449b57e8&gdpr=0&gdpr_consent=
Request Chain 253
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dbetween%26bsw_param%3D5c09b74c-07e2-4ada-a245-d453efdf34a0%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=374bbd348b16427e8c2bbb7a16289d57&ssp=between&bsw_param=5c09b74c-07e2-4ada-a245-d453efdf34a0&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=5c09b74c-07e2-4ada-a245-d453efdf34a0
Request Chain 254
  • https://px.adhigh.net/p/cm/btw HTTP 302
  • https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=u6ajsFLsS64R.AikABlF82S86Vw
Request Chain 255
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.betweendigital.com/match?bidder_id=114&external_user_id=8b4d96fa2b033cedb12316be
Request Chain 256
  • https://sync.bumlam.com/?src=bw1&uid=fc0ef1b3-bc48-5131-8fa1-9f99eeded8ee HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABj7jv2LBlIFvp7KygpiJGZjMGVmMWIzLWJjNDgtNTEzMS04ZmExLTlmOTllZWRlZDhlZQ** HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARj7jv2LBlIFvp7KygpiJGZjMGVmMWIzLWJjNDgtNTEzMS04ZmExLTlmOTllZWRlZDhlZaIBENhdmgY6tRHshuAAJZDAZHw* HTTP 302
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQABj7jv2LBmIkZmMwZWYxYjMtYmM0OC01MTMxLThmYTEtOWY5OWVlZGVkOGVlogEQ2F2aBjq1EeyG4AAlkMBkfA** HTTP 302
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQARj7jv2LBmIkZmMwZWYxYjMtYmM0OC01MTMxLThmYTEtOWY5OWVlZGVkOGVlogEQ2F2aBjq1EeyG4AAlkMBkfA** HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=18&external_user_id=d85d9a06-3ab5-11ec-86e0-002590c0647c
Request Chain 257
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3872160515926359340
Request Chain 258
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Cq4HpHJE2uGJxGcgEXTfmPags0hDi2DkrI2WHbw-~A
Request Chain 259
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=172ba493ac3cd383ad4dde4b
Request Chain 262
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Request Chain 263
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6601327965 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6601327965 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/0f51f656-4a2e-4b17-be16-8af6bf3473c9 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-3c1269d2-6f4c-4623-ac37-b360c8b930a0-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-3c1269d2-6f4c-4623-ac37-b360c8b930a0-003 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-3c1269d2-6f4c-4623-ac37-b360c8b930a0-003
Request Chain 264
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=e1734503-a0b6-41cf-9923-a6e65ad9bc58
Request Chain 265
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3872160515926359340
Request Chain 266
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=322d8bd1-e2ea-4f81-a5af-14c5f358b79b
Request Chain 267
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPd84ed7f9-3ab5-11ec-8648-0226963cdaa0 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd84ed7f9-3ab5-11ec-8648-0226963cdaa0
Request Chain 268
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3872160515926359340
Request Chain 269
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Cq4HpHJE2uGJxGcgEXTfmPags0hDi2DkrI2WHbw-~A
Request Chain 270
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=172ba493ac3cd383ad4dde4b
Request Chain 273
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Request Chain 274
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=850048702 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=850048702 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/0f51f656-4a2e-4b17-be16-8af6bf3473c9 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-3c1269d2-6f4c-4623-ac37-b360c8b930a0-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-3c1269d2-6f4c-4623-ac37-b360c8b930a0-003 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-3c1269d2-6f4c-4623-ac37-b360c8b930a0-003
Request Chain 275
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=ae3e1db8-8f0a-446c-86ba-86d4dea649cc
Request Chain 276
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3872160515926359340
Request Chain 277
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=1951543e-bab3-4163-ab46-10727e79b313
Request Chain 278
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPd84ed7f9-3ab5-11ec-8648-0226963cdaa0 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd84ed7f9-3ab5-11ec-8648-0226963cdaa0
Request Chain 282
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Request Chain 283
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Cq4HpHJE2uGJxGcgEXTfmPags0hDi2DkrI2WHbw-~A
Request Chain 284
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3872160515926359340
Request Chain 285
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2811905930 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2811905930 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/0f51f656-4a2e-4b17-be16-8af6bf3473c9 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-3c1269d2-6f4c-4623-ac37-b360c8b930a0-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-3c1269d2-6f4c-4623-ac37-b360c8b930a0-003 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-3c1269d2-6f4c-4623-ac37-b360c8b930a0-003
Request Chain 286
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2910dcf5-2271-4a06-88ec-e3e54af9c217
Request Chain 287
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3872160515926359340
Request Chain 288
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=12a51d21-bfb2-42dc-9d18-e000beba3495
Request Chain 290
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPd84ed7f9-3ab5-11ec-8648-0226963cdaa0 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd84ed7f9-3ab5-11ec-8648-0226963cdaa0
Request Chain 291
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=30ca94a4c8fd86775a6cdb2d
Request Chain 294
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Request Chain 298
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Request Chain 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3872160515926359340
Request Chain 303
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6646108083 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6646108083 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/0f51f656-4a2e-4b17-be16-8af6bf3473c9 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-3c1269d2-6f4c-4623-ac37-b360c8b930a0-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-3c1269d2-6f4c-4623-ac37-b360c8b930a0-003 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-3c1269d2-6f4c-4623-ac37-b360c8b930a0-003
Request Chain 304
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2910dcf5-2271-4a06-88ec-e3e54af9c217
Request Chain 305
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3872160515926359340
Request Chain 306
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=87fa8b3e-aef7-4cbb-be7d-a54af99ead49
Request Chain 308
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPd84ed7f9-3ab5-11ec-8648-0226963cdaa0 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd84ed7f9-3ab5-11ec-8648-0226963cdaa0
Request Chain 309
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Cq4HpHJE2uGJxGcgEXTfmPags0hDi2DkrI2WHbw-~A
Request Chain 310
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=30ca94a4c8fd86775a6cdb2d
Request Chain 316
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Request Chain 317
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3872160515926359340
Request Chain 318
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4942660274 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4942660274 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/0f51f656-4a2e-4b17-be16-8af6bf3473c9 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-3c1269d2-6f4c-4623-ac37-b360c8b930a0-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-3c1269d2-6f4c-4623-ac37-b360c8b930a0-003 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-3c1269d2-6f4c-4623-ac37-b360c8b930a0-003
Request Chain 319
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2910dcf5-2271-4a06-88ec-e3e54af9c217
Request Chain 320
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3872160515926359340
Request Chain 321
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=a1523f1a-fec2-4d56-97f5-636ff2b0c427
Request Chain 323
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPd84ed7f9-3ab5-11ec-8648-0226963cdaa0 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd84ed7f9-3ab5-11ec-8648-0226963cdaa0
Request Chain 324
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=30ca94a4c8fd86775a6cdb2d
Request Chain 325
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Cq4HpHJE2uGJxGcgEXTfmPags0hDi2DkrI2WHbw-~A
Request Chain 346
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YX9He08mG63Ryzj4R9.cKgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG8Mb6DI2nFS9p3armMc8gM&google_cver=1&gdpr=1&google_hm=2
Request Chain 347
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YX9He08mG63Ryzj4R9-cKgAABMIAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJc3Mo2E0XtXA_Aj_GXoLAU&google_cver=1
Request Chain 348
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX9He08mG63Ryzj4R9-cKgAABMIAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX9He08mG63Ryzj4R9-cKgAABMIAAAIB&dcc=t
Request Chain 349
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6890177231130174202&uid=Q6890177231130174202&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 350
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1635817723&gdpr=1
Request Chain 355
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YX9He08mG63Ryzj4R9-cKgAABMIAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJc3Mo2E0XtXA_Aj_GXoLAU&google_cver=1
Request Chain 356
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YX9He08mG63Ryzj4R9.cKgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG8Mb6DI2nFS9p3armMc8gM&google_cver=1&gdpr=1&google_hm=2
Request Chain 357
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX9He08mG63Ryzj4R9-cKgAABMIAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX9He08mG63Ryzj4R9-cKgAABMIAAAIB&dcc=t
Request Chain 358
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 360
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YX9HewAAAVArRwBG HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YX9HewAAAVArRwBG&gdpr=1&_test=YX9HewAAAVArRwBG
Request Chain 361
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1635817723&gdpr=1
Request Chain 363
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX9He08mG63Ryzj4R9-cLQAABJAAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX9He08mG63Ryzj4R9-cLQAABJAAAAIB&dcc=t
Request Chain 365
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YX9He08mG63Ryzj4R9-cLQAABJAAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJc3Mo2E0XtXA_Aj_GXoLAU&google_cver=1
Request Chain 366
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YX9He08mG63Ryzj4R9.cKgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG8Mb6DI2nFS9p3armMc8gM&google_cver=1&gdpr=1&google_hm=2
Request Chain 367
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=Hw8hIMKs1MHmrh5&gdpr=1
Request Chain 370
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 372
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX9He08mG63Ryzj4R9-cKgAABMIAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX9He08mG63Ryzj4R9-cKgAABMIAAAIB&dcc=t
Request Chain 374
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YX9He08mG63Ryzj4R9-cKgAABMIAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJc3Mo2E0XtXA_Aj_GXoLAU&google_cver=1
Request Chain 375
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YX9He08mG63Ryzj4R9.cKgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG8Mb6DI2nFS9p3armMc8gM&google_cver=1&gdpr=1&google_hm=2
Request Chain 376
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-a7772fb8-13aa-4e81-9fa1-ebc7de1c0400
Request Chain 378
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAKrIU7C_o8AAB7TPZB7vQ&expiration=1636940923&gdpr=1
Request Chain 379
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1638323323
Request Chain 381
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=between&bsw_custom_parameter=5c09b74c-07e2-4ada-a245-d453efdf34a0 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=between&expires=10&bsw_param=5c09b74c-07e2-4ada-a245-d453efdf34a0 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=5c09b74c-07e2-4ada-a245-d453efdf34a0
Request Chain 382
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YX9He08mG63Ryzj4R9-cKgAABMIAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJc3Mo2E0XtXA_Aj_GXoLAU&google_cver=1
Request Chain 383
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YX9He08mG63Ryzj4R9.cKgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG8Mb6DI2nFS9p3armMc8gM&google_cver=1&gdpr=1&google_hm=2
Request Chain 385
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX9He08mG63Ryzj4R9-cKgAABMIAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX9He08mG63Ryzj4R9-cKgAABMIAAAIB&dcc=t
Request Chain 387
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1638323323
Request Chain 388
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 390
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 391
  • https://sync.bumlam.com/?src=aid0 HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=d85d9a06-3ab5-11ec-86e0-002590c0647c HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=d85d9a06-3ab5-11ec-86e0-002590c0647c&bounce=1 HTTP 302
  • https://sync.bumlam.com/?src=aid1&uid=p5wbrxVCjLSGlGWGKNRDog& HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=p5wbrxVCjLSGlGWGKNRDog&extra2=aidata HTTP 302
  • https://sync3.sniperlog.ru/?src=ggl&extra1=p5wbrxVCjLSGlGWGKNRDog&extra2=aidata&google_gid=CAESEDuW77BOoigzFbfPa200E8g&google_cver=1
Request Chain 398
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Request Chain 401
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/205705 HTTP 302
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/205705
Request Chain 402
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=fc0ef1b3-bc48-5131-8fa1-9f99eeded8ee&expires=60 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=5c09b74c-07e2-4ada-a245-d453efdf34a0&gdpr=&gdpr_consent=
Request Chain 404
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2Ffc0ef1b3-bc48-5131-8fa1-9f99eeded8ee HTTP 302
  • https://an.yandex.ru/mapuid/betweendigitalis/fc0ef1b3-bc48-5131-8fa1-9f99eeded8ee HTTP 302
  • https://an.yandex.ru/mapuid/betweendigitalis/fc0ef1b3-bc48-5131-8fa1-9f99eeded8ee?redir-setuniq=1

403 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/ 		222 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0428c13ff57781d86804da6cedb692094c3b6d893b241a21f9e8a4205e252b15

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
content-type
text/html; charset=UTF-8
cf-ray
6a717642b836d61c-MXP
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://thetruedefender.com/wp-json/>; rel="https://api.w.org/", <https://thetruedefender.com/wp-json/wp/v2/posts/34394>; rel="alternate"; type="application/json", <https://thetruedefender.com/?p=34394>; rel=shortlink
vary
Accept-Encoding,User-Agent
cf-cache-status
BYPASS
cf-apo-via
origin,no-cache
cf-edge-cache
cache,platform=wordpress
cf-railgun
direct (starting new WAN connection)
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pragma
no-cache
x-pingback
https://thetruedefender.com/xmlrpc.php
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R5fQAs4N9jLY586saLGeNx7wbTSDRVX%2BBReHir1syz%2FvTEwR3oU9MemqXpCHFjM%2Booap8qnr4ewgFihCK1h3qfEIHFeBPvW%2BfbroDvA5klwWRai9wdDDeFJIxu1pi1Okb%2BFSSenjrEN42Zo9sYR5bmw%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
f8ec1629-32c3-44fb-be24-9764b22efcd2.min.js
cmp.optad360.io/items/ 		2 B
358 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.optad360.io/items/f8ec1629-32c3-44fb-be24-9764b22efcd2.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5000:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:40 GMT
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
last-modified
Thu, 28 Oct 2021 09:48:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"99914b932bd37a50b983c5e7c90ae93b"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
2
x-amz-cf-id
kWivJYBYT_KOmHW84PyBf-vOKWEIGo3Dk-ceA2lsvll5j8O7mdrdyQ==
plugin.min.js
get.optad360.io/sf/ab4db02e-f004-4923-8d56-ed722ad49704/ 		384 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/ab4db02e-f004-4923-8d56-ed722ad49704/plugin.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:d400:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b27e0fd58dabc8c58c7944cfda0a7fcdefcab27547fbe4d939b27d93af483ca2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:01:17 GMT
content-encoding
gzip
last-modified
Fri, 29 Oct 2021 09:22:37 GMT
server
AmazonS3
age
2843
etag
W/"274e65d5213db929459b72fc2944ec63"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
CVw-2-ok3TOw2xcebI8pjIIcyuKVHceTSfZKcsC26AmAPB32BBelmQ==
this.png
thetruedefender.com/wp-content/uploads/2021/01/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thetruedefender.com/wp-content/uploads/2021/01/this.png
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efd9e824a1e4ebcc1191decc082d4718bc50ca3ac692bb9529753d4cc97c5ecc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2149
cf-polished
origSize=21749
content-length
19502
last-modified
Tue, 05 Jan 2021 23:49:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U3TlzKfuPy%2B4lPKW4JidiaPFZVrH%2F2U8nTl755O%2Fz6j%2B9Xc8LqrkZNTCKH2fFWKL%2FpUqRJFQmoDGsdP7Js%2FolwfOfyJwmSGpTYXY6GzuCEj12DWIXsGDtpZeDUmHOPAlgpGDexq1MNWEZiIxkl%2BiZw0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6a717648fa69d61c-MXP
cf-bgj
imgq:100,h2pri
Capture-357.png
i1.wp.com/thetruedefender.com/wp-content/uploads/2021/10/ 		266 KB
267 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/thetruedefender.com/wp-content/uploads/2021/10/Capture-357.png?resize=780%2C444&ssl=1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
f7d50018e8f90fed92e85b97dd6f8f6294c488c7de11ee92bec3923dbe692d4e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT ams 6
date
Mon, 01 Nov 2021 01:48:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 31 Oct 2021 12:11:34 GMT
server
nginx
etag
"9826ca3e4ae5b362"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://thetruedefender.com/wp-content/uploads/2021/10/Capture-357.png>; rel="canonical"
content-length
272278
expires
Wed, 01 Nov 2023 00:11:34 GMT
tielabs-fonticon.woff
thetruedefender.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82649ad7d4ec9c61f1e525b2dade75153ffb03610b88d22e1ba3ba98fd55de81

Request headers

Referer
https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
2150
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uXuObK9OeSF8sm6wu0nZjgqmHAEu22H3bWkiGCnplM96IZzKVRhUN0eXXgxznme5yVENPgLfymuZOV0Y6Kj83ZT475QbGPcffegV1oUSVhXrcG0IZ9EDgy3T4I5mOVGXPS8fdGBB83ahaeEdnjUHKZs%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a7176484a08d61c-MXP
fa-solid-900.woff2
thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/ 		78 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-solid-900.woff2
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Request headers

Referer
https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
2150
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lmGZAx4BQJ4Fe7fDJy6gLbIQ5o1Ra5R8hsoFbTuNjV9vPijFvQrbflQT8zaJII%2FfjGPikK1%2FBDG3NmxNkCCwSkwhqQkT1%2FEuDGMU1Lh5o2aBcki3UTjDUEz%2Fz0Sx1ja0G0%2FC6P3Uz6f7bCGIiVOC4co%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a7176485a0ad61c-MXP
fa-brands-400.woff2
thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-brands-400.woff2
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29

Request headers

Referer
https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
2150
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zEMYbVX4%2FE%2BKFwdzFSZRGXD12vj9j8ejdTlnMhvOf4Kw9sJ4W%2B%2BARGnAmEOH0O%2BF19eAohRFM0PYitXd7Can6DAEa4SjcvRvCZ8a2l7%2FjS4uJ3lwj22SqoEuXF%2FGJwNiJoshRsrYWFXuGktEiLoa%2Fn0%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a7176485a0bd61c-MXP
fa-regular-400.woff2
thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-regular-400.woff2
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65

Request headers

Referer
https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Origin
https://thetruedefender.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
2150
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=83h6aN4ajgxGt1sMZGK0J0Jyem6ytac673XgMo4C6eOnZEtsJNb4chF5j0PT8qIAHq%2Fg5TvWGZ8xvW6P9BhKSqgQ%2FLdduMuj8FALVs%2B4%2Bv4DoOXeSWXQ5I0e3VoHCT5kvB1ZJtb4vjjqHstYH3hZ15M%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a7176485a0dd61c-MXP
js
www.googletagmanager.com/gtag/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-186892928-1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
202cd96978dd79f15c51e076087b0493a118b345aab51117f7d0992bad5a7ddf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35743
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 01 Nov 2021 01:48:39 GMT
frontend.min.css
thetruedefender.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/css/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/css/frontend.min.css?ver=6.6.2
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7145e35459692778d48ee4720e0897425811356b8e60ecdf87decaa8db0fdd6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Mar 2021 22:03:52 GMT
server
cloudflare
age
2150
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CkK4x0ca5xN0emeroPnQxJPahGhTuUmLy8AAbLxEclONqhftpFbNYFDqDYrHu8DjgDAMms1haqDeOxNqJCUdwv2hxrD5%2BYwNMHmD6PzFfHq0xup8WiHCuRERLQ0zvCxjXDEYOp5yt1aOKEKHdTxWOXk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a7176485a10d61c-MXP
base.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/base.min.css?ver=5.4.9
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aae68d7418f7820c7267d6dc0ec4f3f0935d15e965d5dfd0730ee15265cb932e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
2150
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NfDJ4%2Fq6n5FgTGZO8B8RCj2RX5BBmR2284I0lC1x%2FAH6xmM6bgl%2Fc%2F3ECb21G9rnPeqUcgVl9HoJbsmp7X0KdReAkFPekImxiAG1pNX0Gw3k1wxQ0SMMzc%2FOyG%2By5JJjBUuEljbgOmebMTZCW7BcXMY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a7176485a12d61c-MXP
style.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 		171 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/style.min.css?ver=5.4.9
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4e54900492e7fa37b1da9dfb701b52ce20eb8709219e48f9db66b9fd547c429

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
2150
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O0nv3IwJz5Z7tEP29R%2F3lzeMLqXCpdjX5ZJitKblUN0Ftc6AsGTnCks5bhVNTs%2Fk9tXecgCzZ%2FSg2dpXjbOwcGoqC64Je6z33u8IazbWcqZqaeDbsCE2tc48XChznxQsiqeftLrgaXkk23QptXcnols%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a7176485a14d61c-MXP
widgets.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 		53 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/widgets.min.css?ver=5.4.9
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
300c2a57d0ed169063b3daaff0550227cf8be6e702a58ab79f40a351df655243

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
2150
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X4N3B%2FH4ZxJ6l6nY4QJuLMz5qZoUfM0sz79wgjpRL%2FTCJroOT12kBgurke8G0w6jGNO6S58rtFKUMgfLf%2FLdrJYl9OGpNwbcbZAkluWTJT591qj5%2BiOEQ1AmV32m1UGRBGwhZrWTuTB%2F%2FJZh6npBOYI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a7176485a15d61c-MXP
helpers.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.9
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efd5ad608d8f3603b3eb9ca9f2c65ed45d7ca18acd0296fe5fc24b150eb4c4e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
2150
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQQQyXbVkjPX82ZfKHra0UXnmbZF4HDo6NNy8pHGrJSN8qOnEW%2BkNIj%2BLfvcpImVf84bupkKlbt0V773zwZ0zONzBEWzV3X1z%2Ft%2FTvCo6lMScaB3aAxIVfDllXyCa%2FAYpIT9YjFx%2B3XLg1I5d0t%2FtZY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a7176485a16d61c-MXP
fontawesome.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 		57 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/fontawesome.css?ver=5.4.9
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e994c6b869ce31ac6a8997cfcdaca22ac6c47f137ec735b2ac413e466b7ca0c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
2150
cf-polished
origSize=58662
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3JeTsOO12ruOednEVoz7T2M2o76I%2BVjd%2B9rITdwFxySjzJaGp%2FJcFV16hTMMNHbMWw0Zy6qMHDwW21tI99ej8IAcB5G5BwuABMosCJHjzqn8TUwf%2Fr0K9DnZz1KqzkPcFJrqdcMrw86Uq2zqgA0Md0c%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a7176485a18d61c-MXP
cf-bgj
minify
skin.css
thetruedefender.com/wp-content/themes/jannah/assets/ilightbox/dark-skin/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/ilightbox/dark-skin/skin.css?ver=5.4.9
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff17f08db808e813e0f3270329ce38e06376065502acddb467d39eea8d84d67c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
2150
cf-polished
origSize=12018
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MwAcVMK4Ft3jIG1VhVn4uSPyQeNKlvFXON6Zev1DplxfknnuZSJD6j3AUDe9ymPZhxNILkykK%2BA0n82TfdA1w2TtgHim0urHD6eG6HsAjEfgCwU9gDak79yxsRgQFWtN0%2FjDDcW4vtnZLmA7jOMwHGM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a7176485a1ed61c-MXP
cf-bgj
minify
shortcodes.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/plugins/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/plugins/shortcodes.min.css?ver=5.4.9
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf3b52f874aebd7cfc4c49cc840977ec1fa179df6026c7cbb23794a3ccbde172

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
2150
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FLP0fXb1e%2F9Ok%2Bf5lP8DE%2FkQrAdAE8pmO4a%2FZosVjlC9cZFMun34B%2BrVFPu8HWudZaEQDTBX3hsMaTM4JrqwLCCPXo4Qmo7P%2FcqRheq4iQuZwvkuOFUniuJPxIl9YERivml3cJUKCiKH1Uuq2UzWoq8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a7176485a1fd61c-MXP
single.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 		40 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/single.min.css?ver=5.4.9
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5010764339d94d1fa6a5cc219dd0ab07cfca326a11e866768b80d6081773950

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
2150
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6EEt6fodZ%2Bv9kYjqxL%2Fr31DXtAQbPLyb7hwa%2BoU6z8I38t0jaRwNmE%2FoOp0NhWFlytrm1rEl%2BTzGmsscc%2Bh%2FnkG8QIiiDAMdXmqZQCSICsgshA0qlmrJFcdDkoImfsNx3rubvpGb6F3y%2Ba15g6yXCyo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a7176485a20d61c-MXP
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-186892928-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 Oct 2021 23:24:02 GMT
server
Golfe2
age
6485
date
Mon, 01 Nov 2021 00:00:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Mon, 01 Nov 2021 02:00:34 GMT
wp-emoji-release.min.js
thetruedefender.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 12:55:33 GMT
server
cloudflare
age
2149
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zcmGuBhZvcUzGXROgnk7ksHbvB8Pqp8vUHzjq6%2FzjThEYBaFAwzuNoUpn76NmwStqztmKLdP3TXW1FtnE2RDnlrQXveLWR4Yd08SWj1R390bOnEyJzIyitQffp%2BqoS2hmsXg97KxME5HJPF5mLMdWrg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a7176498aa9d61c-MXP
print.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 		2 KB
937 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/css/print.css?ver=5.4.9
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1672b6adb575ab5321d426ebcca1e8b00217bfb2704fb41797f0dc91f5f5061

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
2149
cf-polished
origSize=2175
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ppgckA6Ec1xSLiFuE46rUDR8L8JN9je24uyw1Sd7rJjCZJ%2FXGWuqYomZ3ry9nwVatPdsf5jgOHkFF8%2BGK9lHHrqd8%2BKwh0iVZEcXm9vUUEcY6d2TpzTdB98IXZXRqN%2BUra1tq0JEFuOhClj9Orq%2BL08%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a7176498aaad61c-MXP
cf-bgj
minify
jetpack.css
c0.wp.com/p/jetpack/9.5.3/css/ 		75 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/9.5.3/css/jetpack.css
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
0b721ba64a02eb660eb62d1b6d7558ec8d86490c0e4444262b38ac5a54004e88
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
last-modified
Tue, 23 Feb 2021 16:08:42 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 01 Nov 2022 01:48:39 GMT
frontend-gtag.min.js
thetruedefender.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=6.6.2
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a1fc524469c189ab3ef5bb0fd741d4ca4b9397535b88666e87b412fb78cb4f1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Mar 2021 22:03:52 GMT
server
cloudflare
age
1496
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8YvuTHZ5aPImATu4f6AlE10l7H7v8hxFNZBYl5XZs41jJbhJFZeF63fdcIewE%2FnDUqB31S5MSep4LeDKWAIXLe8mfsO%2BCloYVKC5Nd3SU%2BXWGE%2BpLz1Gdac%2B1RjfK%2BZbCTebJUaEAgVIwPEEKHgxyRw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a7176492a7dd61c-MXP
jquery.min.js
c0.wp.com/c/5.8.1/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.1/wp-includes/js/jquery/jquery.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 01 Nov 2022 01:48:39 GMT
jquery-migrate.min.js
c0.wp.com/c/5.8.1/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.1/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 01 Nov 2022 01:48:39 GMT
frontend.js
thetruedefender.com/wp-content/plugins/fullworks-anti-spam-pro/frontend/js/ 		439 B
605 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/fullworks-anti-spam-pro/frontend/js/frontend.js?ver=1.2.3
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c84b15475645a583ebcacf9dce3e2ac8ada4feacf3640b2ba60c9139dc9e382

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 07 Jun 2021 12:31:13 GMT
server
cloudflare
age
2150
cf-polished
origSize=1539
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DZXM7Da%2B7Ktm%2FwAEI3XZRJ2%2Bl3uSm8PpTB3YIRBffpe%2BkocuKHleguoms8%2BlCbB9RGdlCpYL8lu02yfXmW1G21bVJ13ez4iSaZFyfNw6ioj5jbdtK5f2eXLa1o%2BEyq%2FWxAFG9gW5YtABZ1BNdGWDi50%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a7176492a7ed61c-MXP
cf-bgj
minify
jquery.form.min.js
c0.wp.com/c/5.8.1/wp-includes/js/jquery/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.1/wp-includes/js/jquery/jquery.form.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
7dcbd9ddb813cf06084d60b6158da5289b9e33ba3f9e7c463fd20e7ec8462014
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
last-modified
Thu, 18 Mar 2021 17:53:19 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 01 Nov 2022 01:48:39 GMT
just-contact-form-ajax-script.js
thetruedefender.com/wp-content/plugins/just-contact-form/js/ 		388 B
612 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/just-contact-form/js/just-contact-form-ajax-script.js?ver=5.8.1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae5df397c5c0dac0b9a5156343d18306f38b277664010be4121bd082f795131c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 22 Nov 2020 12:53:32 GMT
server
cloudflare
age
2150
cf-polished
origSize=463
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UJYYbkFcqGPiqzNJn2CL8SNMT%2BbhBNorQjuds6NGyAhLqkTeIThApfa2XZ8zGxKaj7y3tFCbSEf8cMuT%2FnBAsD50X4vF28tnqeqioUCAWayaRy73psbmNceWft8YGCsurtyTWnTJfyCxDdU5XIL3flg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a7176492a7fd61c-MXP
cf-bgj
minify
/
users.api.jeeng.com/users/domains/0Lvxx4MBY1/sdk/ 		354 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://users.api.jeeng.com/users/domains/0Lvxx4MBY1/sdk/
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:264e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
76c5af278930130ec960bad13ef702aacf39b6bf8da552eceb8afd437c6b5178

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
age
3288
x-powered-by
Express
x-cache
Hit from cloudfront
access-control-allow-origin
*
server
cloudflare
etag
W/"589e3-fnHbEIavSRhgLDDn779BEqH9M/4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 46c9f6285b432bb7ca825d1b5670a6b1.cloudfront.net (CloudFront)
x-cloud-trace-context
78a1021d5fc3dc577ddbb4dd5530fe17
cache-control
max-age=3600
x-amz-cf-pop
MXP64-C1
cf-ray
6a717649cc97374c-MXP
x-amz-cf-id
ZmJI3_EnIPMTkHSSmr3MhtNEH0EARpsOPKetpEAmKbIV8vWdNysWyQ==
email-decode.min.js
thetruedefender.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 12:26:29 GMT
server
cloudflare
etag
W/"616eb975-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xgS1%2BVXjVdJ30EniivbhSb%2FNnVlZFIRobmR1%2Fy10eV87z%2BlIWkdHsJV5IRezaAGvWBsIB74JCbbH%2BMNoSsOBWPD5nswglOCNGnEyxefDy8LkpOTZMUJgZljjq4%2Fba3qqb8Ycyf%2Fo6nKulLdjUvHENrk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a7176496a8fd61c-MXP
vary
Accept-Encoding
expires
Wed, 03 Nov 2021 01:48:39 GMT
photon.min.js
c0.wp.com/p/jetpack/9.5.3/_inc/build/photon/ 		758 B
425 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/9.5.3/_inc/build/photon/photon.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
last-modified
Tue, 31 Mar 2020 17:26:38 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 01 Nov 2022 01:48:39 GMT
comment_count.js
thetruedefender.com/wp-content/plugins/disqus-comment-system/public/js/ 		708 B
699 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 12:35:35 GMT
server
cloudflare
age
2150
cf-polished
origSize=889
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WxiNS1Nq29rzQPRi7W8IRZAUUlXcVKAnCpvvLNiiRqbHbMvsbvrNXQiCRRY1VZUnjOpDCwFmAWaPRv7%2B2%2FYV%2FxFRgeP22Q%2BJbF2kudvegstRJt5Nxhe9rt157qp7cRb7Oyy45TFGytCMbnSN1aVD%2B88%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a7176497a9ad61c-MXP
cf-bgj
minify
comment_embed.js
thetruedefender.com/wp-content/plugins/disqus-comment-system/public/js/ 		878 B
641 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.22
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60631ed8f1dfa6713ff9e30fec41786aadc477c0cac5a75dca66b5a49f76b901

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 12:35:35 GMT
server
cloudflare
age
2150
cf-polished
origSize=1232
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2FPvZP%2FAIPiFKO5oEnYkjHvIkxi5lCyW4JfNX93Q98Br6kJTFOFxivsHeRyca3pF1bKj4vgiwHMrEzlD9W5nvJL%2Baen080Y%2B%2BT67gKUYUj6YtkjuIZOaDn1HD77AcVmel8GF1gzx3DMtgur9Ta7iFck%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a7176497a9bd61c-MXP
cf-bgj
minify
6aee8e32-15aa-46b8-b94d-8d12cf53c25c.js
clientcdn.pushengage.com/core/ 		76 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientcdn.pushengage.com/core/6aee8e32-15aa-46b8-b94d-8d12cf53c25c.js?ver=5.8.1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.22 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-22.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
80b5f56879cce5196b2c10bf238bd7e83df53c26ecf581637249d0ff8c28d770

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:47:09 GMT
content-encoding
gzip
server
nginx
age
90
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=120
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
yLmLx5jyN37eAGLnNi5Wo2orQtzn2MiMqIonKXRBULSGNSO9qIs8jQ==
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
intersectionobserver-polyfill.min.js
thetruedefender.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/intersectionobserver-polyfill.min.js?ver=1.1.2
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88264adf3d3193fb56c229f0b92e2a6096770eb76996d1fedc95f5bcb208ccda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 03 Jun 2021 12:23:44 GMT
server
cloudflare
age
2150
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D1%2F3V9ewMnJvy41X02wHQoEy3Q6raYjiZHjYgAnKeKkBiU4CXAx3z947vVFPkcVkr5c9CfD5EqaRuvefaS%2BFNPlvTPJfwZ5gzwTIOL8vLCywXV%2FZXBeLf0e1GHmcoZKYr5JdQdsyBvau6tYPJugiIVM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a7176497a9cd61c-MXP
lazy-images.min.js
thetruedefender.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/lazy-images.min.js?ver=1.1.2
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51e78e904c795ed5b0154a9995d1ab0b7e3667f5aede719bda86ba38236c5989

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 03 Jun 2021 12:23:44 GMT
server
cloudflare
age
2150
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Go59qR6MYXa8nd74kUPC0slMeP4V3LUE5RLBfvToQb0mhPNKcFNv9Ty2yWhhbwFoOuyrJ%2BeCIWvg0ESA0A2aRBbsbEXsFmEdZ0cE02YXPY1%2B9ogd8S4izw%2Bg7g7lAxKgUq3O1mXYtbuQ9TPGnYVp0OM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a7176497a9ed61c-MXP
scripts.min.js
thetruedefender.com/wp-content/themes/jannah/assets/js/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/js/scripts.min.js?ver=5.4.9
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d90a92a7cfa091e8b08b8a24572b8c67d1aa35d4e2a9b09887cfb412acc3adfc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
2150
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WugK6o%2Fo78EtX%2BZckAdJhfs5OU9V5KSLaTWrIJMuldnOqew3YarWI8ZNxjtX8l0YvTvvNPg1RfFXmQ0cuVnlXVMHttRoZwoP1jyhUn8QEE6n1iDw0kscPYU9f6BCnaelydilzAJSdCHtCgrPjWVz%2F64%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a7176498a9fd61c-MXP
lightbox.js
thetruedefender.com/wp-content/themes/jannah/assets/ilightbox/ 		79 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=5.4.9
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
545f7284439440fac6a2ce4a53a16cf7e9c7f9f6dc7a6f09877bd2af7c85e3b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
2150
cf-polished
origSize=81423
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2BRZ5KHQdHQ60LMPq0FyHdm4FRX60gTnZU2QemJJnmdLyrf9ZCLG224VDgWpDw%2FaLrHeYfZFyDW%2BoEPGnsOCNXZS4qwDw5G00wsrs9oXZl5g1cqWVFxG6hW%2FOx3d1NbibtrugKU61axOtD0bMwjuK6A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a7176498aa1d61c-MXP
cf-bgj
minify
sliders.min.js
thetruedefender.com/wp-content/themes/jannah/assets/js/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/js/sliders.min.js?ver=5.4.9
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4aedd618e5afdcceeaeb82c1d6926175a4bb43dd363e9c64eacfca2ae80c9b60

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
2150
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3WZc0szZJgXaGgZYJh%2BwUrNCsy0lpjEjhFG5o%2BW8lqtk31cj17avcKF4ULElQLm8%2FIYcFA9K0iMH0v0ueLstHcMwhVbfTtFeLyVmRPM4yWcPl%2Bj46bhqlvqyWxRokuO28iT347hmLm5lZAIsi2P8Gtg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a7176498aa2d61c-MXP
shortcodes.js
thetruedefender.com/wp-content/themes/jannah/assets/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/js/shortcodes.js?ver=5.4.9
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a211890e04f6342daafeab7c7d11cd15419e8a4830f530176b28d872e6a1d9a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
2150
cf-polished
origSize=11181
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FHuUkmccBHrunCFEHxJoUXHq5TaqkW%2FEYrxLokJcSHq7dou0yCBYikJutMl36xjfcTpbM2E7%2FdbgnkO%2F8qTFeuMpnpV9yg69qXILi8ZmS82dtKpi6%2FmjBr1gMS7MvSWG78oLcMgUaTHHK14R7RL0L0A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a7176498aa3d61c-MXP
cf-bgj
minify
desktop.min.js
thetruedefender.com/wp-content/themes/jannah/assets/js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/js/desktop.min.js?ver=5.4.9
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7462bdf789a89db34e26ce9deeb27e2d532113145d71bb560aad30c67dceaf88

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
5621
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YGPMgvgzEdjJ1tzVcbwzNLUI63s02YOFq61WB%2Bv6pRvj%2BOQgjhjmYAYAb3%2BIlh9wAyetHFK2pfvtARDpkToc269tTbOW5xHyf5XPnbBfwXQRpYuGwxIwD5enLXuNySNkOoX2ZLiUh0cBgbOU7skcmu4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a7176498aa4d61c-MXP
live-search.js
thetruedefender.com/wp-content/themes/jannah/assets/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/js/live-search.js?ver=5.4.9
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ebe3ff6e3d8d47304ff7bbcb28cc0579ca64c2cd7989015db2fbdb08ec8dd92

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
5621
cf-polished
origSize=14601
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rTekE3Y4WGt9mF5c6dwynO1IWsBKPlPKFcxUqii3har52AKfdYQAb%2F7iqvhjRu5A6baPzEuH1OjuS7xRKg0TjxjBIycm1S87%2BPSWhMtiFMRvRASbP3%2FP9jqFvFHLBfwzBq5mqjc2ZN3FgtUNYk8%2F77U%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a7176498aa6d61c-MXP
cf-bgj
minify
single.min.js
thetruedefender.com/wp-content/themes/jannah/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/js/single.min.js?ver=5.4.9
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e84a340caf47fb7f52d6d4eef3db512e84c911268acf1c5eb66b44887f343457

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
2150
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wwuF7X75U%2FRKOwZgYk4EhZPmLxa0IwtiSjjw04Q7AEqv0oIUgw2aJ%2BMPBWpsr0NuPsaPWsMpNzicQNV8q3KzFbeZUU0F3MstytIuRJm1%2BMzwGUgmJLDoQVXufAWv%2FsiNXeSWXZLiq9ZNO9pAJxwgURg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a7176498aa7d61c-MXP
comment-reply.min.js
c0.wp.com/c/5.8.1/wp-includes/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.1/wp-includes/js/comment-reply.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
last-modified
Thu, 18 Mar 2021 17:48:23 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 01 Nov 2022 01:48:39 GMT
wp-embed.min.js
c0.wp.com/c/5.8.1/wp-includes/js/ 		1 KB
719 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.1/wp-includes/js/wp-embed.min.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 01 Nov 2022 01:48:39 GMT
br-news.js
thetruedefender.com/wp-content/themes/jannah/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender.com/wp-content/themes/jannah/assets/js/br-news.js?ver=5.4.9
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
360cb757953c12a86e5cab86a14bc19f343fae4b09fa758b1a0535dca3c5f26f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 21:21:28 GMT
server
cloudflare
age
2150
cf-polished
origSize=5594
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CL8jPdp6orOW9bwJ9esq5gg1o68Mrwdv9lPIlzKkGhtHl0ky6OYSeeioxZGvDkMBJqlNwSCHfiAWYw5tNbR1QvxFse9XTkwxgL5AlD3JKno5V8OyV0hb0OWCwkgwGkmj1PaPDZykExu2X6TnnoFBn9o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a7176498aa8d61c-MXP
cf-bgj
minify
e-202144.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202144.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT hhn
date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
gzip
server
nginx
etag
W/"5c6340e3-350a"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 24 Oct 2022 05:44:33 GMT
thetruedefender_thetruedefender_sticky.js
cdn1.lockerdomecdn.com/embeds/ 		1020 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.lockerdomecdn.com/embeds/thetruedefender_thetruedefender_sticky.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a00:b:6268:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6990ea232bb26e9f419f1c364efc4d46ab62288a58f57aff6f289f4a98459240

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 04:40:52 GMT
via
1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified
Tue, 05 Oct 2021 16:39:44 GMT
server
AmazonS3
age
76068
etag
"5bc9056f1e2006913082934b4e7f8720"
x-cache
Hit from cloudfront
x-amz-version-id
5SJgwcOSQVDADRfSedXeHumqp.bTbaay
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
content-length
1020
x-amz-cf-id
XeAkmNPIhS4Vx0JM7v8aXYhR6zH_sfXRmLrpxEfomLkpLpxN504BgA==
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/gif
ajs.js
cdn2.lockerdomecdn.com/_js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.lockerdomecdn.com/_js/ajs.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:6200:a:cbb7:a940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 02:03:28 GMT
content-encoding
gzip
last-modified
Fri, 29 Oct 2021 19:55:39 GMT
age
85511
etag
W/"14f4-17ccd9f44a9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
aRuBQBdhh14YTClnpZ0nrVZdcVhh79HZg68sS8hjadkx9KddjgBLxg==
TheTrueDefender
xn--r1a.website/s/ Frame D00E 		107 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xn--r1a.website/s/TheTrueDefender
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
bf72ba0b566ecbe65620ed97fdaef5efae0a235f48d845a25a33888a4e47ef84
Security Headers
Name Value
Strict-Transport-Security max-age=35768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Server
nginx
Date
Mon, 01 Nov 2021 01:48:39 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Pragma
no-cache
Cache-control
no-store
Strict-Transport-Security
max-age=35768000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
social-American-Airlines-generic-20.jpg
i2.wp.com/thetruedefender.com/wp-content/uploads/2021/10/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/thetruedefender.com/wp-content/uploads/2021/10/social-American-Airlines-generic-20.jpg?resize=390%2C220&ssl=1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
c473a2b5a7895fff511ea06f4455362e3f3ad30699564b79e3c4413dfcfdab01
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT ams 5
date
Mon, 01 Nov 2021 01:48:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 31 Oct 2021 06:50:07 GMT
server
nginx
etag
"1f2f4d25560167ff"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://thetruedefender.com/wp-content/uploads/2021/10/social-American-Airlines-generic-20.jpg>; rel="canonical"
content-length
7684
expires
Tue, 31 Oct 2023 18:50:07 GMT
Capture-358.png
i1.wp.com/thetruedefender.com/wp-content/uploads/2021/10/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/thetruedefender.com/wp-content/uploads/2021/10/Capture-358.png?resize=390%2C220&ssl=1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
2dcda7a0ad7fa9d3a2380fc217467ed666b3162e1a875f3a354e7a68ad20e040
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT ams 7
date
Mon, 01 Nov 2021 01:48:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 31 Oct 2021 12:34:01 GMT
server
nginx
etag
"7163a4a79e77a8bf"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://thetruedefender.com/wp-content/uploads/2021/10/Capture-358.png>; rel="canonical"
content-length
80468
expires
Wed, 01 Nov 2023 00:34:01 GMT
sWMKxJSjfo8
www.youtube.com/embed/ Frame 596C 		0
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/ab4db02e-f004-4923-8d56-ed722ad49704/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
sffe /
Resource Hash
4dba1e011745c1bec0b32691b466bf85c8972935bdb186a45fc96296136b23d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1030 / 973 of 1000 / last-modified: 1635545062"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27294
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 01 Nov 2021 01:48:39 GMT
prebid5.14.0.js
get.optad360.io/sf/ 		460 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/prebid5.14.0.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/ab4db02e-f004-4923-8d56-ed722ad49704/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:d400:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 26 Oct 2021 13:57:28 GMT
content-encoding
gzip
last-modified
Thu, 23 Sep 2021 07:59:54 GMT
server
AmazonS3
age
474672
etag
W/"6dd0a13bde35d2daa452bba998871016"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
cache-control
public, max-age=360000000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
-XJQjbJNI6pR3zh8zh_dMhTGC3deMOYWDx-HmGd5AmwGp0uFXZBhtw==
count.js
thetruedefender-com.disqus.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender-com.disqus.com/count.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 01:48:39 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
63
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 28 Oct 2021 19:06:48 GMT
Server
nginx
ETag
"617af4c8-367"
Strict-Transport-Security
max-age=300; includeSubdomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
X-Amz-Cf-Pop
DFW3-C1
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id
_Lf_aQWSSp2qkXznM2kYav8BYGvaxzESWwOJ3Q2utZPq78EdavXqcg==
embed.js
thetruedefender-com.disqus.com/ 		74 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetruedefender-com.disqus.com/embed.js
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.22
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
59274b2a317083b284de199623f83dde26f71623d3c18555d70b9580e6f4943f
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 01:48:39 GMT
Content-Encoding
gzip
Server
openresty
Age
34
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, max-age=60
X-Service
router_gunicorn
Strict-Transport-Security
max-age=300; includeSubdomains
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
24524
Cross-Origin-Resource-Policy
cross-origin
sWMKxJSjfo8
www.youtube.com/embed/ Frame EFFB 		58 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/sWMKxJSjfo8?feature=oembed
Requested by
Host: c0.wp.com
URL: https://c0.wp.com/c/5.8.1/wp-includes/js/jquery/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f84c61e99a5aad0342783ba8276421b954977e38b383aa6f2e41bebb12c3f6c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 01 Nov 2021 01:48:39 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
report-to
{"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sjs.js
cdn1.lockerdomecdn.com/embeds/ 		17 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.lockerdomecdn.com/embeds/sjs.js
Requested by
Host: cdn1.lockerdomecdn.com
URL: https://cdn1.lockerdomecdn.com/embeds/thetruedefender_thetruedefender_sticky.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a00:b:6268:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e2ff4dda6510591e0123ec9153d0dd7f35a566566df7095694625e6c654e527

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
.wYtctBP_XBnIa5iny.dScquLAjeZQyF
via
1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified
Mon, 24 May 2021 16:45:53 GMT
server
AmazonS3
age
320
etag
"4b1238444af4e820876b6750a0d87dbf"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 01 Nov 2021 01:47:02 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
17533
x-amz-cf-id
6uUgmUDLfmr4Mf1gHH02zW_IBuLxOzYlvUEgP6MPCwB6hXNUDiQfdg==
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:38:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
581
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 01 Nov 2021 02:38:58 GMT
g.gif
pixel.wp.com/ 		50 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A9.5.3&blog=189343063&post=34394&tz=0&srv=thetruedefender.com&host=thetruedefender.com&ref=&fcp=1165&rand=0.6319302048311537
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 01 Nov 2021 01:48:39 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
13997836195017830
lockerdome.com/lad/ Frame 638B 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/13997836195017830?pubid=ld-5318-880&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

P3P
CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Mon, 01 Nov 2021 01:48:39 GMT
14009642120598886
lockerdome.com/lad/ Frame ACC2 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/14009642120598886?pubid=ld-7836-312&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

P3P
CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Mon, 01 Nov 2021 01:48:39 GMT
entities
users.api.jeeng.com/ 		236 B
678 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://users.api.jeeng.com/entities?description_md5=&domain_id=0Lvxx4MBY1&image_url_encoded_md5=&image_url_md5=&published_at_md5=&read_only=false&sdk_version=4.8&title_md5=&url=https%3A%2F%2Fthetruedefender.com%2Fbiden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself%2F
Requested by
Host: users.api.jeeng.com
URL: https://users.api.jeeng.com/users/domains/0Lvxx4MBY1/sdk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:264e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
84d8f388cb532fa03d78de854a9f98fb6ef603fc0775c9c915ef889dedcb41e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
via
1.1 cbb1b4dc70fc5f87e7b215dd4f3252e1.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
x-amz-cf-pop
MXP63-P3
x-powered-by
Express
x-cache
Hit from cloudfront
content-encoding
gzip
server
cloudflare
etag
W/"ec-jJABx6+qo6c/q5getUXU3/G3rCA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
c8eb7d4620d34bc80a2d553f517fdac1
cache-control
max-age=3600
cf-ray
6a71764b6e9d0f76-MXP
x-amz-cf-id
BBw0LdtyjpINBUWtSXo4d6YFGDD0GMNYPf4IPe2VLqQ8pi8lcBo-sQ==
01552dc04c1d234a01413add9d8d09cd
secure.gravatar.com/avatar/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/01552dc04c1d234a01413add9d8d09cd?s=140&d=mm&r=g
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0111ef8fb7bab66f02ebb76acf1c20ebff86c7eddef1834b50529d3396410c26

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
HIT mxp 3
date
Mon, 01 Nov 2021 01:48:39 GMT
last-modified
Wed, 17 Feb 2021 14:09:30 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="01552dc04c1d234a01413add9d8d09cd.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/01552dc04c1d234a01413add9d8d09cd?s=140&d=mm&r=g>; rel="canonical"
content-length
39893
expires
Mon, 01 Nov 2021 01:53:39 GMT
Capture.png
i1.wp.com/thetruedefender.com/wp-content/uploads/2021/11/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/thetruedefender.com/wp-content/uploads/2021/11/Capture.png?resize=220%2C150&ssl=1
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
a2601ca32610d643f60e5cf25ec5871ea07cdbfdab0012d17cdd9f23c9bd9845
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc
MISS ams 4
date
Mon, 01 Nov 2021 01:48:39 GMT
x-content-type-options
nosniff
last-modified
Mon, 01 Nov 2021 01:48:39 GMT
server
nginx
etag
"1371bdde238d243e"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://thetruedefender.com/wp-content/uploads/2021/11/Capture.png>; rel="canonical"
content-length
30522
expires
Wed, 01 Nov 2023 13:48:39 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211101
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dde8d8d5c56eb93e433b3b333cb6cbab4e98448622c6738f28264f66657164df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
38861
x-jsd-version
1.0.1147
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19170-FRA, cache-mxp6958-MXP
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"69b-+7Buvc1FuMFlzBk7+4iub7C2hks"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6a71764bbd705a31-MXP
localstore.js
script.4dex.io/ 		483 B
940 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1187173
x-amz-request-id
txa9f7a43a20cf4c4c9390f-00616d2a11
x-amz-id-2
txa9f7a43a20cf4c4c9390f-00616d2a11
last-modified
Mon, 18 Oct 2021 08:01:51 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wfyUCX12%2Fr19IUKNnBOJpHkoF6tpvUDsH%2BBSuGqbvQmGQuD30eJcVb1qStBh%2FrT2LA1SJcGgByadH3MmpXlmDgDYv2VMX2GkuoUI4sn816rurIl0w4OD3EZLjTQGSBBGgHlvO3AGGw9kBX8q"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1634544111259554
cf-ray
6a71764be8a2e907-MXP
c
prebid.a-mo.net/a/ 		0
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Mon, 01 Nov 2021 01:48:39 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
14
vary
origin, Accept-Encoding
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 , Poland, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Mon, 01 Nov 2021 01:48:39 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
cde2f59f96d0942bb5b2e7f286a46b73fc392caefb9c037c6e631c522c8e1dcb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:39 GMT
X-Proxy-Origin
185.232.23.180; 185.232.23.180; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
ad4feb12-8cc1-4f48-9fbd-8ea5bb9bcf00
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thetruedefender.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
apacdex
useast.quantumdex.io/auction/ 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
cf-ray
6a71764bb967177e-FRA
/
ssp.wp.pl/bidder/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
server
nginx
access-control-allow-methods
POST, GET
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
accept-ch-lifetime
604800
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
access-control-allow-headers
authorization, origin, x-requested-with, cookie, content-type, accept-ch
prebid
ib.adnxs.com/ut/v3/ 		139 B
824 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
5576184f46f1849cc7807498bec4c70ca5ebc23171b04ca8ef61265443728b2c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:39 GMT
X-Proxy-Origin
185.232.23.180; 185.232.23.180; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
c561ab77-dc26-4369-870c-2de3aabbbf98
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thetruedefender.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v2
i.connectad.io/api/ 		0
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
6a71764bba9a695d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cdb
bidder.criteo.com/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.14.0&cb=20801440661
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Mon, 01 Nov 2021 01:48:39 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
prebid-request
onetag-sys.com/ 		15 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://thetruedefender.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
81d657bcaddad398f9324eb7b82be51e3bb5893d8c3669ca766ee2baa55a2987

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
6%3b9%3b62
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
adjson
ads.betweendigital.com/ 		2 B
915 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.212.252.22 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 , Poland, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Mon, 01 Nov 2021 01:48:39 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid-request
onetag-sys.com/ 		15 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://thetruedefender.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
cdb
bidder.criteo.com/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.14.0&cb=16517281300
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Mon, 01 Nov 2021 01:48:39 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
c0c3fbbc9f124fcd13db136627470ef5deb4f956c05456e0c294c85e4b9916c3

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
6%3b13%3b113
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
adjson
ads.betweendigital.com/ 		2 B
915 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.212.252.22 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
apacdex
useast.quantumdex.io/auction/ 		0
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
cf-ray
6a71764bb968177e-FRA
v2
i.connectad.io/api/ 		0
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
6a71764bba9b695d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0395cb34995627b7a16ec7e822168737dfd7fee33684c8d85cd5b487f39b3ac0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:39 GMT
X-Proxy-Origin
185.232.23.180; 185.232.23.180; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
281ac7f9-432e-4520-b86f-7042e7e6c3dd
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thetruedefender.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		0
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Mon, 01 Nov 2021 01:48:39 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
0
vary
origin, Accept-Encoding
/
ssp.wp.pl/bidder/ 		0
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
server
nginx
access-control-allow-methods
POST, GET
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
accept-ch-lifetime
604800
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
access-control-allow-headers
authorization, origin, x-requested-with, cookie, content-type, accept-ch
prebid
ib.adnxs.com/ut/v3/ 		138 B
823 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
724734608f337327557662c7222b4a416e467fec061e33588f977a4adf58dae7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:39 GMT
X-Proxy-Origin
185.232.23.180; 185.232.23.180; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
760e5720-4cd9-4899-bd41-6167afbfd88f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thetruedefender.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pushengage.js
clientcdn.pushengage.com/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientcdn.pushengage.com/pushengage.js
Requested by
Host: clientcdn.pushengage.com
URL: https://clientcdn.pushengage.com/core/6aee8e32-15aa-46b8-b94d-8d12cf53c25c.js?ver=5.8.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.22 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-22.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
c3d8f1101a790ab1233144c17ffcd9e31d648cd90a92cd96fafe64522b1916e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:43:52 GMT
content-encoding
gzip
server
nginx
age
287
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=300
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
-0XgnbQZslmmB1mxzeJF07rsdWd36aQ94IhY0psl0UO1wE6M-o7mXg==
via
1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
pubads_impl_2021102501.js
securepubads.g.doubleclick.net/gpt/ 		356 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
sffe /
Resource Hash
dcd346804a786db16b40af2672924a5b8787623f71d648a017da7e236e1b19b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122594
x-xss-protection
0
last-modified
Mon, 25 Oct 2021 08:35:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 01 Nov 2021 01:48:39 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		125 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=thetruedefender.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
f6d836acd1e04a5a600e876f874a681d1590b961b051390c62b61fe6d8570f0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94
x-xss-protection
0
expires
Mon, 01 Nov 2021 01:48:39 GMT
14447308783736934
lockerdome.com/lad/ Frame 1559 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/14447308783736934?pubid=ld-14447308783736934&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=1560
Requested by
Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

P3P
CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1376
Date
Mon, 01 Nov 2021 01:48:40 GMT
lounge.0646e37a1d5797cdbecb18f0498b116a.css
c.disquscdn.com/next/embed/styles/ 		0
26 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.0646e37a1d5797cdbecb18f0498b116a.css
Requested by
Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 18:30:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
371879
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
25963
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 27 Oct 2021 17:58:29 GMT
server
nginx
etag
"61799345-656b"
content-type
text/css; charset=utf-8
via
1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
expires
Thu, 27 Oct 2022 18:30:40 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
x-amz-cf-id
o9Dl9wIHPOudWIIZTe_rq1PYoGhG9mLtJYhTsVAWxj1XOSvTj2mxaA==
x-cache-hits
0
common.bundle.2f2f40d40785c9541a90e9086c8770a3.js
c.disquscdn.com/next/embed/ 		0
93 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js
Requested by
Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 14:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
558189
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
94779
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Fri, 22 Oct 2021 00:26:02 GMT
server
nginx
etag
"6172051a-1723b"
content-type
application/javascript; charset=utf-8
via
1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
expires
Tue, 25 Oct 2022 14:45:30 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
x-amz-cf-id
R4bwT7TiMQCR3AV6T4yYPk_QkvQdoPO79nya_smRQBrZfcsq03IuHg==
x-cache-hits
0
lounge.bundle.9cfe6ad219e0358b590e898d09d5f231.js
c.disquscdn.com/next/embed/ 		0
119 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.9cfe6ad219e0358b590e898d09d5f231.js
Requested by
Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 18:30:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
371879
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
120652
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 27 Oct 2021 17:58:28 GMT
server
nginx
etag
"61799344-1d74c"
content-type
application/javascript; charset=utf-8
via
1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
expires
Thu, 27 Oct 2022 18:30:40 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
x-amz-cf-id
A2_UWBPduRsqU6Kryto3ibVQZ3ftsi9Y6sBB1k35P-J6nDWSAuxNQA==
x-cache-hits
0
config.js
disqus.com/next/ 		0
14 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 01:48:39 GMT
X-Content-Type-Options
nosniff
Content-Type
application/javascript; charset=UTF-8
Server
nginx
Age
22
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
13582
X-XSS-Protection
1; mode=block
collect
www.google-analytics.com/j/ 		1 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=94644638&t=pageview&_s=1&dl=https%3A%2F%2Fthetruedefender.com%2Fbiden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself%2F&ul=en-us&de=UTF-8&dt=Biden%20Almost%20Expelled%20From%20The%20G20%20Summit%20Stage%20In%20Rome!%20He%20Was%20Talking%20To%20Himself!%20-%20The%20True%20Defender%20!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUIhAAAAAC~&jid=1998015990&gjid=2130066211&cid=2033616666.1635731319&tid=UA-186892928-1&_gid=866574082.1635731319&_r=1&gtm=2ouar0&did=dNDMyYj&z=1445656576
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 01:48:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-player-webp.css
www.youtube.com/s/player/9216d1f7/ Frame EFFB 		334 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9216d1f7/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/sWMKxJSjfo8?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4031dea4a8a48b0efd5836f07da70d2f72a3fcd76d50f2d411b3ccec4e980b28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/sWMKxJSjfo8?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 16:48:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
378015
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46958
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 00:15:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Oct 2022 16:48:24 GMT
www-embed-player.js
www.youtube.com/s/player/9216d1f7/www-embed-player.vflset/ Frame EFFB 		208 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9216d1f7/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/sWMKxJSjfo8?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
831b502b7f9c15c2cd3ee726d68d5e1b0a7637b2fd1c01f190af2cf43c56d902
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/sWMKxJSjfo8?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 21:52:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
14187
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69750
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 00:15:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 31 Oct 2022 21:52:12 GMT
base.js
www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/ Frame EFFB 		2 MB
513 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/sWMKxJSjfo8?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c797355fdbc5008cb1c2db5648cd47acc0c8f6f92dfac3e6a8e903667761c0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/sWMKxJSjfo8?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 16:48:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
378021
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
525254
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 00:15:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Oct 2022 16:48:18 GMT
fetch-polyfill.js
www.youtube.com/s/player/9216d1f7/fetch-polyfill.vflset/ Frame EFFB 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9216d1f7/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/sWMKxJSjfo8?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/sWMKxJSjfo8?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 14:27:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
127294
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 00:15:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 30 Oct 2022 14:27:05 GMT
css
fonts.googleapis.com/ Frame D00E 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 01:00:54 GMT
server
ESF
date
Mon, 01 Nov 2021 01:48:39 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Mon, 01 Nov 2021 01:48:39 GMT
widget-frame.css
tlgr.org/css/ Frame D00E 		67 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tlgr.org/css/widget-frame.css?46
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
4d99f2c1e6fde96e2c2308b915e4da16aee198a8d8f86b9350676830544b66fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 01:48:39 GMT
Content-Encoding
gzip
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type
text/css
Cache-Control
max-age=345600
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 05 Nov 2021 01:48:39 GMT
telegram-web.css
tlgr.org/css/ Frame D00E 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tlgr.org/css/telegram-web.css?19
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
2892a779cee25c3a681f6c8d4c779f0e8632741aec6485a87da48000d84b96c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 01:48:39 GMT
Content-Encoding
gzip
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type
text/css
Cache-Control
max-age=345600
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 05 Nov 2021 01:48:39 GMT
cxtwjeoNo_JAjwIiypKREpgUrBvMhVQ7LqMXe2ISm4BwIU-tZ_W3qfY5KZT3bvhAJdipCigJ_2uPy9LeivuZbwloaaDI8eTyWXydqn1P5kKWxL7yxB2tg_4gMGJxeA_ZQnLh2UX_1PPc1HyFxFzUBv_I0PlAung0YDe3gIhCXfDgbjqLzIn3v60-afkyVJmHGlaO_...
cdn4.telesco.pe/file/ Frame D00E 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/cxtwjeoNo_JAjwIiypKREpgUrBvMhVQ7LqMXe2ISm4BwIU-tZ_W3qfY5KZT3bvhAJdipCigJ_2uPy9LeivuZbwloaaDI8eTyWXydqn1P5kKWxL7yxB2tg_4gMGJxeA_ZQnLh2UX_1PPc1HyFxFzUBv_I0PlAung0YDe3gIhCXfDgbjqLzIn3v60-afkyVJmHGlaO_yuSP7RM7u9ofOpUJu7YSHYP37yE9Bs1f-J52t_mOxZb6jlXLw-k1z3lb8DrrgbsUMlzBNUX0BU7YiWM8AOgSxD5r1Q-ABJdw_DXm76aMH_NgecEhYDxJV6fjZFPEcUssGS9lzeMlwbcOvEPRg.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 , United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
d712796d188539ac294a0dd7a2d0b2770cbaca32d836863fd2565e6b39ae5f52
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
14470
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 01 Nov 2021 01:48:40 GMT
Server
nginx/1.18.0
Date
Mon, 01 Nov 2021 01:48:40 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-14470, bytes
Expires
Wed, 01 Dec 2021 01:48:40 GMT
/
ssp.wp.pl/bidder/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
server
nginx
access-control-allow-methods
POST, GET
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
accept-ch-lifetime
604800
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
access-control-allow-headers
authorization, origin, x-requested-with, cookie, content-type, accept-ch
v2
i.connectad.io/api/ 		0
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Nov 2021 01:48:40 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
6a71764ddda0695d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
c
prebid.a-mo.net/a/ 		0
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Mon, 01 Nov 2021 01:48:39 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin, Accept-Encoding
apacdex
useast.quantumdex.io/auction/ 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
cf-ray
6a71764bf99a177e-FRA
v1
prg.smartadserver.com/prebid/ 		888 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
a846027190475a9eb5b551fa377a0d60857db115d88ad60b3e0377fb00dac74a

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 01:48:38 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
6%3b16%3b72
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
cdb
bidder.criteo.com/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.14.0&cb=53114475981
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Mon, 01 Nov 2021 01:48:39 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
bc906ccf37ead40bd23d581b6baecced40627d81810e3cab81edd703d61b5518
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:39 GMT
X-Proxy-Origin
185.232.23.180; 185.232.23.180; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
65a435b6-7b27-407e-b027-4367eca66ced
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thetruedefender.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adjson
ads.betweendigital.com/ 		2 B
915 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.212.252.22 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ 		139 B
979 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
3dec177dc170f02a8d94a8c38f30f749ab24a1d16aa891cecd2ccf6c4a120635
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:39 GMT
X-Proxy-Origin
185.232.23.180; 185.232.23.180; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
147d0127-0d54-4fdd-a72d-826201fad393
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thetruedefender.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://thetruedefender.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 , Poland, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Mon, 01 Nov 2021 01:48:39 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid-request
onetag-sys.com/ 		15 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://thetruedefender.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
/
ssp.wp.pl/bidder/ 		0
18 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
server
nginx
access-control-allow-methods
POST, GET
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
accept-ch-lifetime
604800
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
access-control-allow-headers
authorization, origin, x-requested-with, cookie, content-type, accept-ch
c
prebid.a-mo.net/a/ 		0
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Mon, 01 Nov 2021 01:48:39 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin, Accept-Encoding
adjson
ads.betweendigital.com/ 		2 B
915 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.212.252.22 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
bid-request
rtb.adpone.com/ 		768 B
988 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adpone.com/bid-request?pid=121725125956429&gdpr_applies=false&consentString=undefined
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dce64d173726d9f24dd1d5569d96f069efec0a8a10c1343e8e80626cf185e5f1

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lm%2BlS5orkiyI8IpueQrVMQvPsYmCdoc3fP%2F17dh34nWU%2FPYJmk9lY2xSMwayRFFPEXjkBBA2r3IN2BO9a82eWXSm4EKoT6SEztMDhGG45cluVaOiyc%2Fvs8PoeFoE4OLWa%2FT956iShlW9zYIs"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
cf-ray
6a71764c695159bf-MXP
apacdex
useast.quantumdex.io/auction/ 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
cf-ray
6a71764c09a2177e-FRA
prebid
ib.adnxs.com/ut/v3/ 		139 B
979 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4023d3dc503fbc6a9ccc0d0e06ea42c8cdef5f2ed2415b2c498d40894410719c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:39 GMT
X-Proxy-Origin
185.232.23.180; 185.232.23.180; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
e425960d-49fb-45a7-bd16-06f49b8b6e21
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thetruedefender.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
953166db4f8341fa3778411c56de31cb9b8378d78100fb536b485db9882d20fe
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:39 GMT
X-Proxy-Origin
185.232.23.180; 185.232.23.180; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
dcf360d1-97d7-40bf-b5d7-0430922fb04a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thetruedefender.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		804 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
aa4e9fcb86e5a604183b1a6d1590eff2fe041424a5d125cb8aad57b22f042fdf

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 01:48:38 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
6%3b23%3b89
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
v2
i.connectad.io/api/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Nov 2021 01:48:40 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
6a71764ddda1695d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 , Poland, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Mon, 01 Nov 2021 01:48:39 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cdb
bidder.criteo.com/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.14.0&cb=48436471361
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Mon, 01 Nov 2021 01:48:38 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EFFB 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/sWMKxJSjfo8?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 04:18:33 GMT
x-content-type-options
nosniff
age
250206
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 29 Oct 2022 04:18:33 GMT
jquery.min.js
tlgr.org/js/ Frame D00E 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tlgr.org/js/jquery.min.js
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 01:48:40 GMT
Content-Encoding
gzip
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=345600
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 05 Nov 2021 01:48:39 GMT
jquery-ui.min.js
tlgr.org/js/ Frame D00E 		96 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tlgr.org/js/jquery-ui.min.js
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
eb46d82ef6f86859f18e379660e0f45b85c6f69fa97111905f0c125a08506376
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 01:48:40 GMT
Content-Encoding
gzip
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=345600
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 05 Nov 2021 01:48:40 GMT
tgsticker.js
tlgr.org/js/ Frame D00E 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tlgr.org/js/tgsticker.js?24
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
7af53d7077c16f6ad9efd63a975749c4835ce6e495c337fa4176f15ed385f80b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 01:48:40 GMT
Content-Encoding
gzip
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=345600
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 05 Nov 2021 01:48:40 GMT
widget-frame.js
tlgr.org/js/ Frame D00E 		82 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tlgr.org/js/widget-frame.js?51
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
09255fc220032ea7ecb474d0b0b6daffccade6134caae15332892691465788f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 01:48:40 GMT
Content-Encoding
gzip
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=345600
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 05 Nov 2021 01:48:40 GMT
telegram-web.js
tlgr.org/js/ Frame D00E 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tlgr.org/js/telegram-web.js?10
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
0f661b180cb5ec06a2458d8be5c013a37abe06a0d446945709010132ca813d15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 01:48:40 GMT
Content-Encoding
gzip
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=345600
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 05 Nov 2021 01:48:40 GMT
adagio.js
script.4dex.io/ 		71 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
071ae33974e54b0b7586b5ecc94a40ab118f7df9a387f351231095b51aafe93e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1186902
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
txc3a8552075a2425d94848-00616d2a21
x-amz-id-2
txc3a8552075a2425d94848-00616d2a21
last-modified
Mon, 18 Oct 2021 08:01:50 GMT
server
cloudflare
etag
W/"cae476c264f28e37aca638d685ba55b4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FNzRXkN3gG8tWwujOwYMQG7JIwgZKeR1yN9jocJ%2BlOPHcXuSPE5yd%2BBnl4Uu7qbaZGpaM46pDxCsBAwzOqhdRBXAJbF2dmUdYtItWh5TeVIHRP4W1%2FaWgYmuia7CmCxbQHXZ7EPJEOftCbgW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1634544110326910
cf-ray
6a71764c8b205995-MXP
access-control-allow-headers
Authorization
poweredby.png
assetscdn.pushengage.com/site_assets/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assetscdn.pushengage.com/site_assets/img/poweredby.png
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.125 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-125.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0fc433d29c75ad01a8b659920e90e0e9cec6a29f64554b294f0b711531e95be0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 06:14:51 GMT
via
1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
last-modified
Fri, 25 Sep 2020 09:48:13 GMT
server
AmazonS3
age
70429
etag
"02aec77a0221b1cf0bee11ff572c74e3"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
1025
x-amz-cf-id
DKr_-X5Ayz-SArviwPuM4D7wHrMtySt2GTB2pfpfSmXMx1Pjb_ZUtw==
/
disqus.com/embed/comments/ Frame F7B8 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34394%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34394&t_u=https%3A%2F%2Fthetruedefender.com%2Fbiden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself%2F&t_e=Biden%20Almost%20Expelled%20From%20The%20G20%20Summit%20Stage%20In%20Rome!%20He%20Was%20Talking%20To%20Himself!&t_d=Biden%20Almost%20Expelled%20From%20The%20G20%20Summit%20Stage%20In%20Rome!%20He%20Was%20Talking%20To%20Himself!&t_t=Biden%20Almost%20Expelled%20From%20The%20G20%20Summit%20Stage%20In%20Rome!%20He%20Was%20Talking%20To%20Himself!&s_o=default
Requested by
Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0e518e01ed18cb69a308745f4e6efd686e430d64957ca4d3fb686eb699889d18
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Connection
keep-alive
Content-Length
2937
Server
nginx
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control
stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin
*
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Type
text/html; charset=utf-8
Last-Modified
Sun, 31 Oct 2021 12:11:26 GMT
ETag
W/"lounge:view:8854712562.2ae2a4f78a8598b9533bf635974636bf.2"
Referrer-Policy
no-referrer-when-downgrade
Content-Encoding
gzip
Date
Mon, 01 Nov 2021 01:48:39 GMT
Age
0
Vary
Accept-Encoding
Cross-Origin-Resource-Policy
cross-origin
Strict-Transport-Security
max-age=300; includeSubdomains
lounge.load.476c68be0ef9b136177aa11ed8dc9365.js
c.disquscdn.com/next/embed/ Frame F7B8 		958 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.load.476c68be0ef9b136177aa11ed8dc9365.js
Requested by
Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34394%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34394&t_u=https%3A%2F%2Fthetruedefender.com%2Fbiden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself%2F&t_e=Biden%20Almost%20Expelled%20From%20The%20G20%20Summit%20Stage%20In%20Rome!%20He%20Was%20Talking%20To%20Himself!&t_d=Biden%20Almost%20Expelled%20From%20The%20G20%20Summit%20Stage%20In%20Rome!%20He%20Was%20Talking%20To%20Himself!&t_t=Biden%20Almost%20Expelled%20From%20The%20G20%20Summit%20Stage%20In%20Rome!%20He%20Was%20Talking%20To%20Himself!&s_o=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6db623175e53f8a8fbe0dd0b9ef38213bfffab51835c940b2ff705514b3bee9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34394%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34394&t_u=https%3A%2F%2Fthetruedefender.com%2Fbiden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself%2F&t_e=Biden%20Almost%20Expelled%20From%20The%20G20%20Summit%20Stage%20In%20Rome!%20He%20Was%20Talking%20To%20Himself!&t_d=Biden%20Almost%20Expelled%20From%20The%20G20%20Summit%20Stage%20In%20Rome!%20He%20Was%20Talking%20To%20Himself!&t_t=Biden%20Almost%20Expelled%20From%20The%20G20%20Summit%20Stage%20In%20Rome!%20He%20Was%20Talking%20To%20Himself!&s_o=default
Origin
https://disqus.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 18:30:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
371879
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
497
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 27 Oct 2021 17:58:28 GMT
server
nginx
etag
"61799344-1f1"
content-type
application/javascript; charset=utf-8
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
expires
Thu, 27 Oct 2022 18:30:40 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
x-amz-cf-id
bU0X0_o2wDtNKz-71iByUQYkpT_ttkJABzIkspOeOlYQPRaEDOHH2Q==
x-cache-hits
0
common.bundle.2f2f40d40785c9541a90e9086c8770a3.js
c.disquscdn.com/next/embed/ Frame F7B8 		282 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.476c68be0ef9b136177aa11ed8dc9365.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4d958aa0fe56b2c9ef407522721c72a3f0ac4f0ae063a2e2d05c134b7a79fa85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34394%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34394&t_u=https%3A%2F%2Fthetruedefender.com%2Fbiden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself%2F&t_e=Biden%20Almost%20Expelled%20From%20The%20G20%20Summit%20Stage%20In%20Rome!%20He%20Was%20Talking%20To%20Himself!&t_d=Biden%20Almost%20Expelled%20From%20The%20G20%20Summit%20Stage%20In%20Rome!%20He%20Was%20Talking%20To%20Himself!&t_t=Biden%20Almost%20Expelled%20From%20The%20G20%20Summit%20Stage%20In%20Rome!%20He%20Was%20Talking%20To%20Himself!&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 14:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
558189
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
94779
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Fri, 22 Oct 2021 00:26:02 GMT
server
nginx
etag
"6172051a-1723b"
content-type
application/javascript; charset=utf-8
via
1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
expires
Tue, 25 Oct 2022 14:45:30 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
x-amz-cf-id
Jg2MqsNvyD4GeoLKqtud1U2IpCL9ws6hxWzZKBMDMslmT6EKhLYvPg==
x-cache-hits
0
lounge.0646e37a1d5797cdbecb18f0498b116a.css
c.disquscdn.com/next/embed/styles/ Frame F7B8 		163 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.0646e37a1d5797cdbecb18f0498b116a.css
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2592b4e46e8af0af3a6d226a426ab1eeff99edd04bc7d064317f0c01717df7fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34394%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34394&t_u=https%3A%2F%2Fthetruedefender.com%2Fbiden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself%2F&t_e=Biden%20Almost%20Expelled%20From%20The%20G20%20Summit%20Stage%20In%20Rome!%20He%20Was%20Talking%20To%20Himself!&t_d=Biden%20Almost%20Expelled%20From%20The%20G20%20Summit%20Stage%20In%20Rome!%20He%20Was%20Talking%20To%20Himself!&t_t=Biden%20Almost%20Expelled%20From%20The%20G20%20Summit%20Stage%20In%20Rome!%20He%20Was%20Talking%20To%20Himself!&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 18:30:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
371879
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
25963
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 27 Oct 2021 17:58:29 GMT
server
nginx
etag
"61799345-656b"
content-type
text/css; charset=utf-8
via
1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
expires
Thu, 27 Oct 2022 18:30:40 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
x-amz-cf-id
-eGD9n7jyQHTPGmkt6ic6uTjSpFbyf8qIei0_kEkgFhQ-AImAUUB5g==
x-cache-hits
0
lounge.bundle.9cfe6ad219e0358b590e898d09d5f231.js
c.disquscdn.com/next/embed/ Frame F7B8 		468 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.9cfe6ad219e0358b590e898d09d5f231.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e856293f0bfd6bee2a808701afc266d9b70995c66fed88a78583a304c1a67a2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34394%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34394&t_u=https%3A%2F%2Fthetruedefender.com%2Fbiden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself%2F&t_e=Biden%20Almost%20Expelled%20From%20The%20G20%20Summit%20Stage%20In%20Rome!%20He%20Was%20Talking%20To%20Himself!&t_d=Biden%20Almost%20Expelled%20From%20The%20G20%20Summit%20Stage%20In%20Rome!%20He%20Was%20Talking%20To%20Himself!&t_t=Biden%20Almost%20Expelled%20From%20The%20G20%20Summit%20Stage%20In%20Rome!%20He%20Was%20Talking%20To%20Himself!&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 18:30:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
371879
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
120652
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 27 Oct 2021 17:58:28 GMT
server
nginx
etag
"61799344-1d74c"
content-type
application/javascript; charset=utf-8
via
1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
expires
Thu, 27 Oct 2022 18:30:40 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
x-amz-cf-id
QsRQCSDouqBaxq25mrkq3PeRHVMTPg8Disrr2rn6wN9SZByUPM1oDA==
x-cache-hits
0
config.js
disqus.com/next/ Frame F7B8 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bf7cf40cac4303c84fe1f2023fd8905b9b6e91fc6d37d1b50d12acd3e418ad5d
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34394%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34394&t_u=https%3A%2F%2Fthetruedefender.com%2Fbiden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself%2F&t_e=Biden%20Almost%20Expelled%20From%20The%20G20%20Summit%20Stage%20In%20Rome!%20He%20Was%20Talking%20To%20Himself!&t_d=Biden%20Almost%20Expelled%20From%20The%20G20%20Summit%20Stage%20In%20Rome!%20He%20Was%20Talking%20To%20Himself!&t_t=Biden%20Almost%20Expelled%20From%20The%20G20%20Summit%20Stage%20In%20Rome!%20He%20Was%20Talking%20To%20Himself!&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 01:48:39 GMT
X-Content-Type-Options
nosniff
Content-Type
application/javascript; charset=UTF-8
Server
nginx
Age
23
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
13582
X-XSS-Protection
1; mode=block
dc.js
stats.g.doubleclick.net/ Frame 638B 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/13997836195017830?pubid=ld-5318-880&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 Oct 2021 23:24:02 GMT
server
Golfe2
age
239
date
Mon, 01 Nov 2021 01:44:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Mon, 01 Nov 2021 03:44:41 GMT
details
disqus.com/api/3.0/forums/ Frame F7B8 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus.com/api/3.0/forums/details?forum=thetruedefender-com&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2414cfaa22a8bfa4294324bc0e1e9e9fb193a6f310149502eebf0151c81d1c5c
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34394%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34394&t_u=https%3A%2F%2Fthetruedefender.com%2Fbiden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself%2F&t_e=Biden%20Almost%20Expelled%20From%20The%20G20%20Summit%20Stage%20In%20Rome!%20He%20Was%20Talking%20To%20Himself!&t_d=Biden%20Almost%20Expelled%20From%20The%20G20%20Summit%20Stage%20In%20Rome!%20He%20Was%20Talking%20To%20Himself!&t_t=Biden%20Almost%20Expelled%20From%20The%20G20%20Summit%20Stage%20In%20Rome!%20He%20Was%20Talking%20To%20Himself!&s_o=default
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 01:48:40 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
0
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Type
application/json
Vary
Origin, Cookie
Content-Length
3392
X-XSS-Protection
1; mode=block
dc.js
stats.g.doubleclick.net/ Frame ACC2 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/14009642120598886?pubid=ld-7836-312&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 Oct 2021 23:24:02 GMT
server
Golfe2
age
239
date
Mon, 01 Nov 2021 01:44:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Mon, 01 Nov 2021 03:44:41 GMT
v2
i.connectad.io/api/ 		0
38 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Nov 2021 01:48:40 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
6a71764e9e97695d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
prebid-request
onetag-sys.com/ 		15 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://thetruedefender.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bid-request
rtb.adpone.com/ 		768 B
740 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adpone.com/bid-request?pid=1217251311622&gdpr_applies=false&consentString=undefined
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7832129e5e666d4cc05e2dfe7257602b2e092d3a173e494e44a2485fb283594d

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Nov 2021 01:48:40 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5aSUJdGn37GSPeKynuBPcMUL8ZmNcAZAeqsnYKsH4LhcbF8xkzpumTXMK1Dn21J85Cc7omTY%2B7rBrGzVJv2a%2B8KbG%2F7GoPJobEKBdF3SrXYidplav%2BqFQJW67oszTKUMVBzu15iWLcDqqdoa"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
cf-ray
6a71764eaaf159bf-MXP
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 , Poland, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Mon, 01 Nov 2021 01:48:40 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
adjson
ads.betweendigital.com/ 		2 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.212.252.22 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
c
prebid.a-mo.net/a/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Mon, 01 Nov 2021 01:48:39 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin, Accept-Encoding
apacdex
useast.quantumdex.io/auction/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Nov 2021 01:48:40 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
cf-ray
6a71764e9b63177e-FRA
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
14c5e032b8f50fa35a4b25feb81d6e23db74721bbb42d83471aabe2e134a8004
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:40 GMT
X-Proxy-Origin
185.232.23.180; 185.232.23.180; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
5e9e8b34-910e-4f53-8245-1dd7ecb9d4a3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thetruedefender.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
ssp.wp.pl/bidder/ 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Nov 2021 01:48:40 GMT
server
nginx
access-control-allow-methods
POST, GET
access-control-allow-origin
https://thetruedefender.com
access-control-allow-credentials
true
accept-ch-lifetime
604800
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
access-control-allow-headers
authorization, origin, x-requested-with, cookie, content-type, accept-ch
prebid
ib.adnxs.com/ut/v3/ 		140 B
980 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
37af7bfb8b71df5cb9f912d0980965340e171692a48ba40928f58c593d5c7e11
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:40 GMT
X-Proxy-Origin
185.232.23.180; 185.232.23.180; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
3c8dcd02-52bf-472a-8b5b-cfd341fa6130
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thetruedefender.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e7dba4ee9a220e14aabe7ad5cbc5333313e1aea2f07091673f0e42dc405858aa

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 01:48:39 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
6%3b11%3b112
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
cdb
bidder.criteo.com/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.14.0&cb=42494008304
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thetruedefender.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thetruedefender.com
date
Mon, 01 Nov 2021 01:48:39 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
event.js
referrer.disqus.com/juggler/ Frame F7B8 		40 B
278 B 		Script
General
Check archive.org
Download Go to
Full URL
https://referrer.disqus.com/juggler/event.js?experiment=default&variant=control&page_referrer=https%3A%2F%2Fthetruedefender.com%2F&product=embed&thread=8854712562&thread_id=8854712562&forum=thetruedefender-com&forum_id=7253923&zone=thread&verb=load&object_type=section&object_id=email_subscriptions&section=email_subscriptions&extra_data=%7B%22user_verified%22%3Afalse%2C%22email_subscription_prompt%22%3A%7B%22title%22%3A%22Like+this+article%3F%22%2C%22description_copy%22%3A%22Subscribe+to+thetruedefender.com+to+receive+daily+updates+of+the+latest+articles+delivered+straight+to+your+inbox.%22%2C%22confirmation_copy%22%3A%22Thanks+for+subscribing+to+email+updates+from+thetruedefender.com!+If+you%27d+like+to+unsubscribe%2C+there+will+be+a+link+in+emails+you+receive+from+thetruedefender.com.%22%7D%7D&event=activity&imp=59c169jfe9dan&area=n%2Fa
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f5627ea74eac809576ae16667ed7522b8dff46df48c38d9452dbe2eb208d2eef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34394%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34394&t_u=https%3A%2F%2Fthetruedefender.com%2Fbiden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself%2F&t_e=Biden%20Almost%20Expelled%20From%20The%20G20%20Summit%20Stage%20In%20Rome!%20He%20Was%20Talking%20To%20Himself!&t_d=Biden%20Almost%20Expelled%20From%20The%20G20%20Summit%20Stage%20In%20Rome!%20He%20Was%20Talking%20To%20Himself!&t_t=Biden%20Almost%20Expelled%20From%20The%20G20%20Summit%20Stage%20In%20Rome!%20He%20Was%20Talking%20To%20Himself!&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 01:48:39 GMT
X-Content-Type-Options
nosniff
Server
nginx
Connection
keep-alive
X-XSS-Protection
1; mode=block
transfer-encoding
chunked
Content-Type
application/javascript
noavatar92.png
a.disquscdn.com/1635434082/images/ Frame F7B8 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.disquscdn.com/1635434082/images/noavatar92.png
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.198.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34394%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34394&t_u=https%3A%2F%2Fthetruedefender.com%2Fbiden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself%2F&t_e=Biden%20Almost%20Expelled%20From%20The%20G20%20Summit%20Stage%20In%20Rome!%20He%20Was%20Talking%20To%20Himself!&t_d=Biden%20Almost%20Expelled%20From%20The%20G20%20Summit%20Stage%20In%20Rome!%20He%20Was%20Talking%20To%20Himself!&t_t=Biden%20Almost%20Expelled%20From%20The%20G20%20Summit%20Stage%20In%20Rome!%20He%20Was%20Talking%20To%20Himself!&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:40 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Feb 2021 20:50:09 GMT
server
nginx
age
280710
etag
"60395f01-66c"
strict-transport-security
max-age=300; includeSubdomains
content-type
image/png
x-xss-protection
1; mode=block
cache-control
max-age=2592000
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA56-P4
content-length
1644
x-amz-cf-id
JAimdhUnYjnVVcT6V9h727eM_4Yy66fsDFaFXAg7oGjBck5C68qElg==
expires
Sat, 27 Nov 2021 19:50:10 GMT
truncated
/ Frame F7B8 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/gif
svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame F7B8 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.0646e37a1d5797cdbecb18f0498b116a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.0646e37a1d5797cdbecb18f0498b116a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 14:37:41 GMT
via
1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
16110659
x-cache
Hit from cloudfront
content-length
13079
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Tue, 27 Apr 2021 21:01:56 GMT
server
nginx
etag
"60887bc4-3317"
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
expires
Thu, 28 Apr 2022 14:37:41 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
Im6TZS65dxSQUwkb6oh02wM_6Ri8W4jQJgwFlvo0RQK8MX698GUP4Q==
x-cache-hits
0
loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame F7B8 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.0646e37a1d5797cdbecb18f0498b116a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.0646e37a1d5797cdbecb18f0498b116a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 03 Oct 2021 15:42:24 GMT
via
1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
2455576
x-cache
Hit from cloudfront
content-length
2971
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Tue, 28 Sep 2021 21:56:15 GMT
server
nginx
etag
"61538f7f-b9b"
content-type
image/gif
access-control-allow-origin
*
expires
Mon, 03 Oct 2022 15:42:24 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
x-amz-cf-id
4a8i4fitZr0Dk_KRpN40N3T_n5apwGRp5HxqEHewwAjt4poRRvjMNA==
x-cache-hits
0
sprite.ad630a07080a45451f139a7487853ff8.png
c.disquscdn.com/next/embed/assets/img/ Frame F7B8 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.0646e37a1d5797cdbecb18f0498b116a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.0646e37a1d5797cdbecb18f0498b116a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:47:48 GMT
via
1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
3391252
x-cache
Hit from cloudfront
content-length
1763
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Wed, 22 Sep 2021 19:30:27 GMT
server
nginx
etag
"614b8453-6e3"
content-type
image/png
access-control-allow-origin
*
expires
Thu, 22 Sep 2022 19:47:48 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
h2ghX6_eYwioPgNdShwAtVyO98IKl6tUFwMc4mdiQmTa736nFAc7Zg==
x-cache-hits
0
icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame F7B8 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.0646e37a1d5797cdbecb18f0498b116a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c.disquscdn.com/next/embed/styles/lounge.0646e37a1d5797cdbecb18f0498b116a.css
Origin
https://disqus.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 09:58:18 GMT
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
5241022
x-cache
Hit from cloudfront
content-length
7900
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Tue, 24 Aug 2021 21:06:44 GMT
server
nginx
etag
"61255f64-1edc"
content-type
application/octet-stream
access-control-allow-origin
*
expires
Thu, 01 Sep 2022 09:58:18 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
_5HVOWSsl1WgwUx_5d8Yer0FK7c14thoCEIqEf8qGoDlNK-Zno-yqg==
x-cache-hits
0
QHo1n4QzKgzkWic4j7DCycgf-Eg1rNTfcRxhISYQZmXDRiEDlaTqHMZbeFsN2xTD_qichSw9JSf9Riz_FSnE5HmkQlJroD4slqWLPiXR5z-A0HlhWmbo6pnxqihSs3A9Y3iuNpoJMiWxqeb_IHT683HfrWm4hlqEMkzWuUDkS96ITExNEm_Mj9Y-ApVxO0cPAPFSL...
cdn4.telesco.pe/file/ Frame D00E 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/QHo1n4QzKgzkWic4j7DCycgf-Eg1rNTfcRxhISYQZmXDRiEDlaTqHMZbeFsN2xTD_qichSw9JSf9Riz_FSnE5HmkQlJroD4slqWLPiXR5z-A0HlhWmbo6pnxqihSs3A9Y3iuNpoJMiWxqeb_IHT683HfrWm4hlqEMkzWuUDkS96ITExNEm_Mj9Y-ApVxO0cPAPFSLYhL6EqoOWakye8s3p4tGZ8Dl2H1N8B7h5gNH6WgK9Rbz4AOnsJecXSyJ_qcGuQAck3yIfIux4RUuMbLbp4_3FsbogwzJq8q9eOzP3PD3rVfooRpTnCvBOUiOFYYZ3xgnsY_4E6f12vc_7fEKw.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 , United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
b03a87f179ef9c572383188c376c2aba16eef1c429f91cffb5e670f77b55a995
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
30278
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 01 Nov 2021 01:48:40 GMT
Server
nginx/1.18.0
Date
Mon, 01 Nov 2021 01:48:40 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-30278, bytes
Expires
Wed, 01 Dec 2021 01:48:40 GMT
truncated
/ Frame D00E 		683 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b5c639313a20041c6986df07dae08542d6e26be05464cadce13a51141b8a8886

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
uG-GUpEoJzb2Vg4lInhdU7X-bj315eQCiea3Hgin-PXFqkYYGrUu7_KYKyzAUye6GY0Nofr4vJmEp2lhYHTEskdKYidlWxBAzMBqtdUEj-Fth-8-ZUcTCWwSWRWU6M4TsodXR7NOm0TvkHC5M4y5NbI2jqcGdMMJcQgrkV-2Fz5acPRoHvnupHTyfBBjCp8ZhpJdA...
cdn4.telesco.pe/file/ Frame D00E 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/uG-GUpEoJzb2Vg4lInhdU7X-bj315eQCiea3Hgin-PXFqkYYGrUu7_KYKyzAUye6GY0Nofr4vJmEp2lhYHTEskdKYidlWxBAzMBqtdUEj-Fth-8-ZUcTCWwSWRWU6M4TsodXR7NOm0TvkHC5M4y5NbI2jqcGdMMJcQgrkV-2Fz5acPRoHvnupHTyfBBjCp8ZhpJdA-NVRSw7p8j7tl0VmWdn9PKG9linf6K7MnpB-D7QnfjHVUXH209GQlnidCcG1gy_GMh6cV4hj1d_eSQQAEP5X0XtJS-dKuMa9JNaA5FuCBf24k652sKOONvfZnpH9_qqM3s6aaxJQR_yxylPDA.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 , United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
82ff4455c684dc06d7c2a3531129f7900085f0260c188d67215dc7b9b9d61b5d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
28278
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 01 Nov 2021 01:48:40 GMT
Server
nginx/1.18.0
Date
Mon, 01 Nov 2021 01:48:40 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-28278, bytes
Expires
Wed, 01 Dec 2021 01:48:40 GMT
fvltsqjdMoqRfDyoUNgrt0tLDoaGJejcFTCIuW3pd76zvXjelQuiPzoKQSBJ23Zu1inmEVA7jes-xL29zHiBZ0GkxOzpDbJc_QI6nTNdDiGCyyoqnluQbMfJ19Z_5sOrwE5fcQrOHoRkUQrBc1-Wibm_F5-6o3W7h4CLn6lxSrl3myLiZe5druBgMCOfKmB8vLqSK...
cdn4.telesco.pe/file/ Frame D00E 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/fvltsqjdMoqRfDyoUNgrt0tLDoaGJejcFTCIuW3pd76zvXjelQuiPzoKQSBJ23Zu1inmEVA7jes-xL29zHiBZ0GkxOzpDbJc_QI6nTNdDiGCyyoqnluQbMfJ19Z_5sOrwE5fcQrOHoRkUQrBc1-Wibm_F5-6o3W7h4CLn6lxSrl3myLiZe5druBgMCOfKmB8vLqSKVEcxJKhlr2Mx2BWbk-ea-YBBEckMrZ-KD8tUeLRkoqhhRYeewIKw0ThBYpnRcwQCdyTn7dYI_nHPn6PzjBUC9qfFvhbL_pks-hFn_VTSiXguijxwG3WgWUtLAxIJ6DimNxH8lsnIA1o6ulSlQ.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 , United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e9020c4c53ca9b85fff4e05ef42fbc1d0004cf8c2eb78fc98b0c8b7dc1d1bf79
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
65273
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 01 Nov 2021 01:48:40 GMT
Server
nginx/1.18.0
Date
Mon, 01 Nov 2021 01:48:40 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-65273, bytes
Expires
Wed, 01 Dec 2021 01:48:40 GMT
SDZHVgWxZZ1ub3gL9l1vxeOrUwvULH2Qc6XxM_Sdqud6qkRJwCD1tSti7agJNHXugOxGBRtGV2J56VJD011QrZpcIC9Z3DQEr71Mh1VkcsXqZUBfjF6VZz81QlDd1DhsxVsG8l5h7uKj7fxTC6a1y-1OkdpcT9bEhGV_faHwKg1UnkMinV-YZlIp1B0nI1yG9KAzt...
cdn4.telesco.pe/file/ Frame D00E 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/SDZHVgWxZZ1ub3gL9l1vxeOrUwvULH2Qc6XxM_Sdqud6qkRJwCD1tSti7agJNHXugOxGBRtGV2J56VJD011QrZpcIC9Z3DQEr71Mh1VkcsXqZUBfjF6VZz81QlDd1DhsxVsG8l5h7uKj7fxTC6a1y-1OkdpcT9bEhGV_faHwKg1UnkMinV-YZlIp1B0nI1yG9KAztuyhH7isHjJZZA4IDq_KKdMYaHvnB7q3abluJkeUcr7aG0Cj9fFNd9OXwLZD7jX8Ks2vc-Hzy4x3uWOXL2GH3l6PL0_WsyzKEsqn7rQ0Q07DvhEB-hdwLzLDnwpL3MQtPGTBQhX2L_OYgHqhbA.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 , United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2b5304ba90a1201b1aa51bcfe259eba101eeda9c3ef0be5ef6197f1874706091
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
48358
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 01 Nov 2021 01:48:40 GMT
Server
nginx/1.18.0
Date
Mon, 01 Nov 2021 01:48:40 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-48358, bytes
Expires
Wed, 01 Dec 2021 01:48:40 GMT
p3T7tdwbPjsmlXK9vakMSEozAUMDHnZg-nfVwZ9ECr4Hli05MHV373L-Gcf2_46NBLuQyjC2zMiL0N4qTUf6wnbgubVPsWK_iYqus_wstW95tsoV-tf9Bu_NN-8xPleEia-B_BrP4mf-OlG2Z-jWtqIWV44zs-RoL_OSb2Dub1ojVeXSwO_0QC3NWztemzEteNCyt...
cdn4.telesco.pe/file/ Frame D00E 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/p3T7tdwbPjsmlXK9vakMSEozAUMDHnZg-nfVwZ9ECr4Hli05MHV373L-Gcf2_46NBLuQyjC2zMiL0N4qTUf6wnbgubVPsWK_iYqus_wstW95tsoV-tf9Bu_NN-8xPleEia-B_BrP4mf-OlG2Z-jWtqIWV44zs-RoL_OSb2Dub1ojVeXSwO_0QC3NWztemzEteNCytUk_1eZj0IDn6lhDueDl39peLVrVHUwP5EFhbe_pBKYymg_AwJIND1-a1QPD_BMGRdu68InJ-P3i7TJL_1dbdWm69PqzpmkhQ8RtAoRSfhaydopdL6JwiW-Z-Cun0e2SY204lbdftkMMiPtBfg.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 , United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
82e95b02cef8ad794453e841a77c55f92f6c289d44bc3f0ff50b7a3db32c9f04
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
62205
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 01 Nov 2021 01:48:40 GMT
Server
nginx/1.18.0
Date
Mon, 01 Nov 2021 01:48:40 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-62205, bytes
Expires
Wed, 01 Dec 2021 01:48:40 GMT
GFjXOob6leAuUr1UlFimv83BnDXw9LWNSQMPuiiqwWYSJ5l_pyGRR-JefQ0T44tN-aAkzZtIDhBUI0XczALIli1RPjQlUCUMEBun6-OftVX4-RFBlXps3vY2VzO5XVtMNKhQAb1UakD7XcwQcc_BVxYYi6xpaeNpdOTzdYhPSxRuNwXKr_HgRO7rNGdzcLQJ0aer8...
cdn4.telesco.pe/file/ Frame D00E 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/GFjXOob6leAuUr1UlFimv83BnDXw9LWNSQMPuiiqwWYSJ5l_pyGRR-JefQ0T44tN-aAkzZtIDhBUI0XczALIli1RPjQlUCUMEBun6-OftVX4-RFBlXps3vY2VzO5XVtMNKhQAb1UakD7XcwQcc_BVxYYi6xpaeNpdOTzdYhPSxRuNwXKr_HgRO7rNGdzcLQJ0aer83D_zPwVM6bpFdHJ20PE11jC-q8DW_SSha3SzfwbXnsyhEEmxN9WwTdHa6cBjN6qhXY7pFCb1kfeL7yAnStknAOJF2G_IaCwNFX_HvqC-D1E9BV2K9E4OIlHMAC2lXIBN-XhIGy0xFDL7iwzqg.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 , United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
7383b553b9c0cf9a720710cc29af301b3e66b69de9d4fbcba8fa3769c5b39253
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
41376
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 01 Nov 2021 01:48:40 GMT
Server
nginx/1.18.0
Date
Mon, 01 Nov 2021 01:48:40 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-41376, bytes
Expires
Wed, 01 Dec 2021 01:48:40 GMT
Suwe-6gXij-xV4iWveUEMf-PuXckI4HIm0otwkdsS5PB26CDa7Lsp9it9B10H3-2z8No-p72aFgcny3HBuCQjDN0f5YnvXBRO6VKH8r2qawausEJthw7YNv1g0ouSKuXL8Zn1uh3DvAlo-0ca2BPkQISFtzlo0dsv_wSpzJ33B2P-eC4gyZ7qDdyvN0vBgM7S77jM...
cdn4.telesco.pe/file/ Frame D00E 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/Suwe-6gXij-xV4iWveUEMf-PuXckI4HIm0otwkdsS5PB26CDa7Lsp9it9B10H3-2z8No-p72aFgcny3HBuCQjDN0f5YnvXBRO6VKH8r2qawausEJthw7YNv1g0ouSKuXL8Zn1uh3DvAlo-0ca2BPkQISFtzlo0dsv_wSpzJ33B2P-eC4gyZ7qDdyvN0vBgM7S77jM4yvWrffqQSiMbjXVNmc1C33Ll9dL1VGHpQzUX1E8lk3te81hhsitAo8AtJTLd2T4tky8-3rE2B1XSa4LzeChAoFckow1ICpL4EjDVfhZKD69yT2ASf23XveDZaEJsi47kSb0EFzf92543dqaA.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 , United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
1fabd9cf5a7cb762fe2d495c5bffeff52affc2b4c4f45d6ad51d82fe64da03d5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
37819
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 01 Nov 2021 01:48:40 GMT
Server
nginx/1.18.0
Date
Mon, 01 Nov 2021 01:48:40 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-37819, bytes
Expires
Wed, 01 Dec 2021 01:48:40 GMT
j-8WDbBpgJdeADJC1ZLbZz6hbWY5sJ6JXJDiP8bDreXIa3n121e8qIdSc8J8Ft2VNsCMjtahtaJ4b_2VIIhWw5a8X9VvJZ15QrHwOM2x-XyvrVQbZs_6ziaObJuwCpnKF2FJSNxdTSssDpx2mY3I7HqZbCmRYGi-nYRSVhWCoJh7Y1S91TK55eP0kt9a8gEEV3WAr...
cdn4.telesco.pe/file/ Frame D00E 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/j-8WDbBpgJdeADJC1ZLbZz6hbWY5sJ6JXJDiP8bDreXIa3n121e8qIdSc8J8Ft2VNsCMjtahtaJ4b_2VIIhWw5a8X9VvJZ15QrHwOM2x-XyvrVQbZs_6ziaObJuwCpnKF2FJSNxdTSssDpx2mY3I7HqZbCmRYGi-nYRSVhWCoJh7Y1S91TK55eP0kt9a8gEEV3WArQjmVuu8qdVUoi0T2EDX6J5bp_-yQ1_n0g_EfEQYkHSlyP9GCV8ovzv4ujYkupsLlzOQI6-7ozKkCstDEGCN0mccOrZBnuULnhzWQjIGOcNLeFDYLHJieDsfa-VffcoQkisY1ZONjC_SWTjlbQ.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 , United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
d2b435a3903298990f107305f0c581fb1b2f24a6c9f2b152c50d08af5b013912
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
55675
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 01 Nov 2021 01:48:40 GMT
Server
nginx/1.18.0
Date
Mon, 01 Nov 2021 01:48:40 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-55675, bytes
Expires
Wed, 01 Dec 2021 01:48:40 GMT
BmoomJC3r_4Rk69WPZQrGuC8jNPuXanHgoHRnKWLEBaRfWGifl9M1dUQTsvgiU26Je4B2eExNOP4PNHtpDg7NV1CZyQjCdVjkkmt26MuR9emYRL__hs2VXosPofWFdNfXl7qyJ5lezA9H5C-xuzjgiOkdPncFFKKzHxJkY4Lv3lWsoVaUQ8OJ9yH5STxgd4Xs_1GZ...
cdn4.telesco.pe/file/ Frame D00E 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/BmoomJC3r_4Rk69WPZQrGuC8jNPuXanHgoHRnKWLEBaRfWGifl9M1dUQTsvgiU26Je4B2eExNOP4PNHtpDg7NV1CZyQjCdVjkkmt26MuR9emYRL__hs2VXosPofWFdNfXl7qyJ5lezA9H5C-xuzjgiOkdPncFFKKzHxJkY4Lv3lWsoVaUQ8OJ9yH5STxgd4Xs_1GZfjkTmF_r8zmCn8bnSqIZKWvpwiofm79mbh5AK1uAvKsJt6uMq5ZRrrfz_9LkjuwL28fCr7NbUdQt7-2nvj2VmFrRGdevgmhOWNNeKQkyN7u1uQPqasEIEorwItbryuhEil-83TN7KKfF-VCqw.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 , United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6a78a0de507129528831483053094ff43ffc594aa43da6c79cf3f06c134520d2
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
60993
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 01 Nov 2021 01:48:40 GMT
Server
nginx/1.18.0
Date
Mon, 01 Nov 2021 01:48:40 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-60993, bytes
Expires
Wed, 01 Dec 2021 01:48:40 GMT
hzK8CzyzuwrCYtI3SyyfFk86NvdNavoRbv-Y8qkyqanh-HZmWq0WVRdwAzsxBI0UmmhJieytqm3dRg4scRw1UcioT420oJvDLTgPbc14Y5E5bWHLWVXBrGTCsawIjqiiF-14BTfWsI6Umz3sld04TWkwX0btjCHzQNYqrytgw2IpVcSFkd1Ft9XoLP1cp6GQVI0YQ...
cdn4.telesco.pe/file/ Frame D00E 		109 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/hzK8CzyzuwrCYtI3SyyfFk86NvdNavoRbv-Y8qkyqanh-HZmWq0WVRdwAzsxBI0UmmhJieytqm3dRg4scRw1UcioT420oJvDLTgPbc14Y5E5bWHLWVXBrGTCsawIjqiiF-14BTfWsI6Umz3sld04TWkwX0btjCHzQNYqrytgw2IpVcSFkd1Ft9XoLP1cp6GQVI0YQHpPpT4M6J7-mFXL9da-PnGLxGnP3zmw8qzwfeXJ-XFOqnxS3cSPiDpLq9o0twtPNNmPO6P8uyF9z5GS0nxiQNYaz5mqCobLErYji9NsbOO4RgSZGp-XJSLgVL4WhqRLI9ZaBK_80wvPFWvMYg.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 , United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
d417d2cfe4b97e101cd920fa2fbe54b69664c398ea013e8f1ce20428eb0449cc
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
111505
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 01 Nov 2021 01:48:40 GMT
Server
nginx/1.18.0
Date
Mon, 01 Nov 2021 01:48:40 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-111505, bytes
Expires
Wed, 01 Dec 2021 01:48:40 GMT
V5Q-o5qaekEnBfytMnrHNPzdgwHs5zgBRh_kLSskYaicwM0xy_Zzz4AyB3bGM2rumeKApXBWchXrO_1T9pJfezDtf8EpXk8zueBDSYm2Zj3BLL6NCl2YAAnhvRugIkq8KM5PV59lhG3jBVVBxA_k4sFflVeyxnjQXtPA8nvHv7fLPuM_lP42CMalrfWu-NgKJj3eA...
cdn4.telesco.pe/file/ Frame D00E 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/V5Q-o5qaekEnBfytMnrHNPzdgwHs5zgBRh_kLSskYaicwM0xy_Zzz4AyB3bGM2rumeKApXBWchXrO_1T9pJfezDtf8EpXk8zueBDSYm2Zj3BLL6NCl2YAAnhvRugIkq8KM5PV59lhG3jBVVBxA_k4sFflVeyxnjQXtPA8nvHv7fLPuM_lP42CMalrfWu-NgKJj3eAj813sLNYwUEDGcjBQVKIO2y300e6IBCrxbIqUiH9GOCrGf2vYWd0xMV9i_ejXmkFtoYwh-SZLzGwPfAZUfdUh_aUIHXGrsjeYFf39zcaPyyevk8aBpaEl1F53Gs99k6PT_HsNd-oOt9Js-xYA.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 , United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
02613859f88dc6d2b048d508315456d884816dfccf7647ec58ab10774eb71d24
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
59683
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 01 Nov 2021 01:48:40 GMT
Server
nginx/1.18.0
Date
Mon, 01 Nov 2021 01:48:40 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-59683, bytes
Expires
Wed, 01 Dec 2021 01:48:40 GMT
H0_R2qmDNk4TysV0Y7lflYlvwPCzFbLWyB2_rc66PpZlTgAazCMNavcaaiQgRpb9nXlWx-XdaAEiRopPxza3SYQe0Y-pvoyXe4Ny71nl3agAhyz5T2GRv7E-QO_jbaX19kknEC3l8-LhVbkyAJ2Z5aNdfbyeiIVnk2hp6o_oPgCw7kGU3xfJRnat3qXwy2vpBDKer...
cdn4.telesco.pe/file/ Frame D00E 		141 KB
142 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/H0_R2qmDNk4TysV0Y7lflYlvwPCzFbLWyB2_rc66PpZlTgAazCMNavcaaiQgRpb9nXlWx-XdaAEiRopPxza3SYQe0Y-pvoyXe4Ny71nl3agAhyz5T2GRv7E-QO_jbaX19kknEC3l8-LhVbkyAJ2Z5aNdfbyeiIVnk2hp6o_oPgCw7kGU3xfJRnat3qXwy2vpBDKerhG36BirWxPmcGSb-q7wzMqLvAEXwA8yc_XkjrugrzVKRYMU_U-2gen-m4kJ4mhvaejhIKdzS_HA0xHAoHqjr3BCZb5-ZshQAmS-bkC8bjD8tmCoKXbCks_rfv8s6NNKk_cwAmZYye1T0BpX-A.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 , United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f78153738f18a6d1b3f7311bf1bc17a3970238802f5a3a07cfed3e95a1bcaa4c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
144342
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 01 Nov 2021 01:48:40 GMT
Server
nginx/1.18.0
Date
Mon, 01 Nov 2021 01:48:40 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-144342, bytes
Expires
Wed, 01 Dec 2021 01:48:40 GMT
ISjPbg2Vw1vosqDovwq2FwIBoRd07bDw0w2CRYNUtHxv1vJ5UcoOt-AtKQIU5Tar0BEi8H7iH-mk1xoTQaD7gY5J3kSjMR-5U9FrTsyfI6GBK1CkH_8PDA6kM_p6AkHeS1McaimyXw03hrCt1KT6g_CZhVKFOUi0319o1F2APJBSMcpJ3hIN_wTfq86DkAQ1Vq30p...
cdn4.telesco.pe/file/ Frame D00E 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/ISjPbg2Vw1vosqDovwq2FwIBoRd07bDw0w2CRYNUtHxv1vJ5UcoOt-AtKQIU5Tar0BEi8H7iH-mk1xoTQaD7gY5J3kSjMR-5U9FrTsyfI6GBK1CkH_8PDA6kM_p6AkHeS1McaimyXw03hrCt1KT6g_CZhVKFOUi0319o1F2APJBSMcpJ3hIN_wTfq86DkAQ1Vq30ptzdr1XzaObaXFxni9VBGiAs4ar9WH1zw3IpnAyyX6k4J3zzkVwzKKfpZQV6wwkHvkmZhnwr-UOwSAJAmRi8QgUYsh1pmKNYhf1MnP5WAnhRzFmbaz-vvcvjC5KesxS0g3PmRdaJrhMOdBtAHw.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 , United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f3a7f51da6149b03e0bf9d19c2299740475661a044954fc56fdcc9244d8c4d6d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
36241
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 01 Nov 2021 01:48:40 GMT
Server
nginx/1.18.0
Date
Mon, 01 Nov 2021 01:48:40 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-36241, bytes
Expires
Wed, 01 Dec 2021 01:48:40 GMT
p_m8hB5iKOqiMIUFwNt8I_HX9eFKcBh7os2_-z0Ua8wsDnHUZmbN3TCrtSMtVp4q7V3vBKUKZoYrcFCFemGjc5LSE2paieDBDpWWjOyjKoYBGnKUboygJuKwqgEzjAp-stcibJSkFcfHKidITIz-7-7sjKfClOt8HDICTJ_mLd22ieSvL8vyfAIVkMSidXva1trDq...
cdn4.telesco.pe/file/ Frame D00E 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/p_m8hB5iKOqiMIUFwNt8I_HX9eFKcBh7os2_-z0Ua8wsDnHUZmbN3TCrtSMtVp4q7V3vBKUKZoYrcFCFemGjc5LSE2paieDBDpWWjOyjKoYBGnKUboygJuKwqgEzjAp-stcibJSkFcfHKidITIz-7-7sjKfClOt8HDICTJ_mLd22ieSvL8vyfAIVkMSidXva1trDqzg95De0BjSPitGrFu9T6vQHKnBBILrdz47W5Tl9ibNZLicYgZSdZlZaP8CTSEgbfJs6c3Urmrx2F9_yYrMFvPZL9aVdedyPQMQgMZoZo7zLeZv7Itsu4L2ghCEYPFTRpdPSYHH9kaJP74zN3A.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 , United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
d12fa4b5546986e4184d7f9872c134261ebbeb00fff580e38c3fe21d5769c6a0
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
46680
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 01 Nov 2021 01:48:40 GMT
Server
nginx/1.18.0
Date
Mon, 01 Nov 2021 01:48:40 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-46680, bytes
Expires
Wed, 01 Dec 2021 01:48:40 GMT
PZdjH6NcRjO9z1T4hwNVOm2wAQbsv_c-KHhZrIsBM8YC9a-hpcXFjNMeR0gYjAnP1ncyXAJBT151b0yw5T7oMSNy8hDlPdMGRfaZdzK1JVxbPA641h9WCkJxZGhd4bJ4ooTOpyBaThfsSA-FzLzgs3-tcHAqtO1cU-H-_yuWwZDo1yDE76OHIKKuvhJ48Q3GdGUn4...
cdn4.telesco.pe/file/ Frame D00E 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/PZdjH6NcRjO9z1T4hwNVOm2wAQbsv_c-KHhZrIsBM8YC9a-hpcXFjNMeR0gYjAnP1ncyXAJBT151b0yw5T7oMSNy8hDlPdMGRfaZdzK1JVxbPA641h9WCkJxZGhd4bJ4ooTOpyBaThfsSA-FzLzgs3-tcHAqtO1cU-H-_yuWwZDo1yDE76OHIKKuvhJ48Q3GdGUn46XUQGVSLu6aZXAs4e8vkoX8RTKQ-Yl7wE0nfXxBHoiZ5sfhpdmfhOwnryVIbEZlOr6UEjHaigVHaRz9hlCu49eHlaD5zTn4Jy3EQRUYjjmIoU-BH8gXhIJ6RA6kGjQmRv8og9k5YT4YZiQK-A.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 , United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
d436a11fef6a32350946d3e8979a698e63213a0449bdccc01fac1be1a814ef7f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
34334
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 01 Nov 2021 01:48:40 GMT
Server
nginx/1.18.0
Date
Mon, 01 Nov 2021 01:48:40 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-34334, bytes
Expires
Wed, 01 Dec 2021 01:48:40 GMT
OUqjDTj7c8et7dkUBLiM9BY5YgxcCX4uDYlFT0RBXuPMUc1SGad1GE5pOrJGO2JCTKdj8sic6JFaqSZTubBmkIw8Rxc7asMm9YnBlyOdPS_NDPsUXQw8LkVuDIXY5rEo7DgRhX_ffR9uuM7lXI0IXL7kQPg_lsiX_XbAt_liJFWsR49M_xGvCKAx-Jmmu_D8nXQ6b...
cdn4.telesco.pe/file/ Frame D00E 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/OUqjDTj7c8et7dkUBLiM9BY5YgxcCX4uDYlFT0RBXuPMUc1SGad1GE5pOrJGO2JCTKdj8sic6JFaqSZTubBmkIw8Rxc7asMm9YnBlyOdPS_NDPsUXQw8LkVuDIXY5rEo7DgRhX_ffR9uuM7lXI0IXL7kQPg_lsiX_XbAt_liJFWsR49M_xGvCKAx-Jmmu_D8nXQ6brMENL9SNwJIR9XUNBtmlOW8HNnZAaPTngLEmicLxLbGy24gp-AX5r5N8n-QKeblAUh6TYXBOoAulw6SDJPPD0OMn7rM5wfa_JXAI3auEwixYhnAqCGonzX-C-VtPUmnOzt45cNSmSZyIi35Sw.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 , United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
c6811ace8dcadada9d9969a950eaaeda6ebc9fdd3e3a045392bf2705579c6aaa
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
25587
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 01 Nov 2021 01:48:40 GMT
Server
nginx/1.18.0
Date
Mon, 01 Nov 2021 01:48:40 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-25587, bytes
Expires
Wed, 01 Dec 2021 01:48:40 GMT
LUPMA02EfbFXYJ7UYnt8A4SNJqe-9V3l2TZ4Hjpw1t6PH2oeOtu0manVnMHKNsLvKcSAMrZ1bIwwxkUuNJhoJqIL6r5ELrKDR-x67bGmQokmSopXrcTiNAD2A5QvjAtEEuvxhO-U4a1AxkylJOXRva2OY0PCCQHP6xucsRgZy6ExeeXfDV9KrrKC3WR2D9QJgQ8lw...
cdn4.telesco.pe/file/ Frame D00E 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/LUPMA02EfbFXYJ7UYnt8A4SNJqe-9V3l2TZ4Hjpw1t6PH2oeOtu0manVnMHKNsLvKcSAMrZ1bIwwxkUuNJhoJqIL6r5ELrKDR-x67bGmQokmSopXrcTiNAD2A5QvjAtEEuvxhO-U4a1AxkylJOXRva2OY0PCCQHP6xucsRgZy6ExeeXfDV9KrrKC3WR2D9QJgQ8lwVuYWYFRwITmw2eFOIMb4SAdC-cF7pjzRKqzD7wubHo90GFAPl8iIeifra7jv4EppSQjaH6E_12G2VVHqOe6v_1klmFDTdW8eFdvQ7VTI1r0acbJDg72fpZUtxMROzlhvM62urq0v5zHSxLIwQ.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 , United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
043fb8c51a80e4d940ea86a32433b58ded5528d4005b8d97479fcf38b3bd5f44
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
31070
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 01 Nov 2021 01:48:40 GMT
Server
nginx/1.18.0
Date
Mon, 01 Nov 2021 01:48:40 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-31070, bytes
Expires
Wed, 01 Dec 2021 01:48:40 GMT
B0N4FoJsXI1ozw1-QcqrgE1KFuvpQIs7t2GJHhniKv8a8bMPdeVZ873BPzDp0Fn380jvNSdXZ8T2USiQ2ekmGcjGTFScL5h8xgfqmvY_VjXXCKz6RQoAy-F3m8shGU-OVE5-8LyFY6iaYxEzOyv9VID_cqQqX_OUS_YToBMfcoVRhm75Z-Z5gBGG7mgajkfJPmEf1...
cdn4.telesco.pe/file/ Frame D00E 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/B0N4FoJsXI1ozw1-QcqrgE1KFuvpQIs7t2GJHhniKv8a8bMPdeVZ873BPzDp0Fn380jvNSdXZ8T2USiQ2ekmGcjGTFScL5h8xgfqmvY_VjXXCKz6RQoAy-F3m8shGU-OVE5-8LyFY6iaYxEzOyv9VID_cqQqX_OUS_YToBMfcoVRhm75Z-Z5gBGG7mgajkfJPmEf1y9l-FC7APRnL8f1_zpSBET4UjdrtPN7reANrMtuZV6ZGqGePXSN7tjdkWMTPQ2jBWjH_IafNgCiucXFARpMrij_v8Vd1vls425HO_qmZKNky8eg1QUaIYZgwjNCewanEuyE4HPCXUf5_ZIWHw.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 , United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
506fed9cf30ffd83f5c73e8a04a73a3486fea0c108bd1bc70d988614ae7fa092
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
34433
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 01 Nov 2021 01:48:40 GMT
Server
nginx/1.18.0
Date
Mon, 01 Nov 2021 01:48:40 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-34433, bytes
Expires
Wed, 01 Dec 2021 01:48:40 GMT
Fxy4QhZjvkjOucaKJSWOjUOJ6rhVxiLm35CBotLXBVXaW1GAi_gIyjtV7DqIzzH0eW6hNpsTE92hCVTOE7FFTvKRwcNvZeT8Ru4wGUuBVN3WvCtWa0dpOUQTf7CcpY9nLhcfk4D2ci6Cv9rDULj4mwCxUp70onyEDEJHofVkeZUVeJT8mdlBVZ32WYytj70HBX_RC...
cdn4.telesco.pe/file/ Frame D00E 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/Fxy4QhZjvkjOucaKJSWOjUOJ6rhVxiLm35CBotLXBVXaW1GAi_gIyjtV7DqIzzH0eW6hNpsTE92hCVTOE7FFTvKRwcNvZeT8Ru4wGUuBVN3WvCtWa0dpOUQTf7CcpY9nLhcfk4D2ci6Cv9rDULj4mwCxUp70onyEDEJHofVkeZUVeJT8mdlBVZ32WYytj70HBX_RCiosNqZcZQDRl1zLZYYZRnJ42UJpR7ga_MS_FGS28ZtA_QutA4yaLigq3OBxgJsTJO_3JnQ4boS_RElIFAbTcO1-KFTqvdwpxqWEqQRsvgTKCLbFFRLjjOphodeD_SccgEnSadrW9VWJXP5qBQ.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 , United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
206265ae26336f7c89900f764c662ac1e8e33de7b87cb48d5091fd0e110b206d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
49507
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 01 Nov 2021 01:48:40 GMT
Server
nginx/1.18.0
Date
Mon, 01 Nov 2021 01:48:40 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-49507, bytes
Expires
Wed, 01 Dec 2021 01:48:40 GMT
vRx5JFL2Ox0wuHwwyay7MD1YD7zI0oKDszRjpjJJtyfjwxLv3KB5pcUh0ODBXt3kWgEeX6hxvNXiJryCaXEWXrtISI2Z3cWmMczwpqtK5xelvOEz2eBON3DElO8DaaIymLpI4_jHiQu-fWiQK-eFNTekUuZf6PuSmWgrhuu4uGOUV8fXxYmpGVye-LPjLFawf72bh...
cdn4.telesco.pe/file/ Frame D00E 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.telesco.pe/file/vRx5JFL2Ox0wuHwwyay7MD1YD7zI0oKDszRjpjJJtyfjwxLv3KB5pcUh0ODBXt3kWgEeX6hxvNXiJryCaXEWXrtISI2Z3cWmMczwpqtK5xelvOEz2eBON3DElO8DaaIymLpI4_jHiQu-fWiQK-eFNTekUuZf6PuSmWgrhuu4uGOUV8fXxYmpGVye-LPjLFawf72bhvS2yznDsma7Iw57eXLoBLqyZRKY1Ue-9Q2HTtiTOw_yduC_h_xgnwxXxbx77djeHmuOii9BEMT8MBgIzwlXk1p7Dj6ijdUOw9a70VFnwZpfEAgaDbmPoIYotqju7bEr0DkgZxSagzhBNzgsvA.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.164.25 , United Kingdom, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2a6256a8cda2be6b3467365b05cca0b6e8a7d92ffe60f72f9400f7b86b8e606d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; sandbox
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; sandbox
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
25911
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 01 Nov 2021 01:48:40 GMT
Server
nginx/1.18.0
Date
Mon, 01 Nov 2021 01:48:40 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Accept-Ranges
0-25911, bytes
Expires
Wed, 01 Dec 2021 01:48:40 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame D00E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn--r1a.website
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 17:27:37 GMT
x-content-type-options
nosniff
age
548463
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 25 Oct 2022 17:27:37 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame D00E 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn--r1a.website
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 08:58:25 GMT
x-content-type-options
nosniff
age
233415
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 29 Oct 2022 08:58:25 GMT
id
googleads.g.doubleclick.net/pagead/ Frame EFFB
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
113 B
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/sWMKxJSjfo8?feature=oembed
Protocol
H2
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a4ea6812b93a3308a7e267996a9fc880a15c2fa41e9003adfdd7f6ded032f74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 01 Nov 2021 01:48:40 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame EFFB 		29 B
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:46:30 GMT
x-content-type-options
nosniff
age
130
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 01 Nov 2021 02:01:30 GMT
alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
c.disquscdn.com/next/embed/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Requested by
Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 05 May 2021 15:25:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15502990
x-cache
Hit from cloudfront
content-length
26578
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-67d2"
content-type
application/javascript; charset=utf-8
via
1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
expires
Thu, 05 May 2022 15:25:30 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
x-amz-cf-id
zqYsDQqJJ5mKwNHpYmxtLjQChpioGjuKHjbhNKXOd_DrNnqtjvBjOQ==
x-cache-hits
0
event.gif
referrer.disqus.com/juggler/ Frame F7B8 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&integration=wordpress%203.0.22&load_time=204&event=init_embed&thread=8854712562&forum=thetruedefender-com&forum_id=7253923&imp=59c169jfe9dan&thread_slug=biden_almost_expelled_from_the_g20_summit_stage_in_rome_he_was_talking_to_himself&user_type=anon&referrer=https%3A%2F%2Fthetruedefender.com%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default&variant=fallthrough&service=dynamic&promoted_enabled=true&max_enabled=true
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34394%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34394&t_u=https%3A%2F%2Fthetruedefender.com%2Fbiden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself%2F&t_e=Biden%20Almost%20Expelled%20From%20The%20G20%20Summit%20Stage%20In%20Rome!%20He%20Was%20Talking%20To%20Himself!&t_d=Biden%20Almost%20Expelled%20From%20The%20G20%20Summit%20Stage%20In%20Rome!%20He%20Was%20Talking%20To%20Himself!&t_t=Biden%20Almost%20Expelled%20From%20The%20G20%20Summit%20Stage%20In%20Rome!%20He%20Was%20Talking%20To%20Himself!&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 01:48:39 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
remote.js
www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/ Frame EFFB 		93 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffb35efd480af56d9f533db9624e16256a9ffe66621e6d34fb8689510d70381a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/sWMKxJSjfo8?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 16:48:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
377997
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29616
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 00:15:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Oct 2022 16:48:43 GMT
LJlvQt2qhcyMJ1jQNfnZysjqHy-Gk7r0wWR5pkYPS98.js
www.google.com/js/th/ Frame EFFB 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/LJlvQt2qhcyMJ1jQNfnZysjqHy-Gk7r0wWR5pkYPS98.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c996f42ddaa85cc8c2758d035f9d9cac8ea1f2f8693baf4c16479a6460f4bdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 30 Oct 2021 19:04:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
110625
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13289
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sun, 30 Oct 2022 19:04:55 GMT
embed.js
www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/ Frame EFFB 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
38fd2fa1c9bb4724854dc55617ab234182eeca455e3b72fdc9f1e6ddca9ffd1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/sWMKxJSjfo8?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 16:48:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
378020
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7348
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 00:15:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Oct 2022 16:48:20 GMT
realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 4682 		337 B
808 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Requested by
Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 05 May 2021 03:13:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15546906
x-cache
Hit from cloudfront
content-length
244
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-f4"
content-type
text/css; charset=utf-8
via
1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
expires
Thu, 05 May 2022 03:13:34 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
x-amz-cf-id
Jo99dikH6Yx2-Crj19MufmvRBb4ozyhSXFfkTXh6rV5bslXn5leEAg==
x-cache-hits
0
realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame BD9A 		337 B
808 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Requested by
Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 05 May 2021 03:13:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15546906
x-cache
Hit from cloudfront
content-length
244
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-f4"
content-type
text/css; charset=utf-8
via
1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
expires
Thu, 05 May 2022 03:13:34 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
x-amz-cf-id
tP7tvB5g9Q9QVhSD3Uc4L9SF6rH5O4nT43yMlRgEFtWZnym5ni0l-Q==
x-cache-hits
0
dc.js
stats.g.doubleclick.net/ Frame 1559 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: lockerdome.com
URL: https://lockerdome.com/lad/14447308783736934?pubid=ld-14447308783736934&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=1560
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lockerdome.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 Oct 2021 23:24:02 GMT
server
Golfe2
age
239
date
Mon, 01 Nov 2021 01:44:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Mon, 01 Nov 2021 03:44:41 GMT
svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame F7B8 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.0646e37a1d5797cdbecb18f0498b116a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a600:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.0646e37a1d5797cdbecb18f0498b116a.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 14:37:41 GMT
via
1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
16110659
x-cache
Hit from cloudfront
content-length
13079
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Tue, 27 Apr 2021 21:01:56 GMT
server
nginx
etag
"60887bc4-3317"
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
expires
Thu, 28 Apr 2022 14:37:41 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
mO7QNwlAFCs64izq88baFe1xJhm5GBU2bDlAfcjMUWuTCxt2u9UVIg==
x-cache-hits
0
truncated
/ Frame EFFB 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
AKedOLT-Nuj4pnd1cSoP1WyF0fsgoT8KjmiJIok61KwrMg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame EFFB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLT-Nuj4pnd1cSoP1WyF0fsgoT8KjmiJIok61KwrMg=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/sWMKxJSjfo8?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4747c28b7d737f1e2ab5f3c66ff87df45d412bc786709b8a880d322c4f40beef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:39:12 GMT
x-content-type-options
nosniff
age
568
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1823
x-xss-protection
0
server
fife
etag
"vb2"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 23 Oct 2021 01:35:48 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/sWMKxJSjfo8/ Frame EFFB 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/sWMKxJSjfo8/maxresdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/sWMKxJSjfo8?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37b1fd207790317793e7a625decd6868999d0136dbbed74da32f2fbdd0cd0f5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:40 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71654
x-xss-protection
0
server
sffe
etag
"1635614665"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=300
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 01 Nov 2021 01:53:40 GMT
/
xn--r1a.website/v/ Frame D00E 		4 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://xn--r1a.website/v/
Requested by
Host: tlgr.org
URL: https://tlgr.org/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
Security Headers
Name Value
Strict-Transport-Security max-age=35768000

Request headers

Accept
*/*
Referer
https://xn--r1a.website/s/TheTrueDefender
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:40 GMT
Content-Encoding
gzip
Server
nginx
Strict-Transport-Security
max-age=35768000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-control
no-store
Transfer-Encoding
chunked
Connection
keep-alive
pixel.gif
cdn.viglink.com/images/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.viglink.com/images/pixel.gif?ch=1&rn=1.4221829510282777
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a30d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:40 GMT
cf-cache-status
HIT
last-modified
Tue, 10 Feb 2015 03:29:39 GMT
server
cloudflare
age
11
etag
"221d8352905f2c38b3cb2bd191d630b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=15, must-revalidate
content-length
43
accept-ranges
bytes
cf-ray
6a717651682f4a73-FRA
x-amz-request-id
C3CJJWGXK1NK66WV
x-amz-id-2
njaiyWPoxaEr03hOL5akXy5LzJ5/pXh3+uihNRDgEXq3INxJJXroxccXttSwiH448w0ZCh/AdQQ=
pixel.gif
cdn.viglink.com/images/ 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.viglink.com/images/pixel.gif?ch=2&rn=1.4221829510282777
Requested by
Host: thetruedefender.com
URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a30d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:40 GMT
cf-cache-status
HIT
last-modified
Tue, 10 Feb 2015 03:29:39 GMT
server
cloudflare
age
11
etag
"221d8352905f2c38b3cb2bd191d630b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=15, must-revalidate
content-length
43
accept-ranges
bytes
cf-ray
6a71765168314a73-FRA
x-amz-request-id
C3CJJWGXK1NK66WV
x-amz-id-2
njaiyWPoxaEr03hOL5akXy5LzJ5/pXh3+uihNRDgEXq3INxJJXroxccXttSwiH448w0ZCh/AdQQ=
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame EFFB 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 01 Nov 2021 01:48:40 GMT
generate_204
www.youtube.com/ Frame EFFB 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?-DAFWQ
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/sWMKxJSjfo8?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/sWMKxJSjfo8?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cast_sender.js
www.gstatic.com/eureka/clank/95/ Frame EFFB 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/95/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9ca9fbe90c932d2954e1c8cb18dea47e37035aea6157e8e10a97e70f09402fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 10:42:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54341
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15249
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 23:31:09 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview-release"
expires
Mon, 01 Nov 2021 10:42:59 GMT
publishertag.prebid.113.js
static.criteo.net/js/ld/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.113.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:40 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 12:50:31 GMT
server
nginx
etag
W/"6138b197-1532d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 02 Nov 2021 01:48:40 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		83 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
023d2dda72814a8b932eaa0e1d2c7c1c4bd5f493d9c018e3345d8bc3f9bc6d69

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:40 GMT
content-encoding
gzip
last-modified
Wed, 27 Oct 2021 03:25:58 GMT
server
nginx
etag
W/"6178c6c6-14b2b"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 02 Nov 2021 01:48:40 GMT
syncframe
gum.criteo.com/ Frame B054 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=thetruedefender.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
1860
date
Mon, 01 Nov 2021 01:48:40 GMT
content-length
4685
sid
mug.criteo.com/ Frame B054
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=thetruedefender.com&sn=ChromeSyncframe&so=0&topUrl=thetruedefender.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=TQBVgHxEdFR0UGhSRE1CSm8za0VKTHkzRnhwVE1JOXFaejlhVFhENHRQMjM1ejV4bUNYRFFUNmh4VGpHUGlTU2p3R0laMlY4MTVQTTgyMVlwSDc0UlZZa1VIZFllK0FKQVd6TGdEbUZ5WXhObm5BaXZPeDZDLytnckU1am...
452 B
643 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=TQBVgHxEdFR0UGhSRE1CSm8za0VKTHkzRnhwVE1JOXFaejlhVFhENHRQMjM1ejV4bUNYRFFUNmh4VGpHUGlTU2p3R0laMlY4MTVQTTgyMVlwSDc0UlZZa1VIZFllK0FKQVd6TGdEbUZ5WXhObm5BaXZPeDZDLytnckU1amhkbTEzMENGc1cyT1VQSFpRVDF0S0dSTWdITUtxTEV5TjlYVFdQVkE1TTY3dkJqMGd3U0ZOVDhkVThYVlcwUzRVWlMwdmszNGZxQjBUQ2Y4YlJiUXdWZkJRbms0NmxmUTVyVlAxbGJqN1JjalFablpQUnhTdnh3d1NmMitveE5RcFRFTTQwR0o2ME9DVjgxY3k2aXlZam5wK2JvS0trUT09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
14f7e8767eae2938acc03f4f5935fc659cb90504207b219c13c475e4c102d4dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 01 Nov 2021 01:48:39 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2163
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 01 Nov 2021 01:48:39 GMT
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=TQBVgHxEdFR0UGhSRE1CSm8za0VKTHkzRnhwVE1JOXFaejlhVFhENHRQMjM1ejV4bUNYRFFUNmh4VGpHUGlTU2p3R0laMlY4MTVQTTgyMVlwSDc0UlZZa1VIZFllK0FKQVd6TGdEbUZ5WXhObm5BaXZPeDZDLytnckU1amhkbTEzMENGc1cyT1VQSFpRVDF0S0dSTWdITUtxTEV5TjlYVFdQVkE1TTY3dkJqMGd3U0ZOVDhkVThYVlcwUzRVWlMwdmszNGZxQjBUQ2Y4YlJiUXdWZkJRbms0NmxmUTVyVlAxbGJqN1JjalFablpQUnhTdnh3d1NmMitveE5RcFRFTTQwR0o2ME9DVjgxY3k2aXlZam5wK2JvS0trUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
4120
content-length
541
expires
0
ping
links.services.disqus.com/api/ 		0
0
log_event
www.youtube.com/youtubei/v1/ Frame EFFB 		28 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/sWMKxJSjfo8?feature=oembed
X-YouTube-Client-Version
1.20211026.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtyX3Z6VDUycm5aUSj3jv2LBg%3D%3D
X-YouTube-Ad-Signals
dt=1635731320254&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C720%2C405&vis=1&wgl=true&ca_type=image&bid=ANyPxKrRb7mcho0NcnyzZZm-wNpeKcP8rKPgpieQXHnWZTzMWETQgQSWPSFix7cdvP6-Cn7rtP21QuTdDWyAq2JXkmYEYfYaVg

Response headers

date
Mon, 01 Nov 2021 01:48:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Mon, 01 Nov 2021 01:48:42 GMT
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthetruedefender.com%2F&domain=thetruedefender.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=fkFrVXwxa2lRaWRLK2R5bmx2bXErQjYrZksxRkJHdEg2NlYyY3ByZGk5b1JtSXgvMnpxbzZLenREdFloWG1udG9xamc3RVR6eGxQcERzN3hnT0xVaWtRdHVNRXV6SUFveEducVJEUzlGdHkxak13RUJNemJ5UTdPaUJJdG...
459 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=fkFrVXwxa2lRaWRLK2R5bmx2bXErQjYrZksxRkJHdEg2NlYyY3ByZGk5b1JtSXgvMnpxbzZLenREdFloWG1udG9xamc3RVR6eGxQcERzN3hnT0xVaWtRdHVNRXV6SUFveEducVJEUzlGdHkxak13RUJNemJ5UTdPaUJJdG1Hby9nbFB4MEFvNnQyTjRZNFpmOXdRdDBYS3dDSVplZDNwSFJBa2dsTWNhdjVLbWNpMC9QdGptS2gwWnZhanB4dE5EVXpOVlJrZ3VKM2NXZkdrUGlkUEJ6eVlqblUzTldTcTVQelFKeFdyUVVDQ0ZCR3V4Umdpc09JVm5MdDNXMGdCU3F2MkoyTXNER2dTaWJXMFFxYWpzNm1TMTlDZkhPQ1h5NmNKbld5RTlaa0ZheGhLRT18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
7555f86a33c4dce08fbe536e66411d99700850715859cedf5f1ead70c7114440
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 01 Nov 2021 01:48:42 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3087
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 01 Nov 2021 01:48:42 GMT
location
https://mug.criteo.com/sid?cpp=fkFrVXwxa2lRaWRLK2R5bmx2bXErQjYrZksxRkJHdEg2NlYyY3ByZGk5b1JtSXgvMnpxbzZLenREdFloWG1udG9xamc3RVR6eGxQcERzN3hnT0xVaWtRdHVNRXV6SUFveEducVJEUzlGdHkxak13RUJNemJ5UTdPaUJJdG1Hby9nbFB4MEFvNnQyTjRZNFpmOXdRdDBYS3dDSVplZDNwSFJBa2dsTWNhdjVLbWNpMC9QdGptS2gwWnZhanB4dE5EVXpOVlJrZ3VKM2NXZkdrUGlkUEJ6eVlqblUzTldTcTVQelFKeFdyUVVDQ0ZCR3V4Umdpc09JVm5MdDNXMGdCU3F2MkoyTXNER2dTaWJXMFFxYWpzNm1TMTlDZkhPQ1h5NmNKbld5RTlaa0ZheGhLRT18&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://thetruedefender.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2363
content-length
567
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthetruedefender.com%2F&domain=thetruedefender.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://thetruedefender.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://thetruedefender.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1405
date
Mon, 01 Nov 2021 01:48:42 GMT
content-encoding
gzip
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8188 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Tue, 02 Nov 2021 01:48:45 GMT
Date
Mon, 01 Nov 2021 01:48:43 GMT
Connection
keep-alive
Vary
Accept-Encoding
connectmyusers.php
cdn.connectad.io/ Frame BC96 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

date
Mon, 01 Nov 2021 01:48:42 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a7176603942695d-FRA
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
async_usersync.html
acdn.adnxs.com/dmp/ Frame 90CF 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Tue, 02 Nov 2021 01:48:45 GMT
Date
Mon, 01 Nov 2021 01:48:43 GMT
Connection
keep-alive
Vary
Accept-Encoding
usersync
ssp.wp.pl/bidder/ Frame FB41 		442 B
439 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

server
nginx
date
Mon, 01 Nov 2021 01:48:42 GMT
content-type
text/html; charset=utf-8
content-length
306
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
accept-ch-lifetime
604800
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
authorization, origin, x-requested-with, cookie, content-type, accept-ch
access-control-allow-methods
POST, GET
access-control-allow-origin
content-encoding
gzip
last-modified
Tue, 26 Oct 2021 10:14:07 GMT
vary
Accept-Encoding
apacdex
sync.quantumdex.io/usersync/ Frame 87C4 		3 KB
807 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
033cdf2b4601b534a053dad43675610131a713d8121cae53cbf761f21f407613

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
content-type
text/html
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a7176603f6c177e-FRA
content-encoding
gzip
usersync
ssp.wp.pl/bidder/ Frame F51C 		442 B
348 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

server
nginx
date
Mon, 01 Nov 2021 01:48:42 GMT
content-type
text/html; charset=utf-8
content-length
306
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
accept-ch-lifetime
604800
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
authorization, origin, x-requested-with, cookie, content-type, accept-ch
access-control-allow-methods
POST, GET
access-control-allow-origin
content-encoding
gzip
last-modified
Tue, 26 Oct 2021 10:14:07 GMT
vary
Accept-Encoding
sspmatch-iframe
ads.betweendigital.com/ Frame DBBC 		658 B
837 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.212.252.22 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
a6c04007ae11cd4a4e63a5ce4f032265d8d4da82a9947767c786f99d0d85cb76

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
658
usersync
ssp.wp.pl/bidder/ Frame F1FF 		442 B
348 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

server
nginx
date
Mon, 01 Nov 2021 01:48:42 GMT
content-type
text/html; charset=utf-8
content-length
306
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
accept-ch-lifetime
604800
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
authorization, origin, x-requested-with, cookie, content-type, accept-ch
access-control-allow-methods
POST, GET
access-control-allow-origin
content-encoding
gzip
last-modified
Tue, 26 Oct 2021 10:14:07 GMT
vary
Accept-Encoding
sspmatch-iframe
ads.betweendigital.com/ Frame BD41 		0
159 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.212.252.22 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
sspmatch-iframe
ads.betweendigital.com/ Frame 588A 		0
159 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.212.252.22 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
/
onetag-sys.com/usync/ Frame 5316 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1635731319690
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
apacdex
sync.quantumdex.io/usersync/ Frame 3BD5 		3 KB
808 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49cb7f860d83b8c607afffa3e3d16040d88ee9f95e5e1065abc83e750fa19276

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
content-type
text/html
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a7176603f6b177e-FRA
content-encoding
gzip
connectmyusers.php
cdn.connectad.io/ Frame 3A57 		1 KB
703 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

date
Mon, 01 Nov 2021 01:48:42 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a717660394e695d-FRA
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
async_usersync.html
acdn.adnxs.com/dmp/ Frame BC9C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Tue, 02 Nov 2021 01:48:45 GMT
Date
Mon, 01 Nov 2021 01:48:43 GMT
Connection
keep-alive
Vary
Accept-Encoding
apacdex
sync.quantumdex.io/usersync/ Frame 21BC 		3 KB
934 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
406f8f561a264967c993f7075951301220b809adc5cabc2eb5d834a9119821b0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
content-type
text/html
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a7176603f6a177e-FRA
content-encoding
gzip
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2A0D 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Tue, 02 Nov 2021 01:48:45 GMT
Date
Mon, 01 Nov 2021 01:48:43 GMT
Connection
keep-alive
Vary
Accept-Encoding
connectmyusers.php
cdn.connectad.io/ Frame 7FB3 		1 KB
712 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

date
Mon, 01 Nov 2021 01:48:42 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a7176603964695d-FRA
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
onetag-sys.com/usync/ Frame 78DC 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1635731319723
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9C00 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Tue, 02 Nov 2021 01:48:45 GMT
Date
Mon, 01 Nov 2021 01:48:43 GMT
Connection
keep-alive
Vary
Accept-Encoding
connectmyusers.php
cdn.connectad.io/ Frame D2F1 		1 KB
703 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

date
Mon, 01 Nov 2021 01:48:42 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a7176603976695d-FRA
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
sspmatch-iframe
ads.betweendigital.com/ Frame ADA1 		0
159 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.212.252.22 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
usersync
ssp.wp.pl/bidder/ Frame C2D8 		442 B
371 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

server
nginx
date
Mon, 01 Nov 2021 01:48:43 GMT
content-type
text/html; charset=utf-8
content-length
306
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
accept-ch-lifetime
604800
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
authorization, origin, x-requested-with, cookie, content-type, accept-ch
access-control-allow-methods
POST, GET
access-control-allow-origin
content-encoding
gzip
last-modified
Tue, 26 Oct 2021 10:14:07 GMT
vary
Accept-Encoding
apacdex
sync.quantumdex.io/usersync/ Frame 0291 		3 KB
903 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4a467f338cd040cbc2d95708a69495f6fbc9050fb1b7cc8fe4763f468d6992a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
content-type
text/html
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a717660ffeb177e-FRA
content-encoding
gzip
sspmatch-iframe
ads.betweendigital.com/ Frame 3EA7 		0
159 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.212.252.22 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
usersync
ssp.wp.pl/bidder/ Frame B953 		442 B
348 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

server
nginx
date
Mon, 01 Nov 2021 01:48:43 GMT
content-type
text/html; charset=utf-8
content-length
306
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
accept-ch-lifetime
604800
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
authorization, origin, x-requested-with, cookie, content-type, accept-ch
access-control-allow-methods
POST, GET
access-control-allow-origin
content-encoding
gzip
last-modified
Tue, 26 Oct 2021 10:14:07 GMT
vary
Accept-Encoding
apacdex
sync.quantumdex.io/usersync/ Frame 676B 		3 KB
805 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/apacdex
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b305c2db0fd8ece01e42e1d5d918ffe7d40daff5559297e1345a4e440749866

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
content-type
text/html
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a717660fff0177e-FRA
content-encoding
gzip
connectmyusers.php
cdn.connectad.io/ Frame 5A34 		1 KB
735 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a717660fa77695d-FRA
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
onetag-sys.com/usync/ Frame 19B3 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1635731319689
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7025412537328466064&gdpr=0&gdpr_consent=
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7025412537328466064&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
185.86.138.144 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 01:48:42 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7025412537328466064&gdpr=0&gdpr_consent=
Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
/
onetag-sys.com/usync/ 		0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
/
s.ad.smaato.net/c/ 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5600:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
via
1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
4zucbhNqraptaVKmIoHDoZkxBGcxgfu_DaRaiEFKBno9XkGIQyoVMw==
x-cache
FunctionGeneratedResponse from cloudfront
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_conse...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_conse...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=45D82A35-8016-4EDD-86FF-9E673E2D9254&gdpr=0&gdpr_consent=
43 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=45D82A35-8016-4EDD-86FF-9E673E2D9254&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
185.86.138.144 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 01:48:42 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=45D82A35-8016-4EDD-86FF-9E673E2D9254&gdpr=0&gdpr_consent=
date
Mon, 01 Nov 2021 01:48:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=bea6d3f0-2a63-4863-a682-083f342a5a44&gdpr_consent=null&gdpr=0
43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=bea6d3f0-2a63-4863-a682-083f342a5a44&gdpr_consent=null&gdpr=0
Protocol
HTTP/1.1
Server
185.86.138.144 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 01:48:43 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=bea6d3f0-2a63-4863-a682-083f342a5a44&gdpr_consent=null&gdpr=0
date
Mon, 01 Nov 2021 01:48:43 GMT
server
_
content-length
0
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%2...
  • https://eu-u.openx.net/w/1.0/cm?cc=1&id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=fa70d7da-8988-03d3-2c13-6d9a449b57e8&gdpr=0&gdpr_consent=
43 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=fa70d7da-8988-03d3-2c13-6d9a449b57e8&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
185.86.138.144 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thetruedefender.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 01:48:42 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Mon, 01 Nov 2021 01:48:43 GMT
content-encoding
gzip
server
OXGW/16.217.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=fa70d7da-8988-03d3-2c13-6d9a449b57e8&gdpr=0&gdpr_consent=
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=fkFrVXwxa2lRaWRLK2R5bmx2bXErQjYrZksxRkJHdEg2NlYyY3ByZGk5b1JtSXgvMnpxbzZLenREdFloWG1udG9xamc3RVR6eGxQcERzN3hnT0xVaWtRdHVNRXV6SUFveEducVJEUzlGdHkxak13RUJNemJ5UTdPaUJJdG1Hby9nbFB4MEFvNnQyTjRZNFpmOXdRdDBYS3dDSVplZDNwSFJBa2dsTWNhdjVLbWNpMC9QdGptS2gwWnZhanB4dE5EVXpOVlJrZ3VKM2NXZkdrUGlkUEJ6eVlqblUzTldTcTVQelFKeFdyUVVDQ0ZCR3V4Umdpc09JVm5MdDNXMGdCU3F2MkoyTXNER2dTaWJXMFFxYWpzNm1TMTlDZkhPQ1h5NmNKbld5RTlaa0ZheGhLRT18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1059
date
Mon, 01 Nov 2021 01:48:42 GMT
content-encoding
gzip
vary
Accept-Encoding
match
ads.betweendigital.com/ Frame DBBC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://x.bidswitch.net/ul_cb/sync?ssp=between
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dbetween%26bsw_param%...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=374bbd348b16427e8c2bbb7a16289d57&ssp=between&bsw_param=5c09b74c-07e2-4ada-a245-d453efdf34a0&gdpr=&consent=&gdpr_pd=&expires=7
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=5c09b74c-07e2-4ada-a245-d453efdf34a0
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=5c09b74c-07e2-4ada-a245-d453efdf34a0
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
88.212.252.22 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=5c09b74c-07e2-4ada-a245-d453efdf34a0
Date
Mon, 01 Nov 2021 01:48:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
match
ads.betweendigital.com/ Frame DBBC
Redirect Chain
  • https://px.adhigh.net/p/cm/btw
  • https://px.adhigh.net/p/cm/btw?bounced=1
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=u6ajsFLsS64R.AikABlF82S86Vw
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=u6ajsFLsS64R.AikABlF82S86Vw
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
88.212.252.22 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 01 Nov 2021 01:48:43 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f3-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=u6ajsFLsS64R.AikABlF82S86Vw
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
match
ads.betweendigital.com/ Frame DBBC
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true
  • https://ads.betweendigital.com/match?bidder_id=114&external_user_id=8b4d96fa2b033cedb12316be
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=8b4d96fa2b033cedb12316be
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
88.212.252.22 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Date
Mon, 01 Nov 2021 01:48:43 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=8b4d96fa2b033cedb12316be
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
match
ads.betweendigital.com/ Frame DBBC
Redirect Chain
  • https://sync.bumlam.com/?src=bw1&uid=fc0ef1b3-bc48-5131-8fa1-9f99eeded8ee
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABj7jv2LBlIFvp7KygpiJGZjMGVmMWIzLWJjNDgtNTEzMS04ZmExLTlmOTllZWRlZDhlZQ**
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARj7jv2LBlIFvp7KygpiJGZjMGVmMWIzLWJjNDgtNTEzMS04ZmExLTlmOTllZWRlZDhlZaIBENhdmgY6tRHshuAAJZDAZHw*
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQABj7jv2LBmIkZmMwZWYxYjMtYmM0OC01MTMxLThmYTEtOWY5OWVlZGVkOGVlogEQ2F2aBjq1EeyG4AAlkMBkfA**
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQARj7jv2LBmIkZmMwZWYxYjMtYmM0OC01MTMxLThmYTEtOWY5OWVlZGVkOGVlogEQ2F2aBjq1EeyG4AAlkMBkfA**
  • https://ads.betweendigital.com/match?bidder_id=18&external_user_id=d85d9a06-3ab5-11ec-86e0-002590c0647c
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=d85d9a06-3ab5-11ec-86e0-002590c0647c
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
88.212.252.22 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
nginx
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=d85d9a06-3ab5-11ec-86e0-002590c0647c
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
setuid
sync.quantumdex.io/ Frame 21BC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3872160515926359340
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3872160515926359340
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a717662d8f3177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
X-Proxy-Origin
185.232.23.180; 185.232.23.180; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
2a56587b-c12c-40a5-a9d7-7d89dc00c281
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3872160515926359340
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 21BC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Cq4HpHJE2uGJxGcgEXTfmPags0hDi2DkrI2WHbw-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Cq4HpHJE2uGJxGcgEXTfmPags0hDi2DkrI2WHbw-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a71766429e9177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Cq4HpHJE2uGJxGcgEXTfmPags0hDi2DkrI2WHbw-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 21BC
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=172ba493ac3cd383ad4dde4b
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=172ba493ac3cd383ad4dde4b
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a7176646a10177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Mon, 01 Nov 2021 01:48:43 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=172ba493ac3cd383ad4dde4b
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
cs
cs.lkqd.net/ Frame 21BC 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=758&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dlkqd-desktop%26uid%3D%24%24userId%24%24
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.182 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
us
sync.go.sonobi.com/ Frame 21BC 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
1.gif
id5-sync.com/c/495/0/0/ Frame 21BC
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Server
54.36.109.156 , Germany, ASN16276 (OVH, FR),
Reverse DNS
p07.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 01:48:56 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Location
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date
Mon, 01 Nov 2021 01:48:56 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 21BC
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6601327965
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6601327965
  • https://sync.1rx.io/usersync/tradedesk/0f51f656-4a2e-4b17-be16-8af6bf3473c9
  • https://sync.targeting.unrulymedia.com/csync/RX-3c1269d2-6f4c-4623-ac37-b360c8b930a0-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-3c1269d2-6f4c-4623-ac37-b360c8b...
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-3c1269d2-6f4c-4623-ac37-b360c8b930a0-003
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-3c1269d2-6f4c-4623-ac37-b360c8b930a0-003
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a7176655ac1177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-3c1269d2-6f4c-4623-ac37-b360c8b930a0-003
date
Mon, 01 Nov 2021 01:48:43 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX3c1269d26f4c4623ac37b360c8b930a0003
content-type
text/html
setuid
sync.quantumdex.io/ Frame 21BC
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=e1734503-a0b6-41cf-9923-a6e65ad9bc58
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=e1734503-a0b6-41cf-9923-a6e65ad9bc58
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a7176638976177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=e1734503-a0b6-41cf-9923-a6e65ad9bc58
date
Mon, 01 Nov 2021 01:48:43 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame 21BC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3872160515926359340
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3872160515926359340
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a7176632926177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
X-Proxy-Origin
185.232.23.180; 185.232.23.180; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
0e05fa84-e269-452c-9112-54ca90901af9
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3872160515926359340
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 21BC
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=322d8bd1-e2ea-4f81-a5af-14c5f358b79b
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=322d8bd1-e2ea-4f81-a5af-14c5f358b79b
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a71766419d8177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=322d8bd1-e2ea-4f81-a5af-14c5f358b79b
date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a717662c8ec177e-FRA
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
setuid
sync.quantumdex.io/ Frame 21BC
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPd84ed7f9-3ab5-11ec-8648-0226963cdaa0
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd84ed7f9-3ab5-11ec-8648-0226963cdaa0
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd84ed7f9-3ab5-11ec-8648-0226963cdaa0
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a717664ca4b177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd84ed7f9-3ab5-11ec-8648-0226963cdaa0
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 87C4
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3872160515926359340
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3872160515926359340
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a7176630912177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
X-Proxy-Origin
185.232.23.180; 185.232.23.180; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
70b86e4b-68fa-41d8-8fc0-21b029fa046b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3872160515926359340
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 87C4
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Cq4HpHJE2uGJxGcgEXTfmPags0hDi2DkrI2WHbw-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Cq4HpHJE2uGJxGcgEXTfmPags0hDi2DkrI2WHbw-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a71766429e8177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Cq4HpHJE2uGJxGcgEXTfmPags0hDi2DkrI2WHbw-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 87C4
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=172ba493ac3cd383ad4dde4b
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=172ba493ac3cd383ad4dde4b
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a7176646a11177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Mon, 01 Nov 2021 01:48:43 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=172ba493ac3cd383ad4dde4b
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
cs
cs.lkqd.net/ Frame 87C4 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=758&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dlkqd-desktop%26uid%3D%24%24userId%24%24
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.182 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
us
sync.go.sonobi.com/ Frame 87C4 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
1.gif
id5-sync.com/c/495/0/0/ Frame 87C4
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Server
54.36.109.156 , Germany, ASN16276 (OVH, FR),
Reverse DNS
p07.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 01:48:56 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Location
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date
Mon, 01 Nov 2021 01:48:56 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 87C4
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=850048702
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=850048702
  • https://sync.1rx.io/usersync/tradedesk/0f51f656-4a2e-4b17-be16-8af6bf3473c9
  • https://sync.targeting.unrulymedia.com/csync/RX-3c1269d2-6f4c-4623-ac37-b360c8b930a0-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-3c1269d2-6f4c-4623-ac37-b360c8b...
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-3c1269d2-6f4c-4623-ac37-b360c8b930a0-003
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-3c1269d2-6f4c-4623-ac37-b360c8b930a0-003
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a7176655ab9177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-3c1269d2-6f4c-4623-ac37-b360c8b930a0-003
date
Mon, 01 Nov 2021 01:48:43 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX3c1269d26f4c4623ac37b360c8b930a0003
content-type
text/html
setuid
sync.quantumdex.io/ Frame 87C4
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=ae3e1db8-8f0a-446c-86ba-86d4dea649cc
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=ae3e1db8-8f0a-446c-86ba-86d4dea649cc
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a7176638978177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=ae3e1db8-8f0a-446c-86ba-86d4dea649cc
date
Mon, 01 Nov 2021 01:48:43 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame 87C4
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3872160515926359340
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3872160515926359340
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a717663595d177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
X-Proxy-Origin
185.232.23.180; 185.232.23.180; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
816648c9-e955-41a7-bca2-fd8e4de0a219
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3872160515926359340
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 87C4
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=1951543e-bab3-4163-ab46-10727e79b313
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=1951543e-bab3-4163-ab46-10727e79b313
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a71766409d1177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=1951543e-bab3-4163-ab46-10727e79b313
date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a717662c8ed177e-FRA
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
setuid
sync.quantumdex.io/ Frame 87C4
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPd84ed7f9-3ab5-11ec-8648-0226963cdaa0
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd84ed7f9-3ab5-11ec-8648-0226963cdaa0
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd84ed7f9-3ab5-11ec-8648-0226963cdaa0
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a717664ca48177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd84ed7f9-3ab5-11ec-8648-0226963cdaa0
Connection
keep-alive
Content-Length
0
wpjslib-sync.js
std.wpcdn.pl/wpjslib/ Frame FB41 		103 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
af835718d2bbc006f11104cbd1258b00c59804cbcfda40488707a58c672b2e94

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
content-encoding
br
last-modified
Wed, 27 Oct 2021 14:07:23 GMT
server
nginx
etag
W/"962d07016767b8ecfd9e5a6f757b7c4f"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
wpjslib-sync.js
std.wpcdn.pl/wpjslib/ Frame F51C 		103 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
af835718d2bbc006f11104cbd1258b00c59804cbcfda40488707a58c672b2e94

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
content-encoding
br
last-modified
Wed, 27 Oct 2021 14:07:23 GMT
server
nginx
etag
W/"962d07016767b8ecfd9e5a6f757b7c4f"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
us
sync.go.sonobi.com/ Frame 3BD5 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
1.gif
id5-sync.com/c/495/0/0/ Frame 3BD5
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Server
54.36.109.156 , Germany, ASN16276 (OVH, FR),
Reverse DNS
p07.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 01:48:56 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Location
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date
Mon, 01 Nov 2021 01:48:56 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 3BD5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Cq4HpHJE2uGJxGcgEXTfmPags0hDi2DkrI2WHbw-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Cq4HpHJE2uGJxGcgEXTfmPags0hDi2DkrI2WHbw-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a71766429e7177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Cq4HpHJE2uGJxGcgEXTfmPags0hDi2DkrI2WHbw-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 3BD5
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3872160515926359340
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3872160515926359340
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a717663897f177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
X-Proxy-Origin
185.232.23.180; 185.232.23.180; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
5a527da6-1180-4094-a32d-e9ca1d0045b1
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3872160515926359340
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 3BD5
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2811905930
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2811905930
  • https://sync.1rx.io/usersync/tradedesk/0f51f656-4a2e-4b17-be16-8af6bf3473c9
  • https://sync.targeting.unrulymedia.com/csync/RX-3c1269d2-6f4c-4623-ac37-b360c8b930a0-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-3c1269d2-6f4c-4623-ac37-b360c8b...
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-3c1269d2-6f4c-4623-ac37-b360c8b930a0-003
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-3c1269d2-6f4c-4623-ac37-b360c8b930a0-003
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a7176655abb177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-3c1269d2-6f4c-4623-ac37-b360c8b930a0-003
date
Mon, 01 Nov 2021 01:48:43 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX3c1269d26f4c4623ac37b360c8b930a0003
content-type
text/html
setuid
sync.quantumdex.io/ Frame 3BD5
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2910dcf5-2271-4a06-88ec-e3e54af9c217
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2910dcf5-2271-4a06-88ec-e3e54af9c217
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a717663897b177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2910dcf5-2271-4a06-88ec-e3e54af9c217
date
Mon, 01 Nov 2021 01:48:43 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame 3BD5
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3872160515926359340
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3872160515926359340
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a7176638981177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
X-Proxy-Origin
185.232.23.180; 185.232.23.180; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
9360e552-275d-4933-bec7-e0c0ffbb9f3b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3872160515926359340
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 3BD5
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=12a51d21-bfb2-42dc-9d18-e000beba3495
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=12a51d21-bfb2-42dc-9d18-e000beba3495
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a71766419da177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=12a51d21-bfb2-42dc-9d18-e000beba3495
date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a717662d8f2177e-FRA
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cs
cs.lkqd.net/ Frame 3BD5 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=758&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dlkqd-desktop%26uid%3D%24%24userId%24%24
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.182 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
setuid
sync.quantumdex.io/ Frame 3BD5
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPd84ed7f9-3ab5-11ec-8648-0226963cdaa0
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd84ed7f9-3ab5-11ec-8648-0226963cdaa0
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd84ed7f9-3ab5-11ec-8648-0226963cdaa0
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a717664ca49177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd84ed7f9-3ab5-11ec-8648-0226963cdaa0
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 3BD5
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=30ca94a4c8fd86775a6cdb2d
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=30ca94a4c8fd86775a6cdb2d
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a717664fa74177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Mon, 01 Nov 2021 01:48:43 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=30ca94a4c8fd86775a6cdb2d
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
wpjslib-sync.js
std.wpcdn.pl/wpjslib/ Frame F1FF 		103 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
af835718d2bbc006f11104cbd1258b00c59804cbcfda40488707a58c672b2e94

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
content-encoding
br
last-modified
Wed, 27 Oct 2021 14:07:23 GMT
server
nginx
etag
W/"962d07016767b8ecfd9e5a6f757b7c4f"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
bidder_18.html
cache.betweendigital.com/code/ Frame 29C8 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cache.betweendigital.com/code/bidder_18.html?USER_ID=fc0ef1b3-bc48-5131-8fa1-9f99eeded8ee&CACHEBUSTER=205705
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.71.146 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx /
Resource Hash
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/

Response headers

server
nginx
date
Mon, 01 Nov 2021 01:48:43 GMT
content-type
text/html
last-modified
Tue, 08 Jun 2021 15:45:03 GMT
etag
W/"60bf907f-ee9"
content-encoding
gzip
usermatch
ssum-sec.casalemedia.com/ Frame 0311
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dd7c2679c9cfa6b04a5599f2b379e62760791546dd02d58b35ee5187246d63f2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|39|230|45|195|196|130|64
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1649
Expires
Mon, 01 Nov 2021 01:48:43 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Mon, 01 Nov 2021 01:48:43 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Connection
keep-alive
uc.html
sync.go.sonobi.com/ Frame 4F34 		43 B
551 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Date
Mon, 01 Nov 2021 01:48:43 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AF67 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=143382
expires
Tue, 02 Nov 2021 17:38:25 GMT
date
Mon, 01 Nov 2021 01:48:43 GMT
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 7CD3 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
usermatch
ssum-sec.casalemedia.com/ Frame 8DCE
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
597cbe38286e21d62b879f02a00942cc6a162526a6f25144c50448ee402c5963

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|45|39|241|5|40|64|105
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1526
Expires
Mon, 01 Nov 2021 01:48:43 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Mon, 01 Nov 2021 01:48:43 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Connection
keep-alive
uc.html
sync.go.sonobi.com/ Frame 47F7 		43 B
551 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Date
Mon, 01 Nov 2021 01:48:43 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EFA4 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=143382
expires
Tue, 02 Nov 2021 17:38:25 GMT
date
Mon, 01 Nov 2021 01:48:43 GMT
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame E779 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
setuid
sync.quantumdex.io/ Frame 0291
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3872160515926359340
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3872160515926359340
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a7176638975177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
X-Proxy-Origin
185.232.23.180; 185.232.23.180; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
8295ada4-6ab1-488f-9ebe-d90fb289cb1e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3872160515926359340
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 0291
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6646108083
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6646108083
  • https://sync.1rx.io/usersync/tradedesk/0f51f656-4a2e-4b17-be16-8af6bf3473c9
  • https://sync.targeting.unrulymedia.com/csync/RX-3c1269d2-6f4c-4623-ac37-b360c8b930a0-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-3c1269d2-6f4c-4623-ac37-b360c8b...
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-3c1269d2-6f4c-4623-ac37-b360c8b930a0-003
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-3c1269d2-6f4c-4623-ac37-b360c8b930a0-003
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a7176655aba177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-3c1269d2-6f4c-4623-ac37-b360c8b930a0-003
date
Mon, 01 Nov 2021 01:48:43 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX3c1269d26f4c4623ac37b360c8b930a0003
content-type
text/html
setuid
sync.quantumdex.io/ Frame 0291
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2910dcf5-2271-4a06-88ec-e3e54af9c217
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2910dcf5-2271-4a06-88ec-e3e54af9c217
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a717663a996177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2910dcf5-2271-4a06-88ec-e3e54af9c217
date
Mon, 01 Nov 2021 01:48:43 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame 0291
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3872160515926359340
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3872160515926359340
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a71766419db177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
X-Proxy-Origin
185.232.23.180; 185.232.23.180; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
0f0ec634-122c-4410-aaa6-c80407c3ffb8
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3872160515926359340
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 0291
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=87fa8b3e-aef7-4cbb-be7d-a54af99ead49
43 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=87fa8b3e-aef7-4cbb-be7d-a54af99ead49
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a7176645a07177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=87fa8b3e-aef7-4cbb-be7d-a54af99ead49
date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a717663392f177e-FRA
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cs
cs.lkqd.net/ Frame 0291 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=758&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dlkqd-desktop%26uid%3D%24%24userId%24%24
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.182 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
setuid
sync.quantumdex.io/ Frame 0291
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPd84ed7f9-3ab5-11ec-8648-0226963cdaa0
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd84ed7f9-3ab5-11ec-8648-0226963cdaa0
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd84ed7f9-3ab5-11ec-8648-0226963cdaa0
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a717664da61177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd84ed7f9-3ab5-11ec-8648-0226963cdaa0
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 0291
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Cq4HpHJE2uGJxGcgEXTfmPags0hDi2DkrI2WHbw-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Cq4HpHJE2uGJxGcgEXTfmPags0hDi2DkrI2WHbw-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a717663c9a6177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Cq4HpHJE2uGJxGcgEXTfmPags0hDi2DkrI2WHbw-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 0291
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=30ca94a4c8fd86775a6cdb2d
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=30ca94a4c8fd86775a6cdb2d
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a717664fa75177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Mon, 01 Nov 2021 01:48:43 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=30ca94a4c8fd86775a6cdb2d
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
us
sync.go.sonobi.com/ Frame 0291 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
0.gif
id5-sync.com/i/495/ Frame 0291 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.156 , Germany, ASN16276 (OVH, FR),
Reverse DNS
p07.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 01:48:56 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
uc.html
sync.go.sonobi.com/ Frame FBE5 		43 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Date
Mon, 01 Nov 2021 01:48:43 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DA3E 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=143382
expires
Tue, 02 Nov 2021 17:38:25 GMT
date
Mon, 01 Nov 2021 01:48:43 GMT
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 6049 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
usermatch
ssum-sec.casalemedia.com/ Frame 9676
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
de8518c6a3c7a5a8b6e555bc47c7d74b1370986672fc880ef09143f570abe7ef

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|39|230|45|47|41|73|105
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1652
Expires
Mon, 01 Nov 2021 01:48:43 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Mon, 01 Nov 2021 01:48:43 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Connection
keep-alive
setuid
sync.quantumdex.io/ Frame 676B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3872160515926359340
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3872160515926359340
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a7176638982177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
X-Proxy-Origin
185.232.23.180; 185.232.23.180; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
17c38814-f338-43d3-a155-a9f61b71118c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=3872160515926359340
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 676B
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4942660274
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4942660274
  • https://sync.1rx.io/usersync/tradedesk/0f51f656-4a2e-4b17-be16-8af6bf3473c9
  • https://sync.targeting.unrulymedia.com/csync/RX-3c1269d2-6f4c-4623-ac37-b360c8b930a0-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-3c1269d2-6f4c-4623-ac37-b360c8b...
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-3c1269d2-6f4c-4623-ac37-b360c8b930a0-003
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-3c1269d2-6f4c-4623-ac37-b360c8b930a0-003
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a7176655ab7177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-3c1269d2-6f4c-4623-ac37-b360c8b930a0-003
date
Mon, 01 Nov 2021 01:48:43 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX3c1269d26f4c4623ac37b360c8b930a0003
content-type
text/html
setuid
sync.quantumdex.io/ Frame 676B
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2910dcf5-2271-4a06-88ec-e3e54af9c217
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2910dcf5-2271-4a06-88ec-e3e54af9c217
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a717663c9a7177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=2910dcf5-2271-4a06-88ec-e3e54af9c217
date
Mon, 01 Nov 2021 01:48:43 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame 676B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3872160515926359340
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3872160515926359340
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a71766429e4177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
X-Proxy-Origin
185.232.23.180; 185.232.23.180; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
daea3a63-594b-4643-9adb-12aa21ab692b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=3872160515926359340
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 676B
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=a1523f1a-fec2-4d56-97f5-636ff2b0c427
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=a1523f1a-fec2-4d56-97f5-636ff2b0c427
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a7176646a09177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=a1523f1a-fec2-4d56-97f5-636ff2b0c427
date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a717663595c177e-FRA
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cs
cs.lkqd.net/ Frame 676B 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=758&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dlkqd-desktop%26uid%3D%24%24userId%24%24
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.182 San Antonio, United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
setuid
sync.quantumdex.io/ Frame 676B
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPd84ed7f9-3ab5-11ec-8648-0226963cdaa0
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd84ed7f9-3ab5-11ec-8648-0226963cdaa0
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd84ed7f9-3ab5-11ec-8648-0226963cdaa0
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a717664da62177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPd84ed7f9-3ab5-11ec-8648-0226963cdaa0
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 676B
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=30ca94a4c8fd86775a6cdb2d
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=30ca94a4c8fd86775a6cdb2d
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a7176645a05177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Mon, 01 Nov 2021 01:48:43 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=30ca94a4c8fd86775a6cdb2d
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
setuid
sync.quantumdex.io/ Frame 676B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Cq4HpHJE2uGJxGcgEXTfmPags0hDi2DkrI2WHbw-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Cq4HpHJE2uGJxGcgEXTfmPags0hDi2DkrI2WHbw-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a717663c9aa177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-Cq4HpHJE2uGJxGcgEXTfmPags0hDi2DkrI2WHbw-~A
Connection
keep-alive
Content-Length
0
us
sync.go.sonobi.com/ Frame 676B 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
0.gif
id5-sync.com/i/495/ Frame 676B 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.156 , Germany, ASN16276 (OVH, FR),
Reverse DNS
p07.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 01:48:56 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
wpjslib-sync.js
std.wpcdn.pl/wpjslib/ Frame C2D8 		103 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
af835718d2bbc006f11104cbd1258b00c59804cbcfda40488707a58c672b2e94

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
content-encoding
br
last-modified
Wed, 27 Oct 2021 14:07:23 GMT
server
nginx
etag
W/"962d07016767b8ecfd9e5a6f757b7c4f"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
wpjslib-sync.js
std.wpcdn.pl/wpjslib/ Frame B953 		103 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
af835718d2bbc006f11104cbd1258b00c59804cbcfda40488707a58c672b2e94

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
content-encoding
br
last-modified
Wed, 27 Oct 2021 14:07:23 GMT
server
nginx
etag
W/"962d07016767b8ecfd9e5a6f757b7c4f"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
async_usersync
ib.adnxs.com/ Frame BC9C 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
X-Proxy-Origin
185.232.23.180; 185.232.23.180; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
4528243e-d57e-4cdf-9355-e64e96a123db
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 2A0D 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
X-Proxy-Origin
185.232.23.180; 185.232.23.180; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
95893fbb-2a17-44b6-9faa-8b0235930f06
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 90CF 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
X-Proxy-Origin
185.232.23.180; 185.232.23.180; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
3fa3aad6-a918-4e0f-90d4-59d0fded6e8e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8188 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
X-Proxy-Origin
185.232.23.180; 185.232.23.180; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
abcc5d2c-d899-495f-8ca4-2b9add7a8ccb
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 9C00 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
X-Proxy-Origin
185.232.23.180; 185.232.23.180; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
b6644bc9-641b-4521-8ab7-a42e4f68c30f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A60A 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=143382
expires
Tue, 02 Nov 2021 17:38:25 GMT
date
Mon, 01 Nov 2021 01:48:43 GMT
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame F0BF 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
usermatch
ssum-sec.casalemedia.com/ Frame 5B0A 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
351d5f12c0976c1728b524817d2c6d49057c798afa91ea32a87076f735fdb15f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|45|230|241|31|65|156|196
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1674
Expires
Mon, 01 Nov 2021 01:48:43 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Connection
keep-alive
uc.html
sync.go.sonobi.com/ Frame 748B 		43 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Date
Mon, 01 Nov 2021 01:48:43 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1353 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=143382
expires
Tue, 02 Nov 2021 17:38:25 GMT
date
Mon, 01 Nov 2021 01:48:43 GMT
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame AC08 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
usermatch
ssum-sec.casalemedia.com/ Frame C816 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2012ff344123f2abe1d29d1851979cb835057f72860a3a347d301ab1f7eb54ad

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|230|45|241|105|190|88|65
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1702
Expires
Mon, 01 Nov 2021 01:48:43 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Connection
keep-alive
uc.html
sync.go.sonobi.com/ Frame 4580 		43 B
551 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Date
Mon, 01 Nov 2021 01:48:43 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
1
sync-eu.connectad.io/syncer/ Frame AAB3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.connectad.io/

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cache-control
no-cache, private
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a7176638e26695d-FRA
PugMaster
image6.pubmatic.com/AdServer/ Frame EFA4 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=80740181&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
content-length
0
casale
match.adsrvr.org/track/cmf/ Frame 5B0A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 01:48:43 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 5B0A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YX9He08mG63Ryzj4R9.cKgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG8Mb6DI2nFS9p3armMc8gM&google_cver=1&gdpr=1&google_hm=2
43 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG8Mb6DI2nFS9p3armMc8gM&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 01 Nov 2021 01:48:43 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 Nov 2021 01:48:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG8Mb6DI2nFS9p3armMc8gM&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 5B0A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YX9He08mG63Ryzj4R9-cKgAABMIAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJc3Mo2E0XtXA_Aj_GXoLAU&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJc3Mo2E0XtXA_Aj_GXoLAU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 01 Nov 2021 01:48:43 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 Nov 2021 01:48:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJc3Mo2E0XtXA_Aj_GXoLAU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 5B0A
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX9He08mG63Ryzj4R9-cKgAABMIAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX9He08mG63Ryzj4R9-cKgAABMIAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX9He08mG63Ryzj4R9-cKgAABMIAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:44 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
5PT4MJ0FDVYMA5EVPTJZ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
GWYVCCSXAB41RYBC90BD
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX9He08mG63Ryzj4R9-cKgAABMIAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
noop
px.owneriq.net/ Frame 5B0A
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6890177231130174202&uid=Q6890177231130174202&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
104.111.242.53 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-53.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
rum
dsum.casalemedia.com/ Frame 5B0A
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1635817723&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1635817723&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 01 Nov 2021 01:48:43 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1635817723&gdpr=1
pragma
no-cache
date
Mon, 01 Nov 2021 01:48:43 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
cookiesync
bttrack.com/pixel/ Frame 5B0A 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

X-ServerName
Track002-dc3
Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:12 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
us.php
gu.dyntrk.com/adx/ie/ Frame 5B0A 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.178.20.139 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31193669.ip-51-178-20.eu
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
x-rc
10
server
proxy
content-length
0
content-type
text/plain
setuid
sync.quantumdex.io/ Frame 5B0A 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YX9He08mG63Ryzj4R9-cKgAABMIAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a717664da5e177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
casale
match.adsrvr.org/track/cmf/ Frame C816 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 01:48:43 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame C816
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YX9He08mG63Ryzj4R9-cKgAABMIAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJc3Mo2E0XtXA_Aj_GXoLAU&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJc3Mo2E0XtXA_Aj_GXoLAU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 01 Nov 2021 01:48:43 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 Nov 2021 01:48:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJc3Mo2E0XtXA_Aj_GXoLAU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame C816
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YX9He08mG63Ryzj4R9.cKgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG8Mb6DI2nFS9p3armMc8gM&google_cver=1&gdpr=1&google_hm=2
43 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG8Mb6DI2nFS9p3armMc8gM&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 01 Nov 2021 01:48:43 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 Nov 2021 01:48:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG8Mb6DI2nFS9p3armMc8gM&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame C816
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX9He08mG63Ryzj4R9-cKgAABMIAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX9He08mG63Ryzj4R9-cKgAABMIAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX9He08mG63Ryzj4R9-cKgAABMIAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:44 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
V8VY2BGRZ9HZK5VY2YP1
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
BH2E3D48CVE54869DMXK
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX9He08mG63Ryzj4R9-cKgAABMIAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame C816
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1019 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 01 Nov 2021 01:48:43 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Mon, 01 Nov 2021 01:48:43 GMT
server
nginx/1.20.0
content-length
76
getuid
ib.adnxs.com/ Frame C816 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame C816
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YX9HewAAAVArRwBG
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YX9HewAAAVArRwBG&gdpr=1&_test=YX9HewAAAVArRwBG
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YX9HewAAAVArRwBG&gdpr=1&_test=YX9HewAAAVArRwBG
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:44 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 01 Nov 2021 01:48:44 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 Nov 2021 01:48:44 GMT
via
1.1 varnish
server
Varnish
x-timer
S1635731324.023720,VS0,VE0
x-served-by
cache-hhn4074-HHN
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YX9HewAAAVArRwBG&gdpr=1&_test=YX9HewAAAVArRwBG
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum.casalemedia.com/ Frame C816
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1635817723&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1635817723&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 01 Nov 2021 01:48:43 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1635817723&gdpr=1
pragma
no-cache
date
Mon, 01 Nov 2021 01:48:43 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
setuid
sync.quantumdex.io/ Frame C816 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YX9He08mG63Ryzj4R9-cKgAABMIAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a717664da5f177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
dcm
s.amazon-adsystem.com/ Frame 9676
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX9He08mG63Ryzj4R9-cLQAABJAAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX9He08mG63Ryzj4R9-cLQAABJAAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX9He08mG63Ryzj4R9-cLQAABJAAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Server
52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
N397Y6184Q98472CDFJ1
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
5JB6K6WT41WS09B7VPNB
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX9He08mG63Ryzj4R9-cLQAABJAAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 9676 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 01:48:43 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 9676
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YX9He08mG63Ryzj4R9-cLQAABJAAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJc3Mo2E0XtXA_Aj_GXoLAU&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJc3Mo2E0XtXA_Aj_GXoLAU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 01 Nov 2021 01:48:43 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 Nov 2021 01:48:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJc3Mo2E0XtXA_Aj_GXoLAU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 9676
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YX9He08mG63Ryzj4R9.cKgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG8Mb6DI2nFS9p3armMc8gM&google_cver=1&gdpr=1&google_hm=2
43 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG8Mb6DI2nFS9p3armMc8gM&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 01 Nov 2021 01:48:43 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 Nov 2021 01:48:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG8Mb6DI2nFS9p3armMc8gM&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 9676
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=Hw8hIMKs1MHmrh5&gdpr=1
43 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=Hw8hIMKs1MHmrh5&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 01 Nov 2021 01:48:43 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:42 GMT
Server
PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-00eeed23208b59ecc@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=Hw8hIMKs1MHmrh5&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge
cm.adgrx.com/ Frame 9676 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.196 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-5
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
YX9He08mG63Ryzj4R9-cLQAABJAAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9676 		43 B
870 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YX9He08mG63Ryzj4R9-cLQAABJAAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:df82:91d9:7297:1e70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame 9676
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1019 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 01 Nov 2021 01:48:43 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Mon, 01 Nov 2021 01:48:43 GMT
server
nginx/1.20.0
content-length
76
setuid
sync.quantumdex.io/ Frame 9676 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YX9He08mG63Ryzj4R9-cLQAABJAAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a717664ea69177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
dcm
s.amazon-adsystem.com/ Frame 0311
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX9He08mG63Ryzj4R9-cKgAABMIAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX9He08mG63Ryzj4R9-cKgAABMIAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX9He08mG63Ryzj4R9-cKgAABMIAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Server
52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
SZEDAQ2SJCJ82XRB90MK
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
2XHGVJ0GC4YAHDXEBG3N
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX9He08mG63Ryzj4R9-cKgAABMIAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 0311 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 01:48:43 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 0311
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YX9He08mG63Ryzj4R9-cKgAABMIAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJc3Mo2E0XtXA_Aj_GXoLAU&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJc3Mo2E0XtXA_Aj_GXoLAU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 01 Nov 2021 01:48:43 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 Nov 2021 01:48:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJc3Mo2E0XtXA_Aj_GXoLAU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 0311
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YX9He08mG63Ryzj4R9.cKgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG8Mb6DI2nFS9p3armMc8gM&google_cver=1&gdpr=1&google_hm=2
43 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG8Mb6DI2nFS9p3armMc8gM&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 01 Nov 2021 01:48:43 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 Nov 2021 01:48:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG8Mb6DI2nFS9p3armMc8gM&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 0311
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-a7772fb8-13aa-4e81-9fa1-ebc7de1c0400
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-a7772fb8-13aa-4e81-9fa1-ebc7de1c0400
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 01 Nov 2021 01:48:43 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-a7772fb8-13aa-4e81-9fa1-ebc7de1c0400
date
Mon, 01 Nov 2021 01:48:43 GMT
server
Apache-Coyote/1.1
content-length
0
us.php
gu.dyntrk.com/adx/ie/ Frame 0311 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.178.20.139 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31193669.ip-51-178-20.eu
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
x-rc
10
server
proxy
content-length
0
content-type
text/plain
crum
dsum-sec.casalemedia.com/ Frame 0311
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAKrIU7C_o8AAB7TPZB7vQ&expiration=1636940923&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAKrIU7C_o8AAB7TPZB7vQ&expiration=1636940923&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 01 Nov 2021 01:48:43 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAKrIU7C_o8AAB7TPZB7vQ&expiration=1636940923&gdpr=1
Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
rum
dsum-sec.casalemedia.com/ Frame 0311
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1638323323
43 B
1013 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1638323323
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 01 Nov 2021 01:48:43 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 Nov 2021 01:48:43 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1638323323
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
setuid
sync.quantumdex.io/ Frame 0311 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YX9He08mG63Ryzj4R9-cKgAABMIAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a717664fa71177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
match
ads.betweendigital.com/ Frame 29C8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=between&bsw_custom_parameter=5c09b74c-07e2-4ada-a245-d453efdf34a0
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=between&expires=10&bsw_param=5c09b74c-07e2-4ada-a245-d453efdf34a0
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=5c09b74c-07e2-4ada-a245-d453efdf34a0
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=5c09b74c-07e2-4ada-a245-d453efdf34a0
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
88.212.252.22 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=5c09b74c-07e2-4ada-a245-d453efdf34a0
Date
Mon, 01 Nov 2021 01:48:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 8DCE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YX9He08mG63Ryzj4R9-cKgAABMIAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJc3Mo2E0XtXA_Aj_GXoLAU&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJc3Mo2E0XtXA_Aj_GXoLAU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 01 Nov 2021 01:48:43 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 Nov 2021 01:48:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJc3Mo2E0XtXA_Aj_GXoLAU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 8DCE
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YX9He08mG63Ryzj4R9.cKgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG8Mb6DI2nFS9p3armMc8gM&google_cver=1&gdpr=1&google_hm=2
43 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG8Mb6DI2nFS9p3armMc8gM&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 01 Nov 2021 01:48:43 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 Nov 2021 01:48:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEG8Mb6DI2nFS9p3armMc8gM&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 8DCE 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 01:48:43 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 8DCE
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX9He08mG63Ryzj4R9-cKgAABMIAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX9He08mG63Ryzj4R9-cKgAABMIAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX9He08mG63Ryzj4R9-cKgAABMIAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Server
52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:44 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
NY03XSZ870DM6H777E6B
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
BR707CG9T13T8BT9KT2D
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX9He08mG63Ryzj4R9-cKgAABMIAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ix
ad4m.at/ad/sim/ Frame 8DCE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 8DCE
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1638323323
43 B
1013 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1638323323
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 01 Nov 2021 01:48:43 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 Nov 2021 01:48:43 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1638323323
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
crum
dsum-sec.casalemedia.com/ Frame 8DCE
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1019 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
HTTP/1.1
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:43 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 01 Nov 2021 01:48:43 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Mon, 01 Nov 2021 01:48:43 GMT
server
nginx/1.20.0
content-length
76
setuid
sync.quantumdex.io/ Frame 8DCE 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YX9He08mG63Ryzj4R9-cKgAABMIAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:387e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:43 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a717664fa73177e-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cs&eq_cc=1
um2.eqads.com/um/ Frame 00E9
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.249.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-249-39.compute-1.amazonaws.com
Software
/
Resource Hash
e45a511788ede5bd47b30b972566d77da2c4d38c7ea797912f0566a6f5f69296

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/

Response headers

date
Mon, 01 Nov 2021 01:48:44 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Mon, 01 Nov 2021 01:48:44 GMT
pragma
no-cache

Redirect headers

date
Mon, 01 Nov 2021 01:48:43 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
/
sync3.sniperlog.ru/ Frame 29C8
Redirect Chain
  • https://sync.bumlam.com/?src=aid0
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=d85d9a06-3ab5-11ec-86e0-002590c0647c
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=d85d9a06-3ab5-11ec-86e0-002590c0647c&bounce=1
  • https://sync.bumlam.com/?src=aid1&uid=p5wbrxVCjLSGlGWGKNRDog&
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=p5wbrxVCjLSGlGWGKNRDog&extra2=aidata
  • https://sync3.sniperlog.ru/?src=ggl&extra1=p5wbrxVCjLSGlGWGKNRDog&extra2=aidata&google_gid=CAESEDuW77BOoigzFbfPa200E8g&google_cver=1
43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync3.sniperlog.ru/?src=ggl&extra1=p5wbrxVCjLSGlGWGKNRDog&extra2=aidata&google_gid=CAESEDuW77BOoigzFbfPa200E8g&google_cver=1
Protocol
HTTP/1.1
Server
31.172.81.172 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 01:48:44 GMT
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

pragma
no-cache
date
Mon, 01 Nov 2021 01:48:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync3.sniperlog.ru/?src=ggl&extra1=p5wbrxVCjLSGlGWGKNRDog&extra2=aidata&google_gid=CAESEDuW77BOoigzFbfPa200E8g&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 00E9 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=549a5349-4a06-44d3-aec0-8a170b4ebad5&expiration=1643680124
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:44 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 01 Nov 2021 01:48:44 GMT
async_usersync
ib.adnxs.com/ Frame BC9C 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:44 GMT
X-Proxy-Origin
185.232.23.180; 185.232.23.180; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
901f347c-4151-41e5-9d29-ef82911fa05d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 2A0D 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:44 GMT
X-Proxy-Origin
185.232.23.180; 185.232.23.180; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
fcd5b9c4-53d3-4af0-982f-3e7ff6b6e892
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 90CF 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:44 GMT
X-Proxy-Origin
185.232.23.180; 185.232.23.180; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
3b267b16-b395-4042-b6c2-f928b3c54a48
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8188 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:44 GMT
X-Proxy-Origin
185.232.23.180; 185.232.23.180; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
be9029d2-bc1a-4294-ade9-c471f6f0a139
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 9C00 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Nov 2021 01:48:44 GMT
X-Proxy-Origin
185.232.23.180; 185.232.23.180; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
94b22d6f-05f7-4ce6-b433-783409fc8ff8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame B4B3
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=fc0ef1b3-bc48-5131-8fa1-9f99eeded8ee&CACHEBUSTER=205705
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 01 Nov 2021 01:48:44 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Date
Mon, 01 Nov 2021 01:48:44 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
usync.js
eus.rubiconproject.com/ Frame B4B3 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3a97df53baadc7f20a3ccd6bb9c6b5fab12ce7efaab6ca0987be6c62489b2dc2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Mon, 01 Nov 2021 01:48:44 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Oct 2021 15:57:03 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=35675
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9399
Expires
Mon, 01 Nov 2021 11:43:19 GMT
khaos.jpg
token.rubiconproject.com/ Frame B4B3 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/jpg
205705
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 29C8
Redirect Chain
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/205705
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/205705
43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/205705
Protocol
H2
Server
2001:6d0:4001::226 -, , ASN (),
Reverse DNS
Software
ms-counter-3.2.14/1.20.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 01:48:44 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-3.2.14/1.20.1
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 Nov 2021 01:48:44 GMT
server
ms-counter-3.2.14/1.20.1
strict-transport-security
max-age=2678400
content-type
image/gif
location
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/205705
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 29C8
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=fc0ef1b3-bc48-5131-8fa1-9f99eeded8ee&expires=60
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=5c09b74c-07e2-4ada-a245-d453efdf34a0&gdpr=&gdpr_consent=
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=5c09b74c-07e2-4ada-a245-d453efdf34a0&gdpr=&gdpr_consent=
Protocol
HTTP/1.1
Server
185.86.138.144 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 01:48:44 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

Location
//rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=5c09b74c-07e2-4ada-a245-d453efdf34a0&gdpr=&gdpr_consent=
Date
Mon, 01 Nov 2021 01:48:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
/
onetag-sys.com/usync/ Frame BDDE 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5d1628750185ace
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=fc0ef1b3-bc48-5131-8fa1-9f99eeded8ee&CACHEBUSTER=205705
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
fc0ef1b3-bc48-5131-8fa1-9f99eeded8ee
an.yandex.ru/mapuid/betweendigitalis/ Frame 29C8
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2Ffc0ef1b3-bc48-5131-8fa1-9f99eeded8ee
  • https://an.yandex.ru/mapuid/betweendigitalis/fc0ef1b3-bc48-5131-8fa1-9f99eeded8ee
  • https://an.yandex.ru/mapuid/betweendigitalis/fc0ef1b3-bc48-5131-8fa1-9f99eeded8ee?redir-setuniq=1
43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/betweendigitalis/fc0ef1b3-bc48-5131-8fa1-9f99eeded8ee?redir-setuniq=1
Protocol
H2
Server
2a02:6b8::90 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 01:48:45 GMT
content-encoding
gzip
last-modified
Mon, 01 Nov 2021 01:48:45 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 01 Nov 2021 01:48:45 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 Nov 2021 01:48:45 GMT
content-encoding
gzip
last-modified
Mon, 01 Nov 2021 01:48:45 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://an.yandex.ru/mapuid/betweendigitalis/fc0ef1b3-bc48-5131-8fa1-9f99eeded8ee?redir-setuniq=1
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 01 Nov 2021 01:48:45 GMT
sync
t.adx.opera.com/ Frame 29C8 		0
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60079&uid=fc0ef1b3-bc48-5131-8fa1-9f99eeded8ee
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 -, , ASN (),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Nov 2021 01:48:45 GMT
server
Tengine
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
0
expires
Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.youtube.com
URL
https://www.youtube.com/embed/sWMKxJSjfo8?feature=oembed
Domain
links.services.disqus.com
URL
https://links.services.disqus.com/api/ping

Verdicts & Comments Add Verdict or Comment

190 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| tieSkin object| html string| htmlSkin undefined| tieSkinInverted object| google_tag_manager object| dataLayer string| em_version boolean| em_track_user string| em_no_track_reason string| disableStr function| __gtagTrackerIsOptedOut function| __gtagTrackerOptout function| gaOptout function| __gtagTracker object| google_tag_data string| GoogleAnalyticsObject function| ga function| gtag function| __gaTracker object| _wpemojiSettings object| AdSlotCollection object| WebComponents function| __CE_installPolyfill object| ShadyCSS object| regeneratorRuntime object| exactmetrics_frontend function| ExactMetrics object| ExactMetricsObject undefined| $ function| jQuery object| FullworksAntiSpamFELO object| header boolean| mnIsDark boolean| tnIsDark object| ldAdInit boolean| __isGoogleAllowed object| googletag object| pbjs325474 object| countVars string| disqus_shortname object| embedVars string| disqus_url string| disqus_identifier string| disqus_container_id string| disqus_title undefined| disqus_config_custom function| disqus_config object| _peq object| jetpackLazyImagesL10n object| tie function| tieFlexMenu function| tieLazyLoad function| tieTabs function| tie_animate_element function| tie_animate_reviews object| $doc object| $window object| $html object| $body object| $themeHeader object| $mainNav object| $container boolean| is_RTL number| intialWidth boolean| isDuringAjax boolean| scrollBarWidth boolean| mobileMenu object| emergence object| browserPrefixes boolean| is_boxed_layout boolean| megaMenuAjax object| Modernizr function| TieSticky object| $the_post object| $postContent object| addComment object| wp object| _stq function| loadCSS string| c object| twemoji object| _ldStickyConfig object| _ldAdIdMap object| gaplugins object| gaGlobal object| gaData object| _peSd object| _peD object| _peE object| _pe object| jeengConfig object| __core-js_shared__ function| setImmediate function| clearImmediate object| core function| __extends function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __values function| __read function| __spread function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault object| jeeng function| st_go function| linktracker_init object| wpcom object| php_js number| distance number| time object| animationAction function| pbjs325474Chunk object| _pbjsGlobals object| ADAGIO object| Criteo object| ggeac object| google_js_reporting_queue boolean| _ldStickyRendered object| DISQUSWIDGETS undefined| disqus_domain object| DISQUS object| pe function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| sas object| apntag object| _ADAGIO boolean| __v5k function| vl_cB function| vl_disable function| vglnk_16357313205056 object| vglnk object| criteo_pubtag object| criteo_pubtag_prebid_113 object| Criteo_prebid_113 function| vglnk_16357313210087

82 Cookies

Domain/Path Name / Value
thetruedefender.com/ Name: PHPSESSID
Value: 79a7e08a8396430af9550814d6bec7f5
.thetruedefender.com/ Name: _ga
Value: GA1.2.2033616666.1635731319
.thetruedefender.com/ Name: _gid
Value: GA1.2.866574082.1635731319
.youtube.com/ Name: YSC
Value: 0BlM4bwNLAQ
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: r_vzT52rnZQ
thetruedefender.com/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.adnxs.com/ Name: uuid2
Value: 3872160515926359340
.thetruedefender.com/ Name: _gat_gtag_UA_186892928_1
Value: 1
.smartadserver.com/ Name: pbw
Value: %24b%3d16950%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 402008=4645548
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: sasd
Value: %24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D60311%3B%24qt%3D25_1045_42811t%3B%24dma%3D0
thetruedefender.com/ Name: PushSubscriberStatus
Value: CLOSED
thetruedefender.com/ Name: peclosed
Value: true
.quantumdex.io/ Name: uid
Value: fa80dc4b-587e-4f1b-942a-15f796922f76
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D60311%3B%24qt%3D25_1045_42811t%3B%24dma%3D0&c=1&l=1881784456&lo=-721590141&lt=637713317197409859&o=1
.betweendigital.com/ Name: dc
Value: mow1
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
.betweendigital.com/ Name: tuuid
Value: fc0ef1b3-bc48-5131-8fa1-9f99eeded8ee
.a-mo.net/ Name: amuid2
Value: 12dbfe1b-a22a-439b-8737-8d8ea3023a1b
.adnxs.com/ Name: icu
Value: ChgIztV3EAoYAyADKAMw-I79iwY4A0ADSAMQ-I79iwYYAg..
.smartadserver.com/ Name: pid
Value: 5223594446036741318
.smartadserver.com/ Name: pdomid
Value: 11
prebid.a-mo.net/ Name: __amc
Value: 2_1635731319_1635731320
xn--r1a.website/ Name: stel_ssid
Value: f5343a2ec6b3c49d44_4789913774497130733
.criteo.com/ Name: uid
Value: 7beac787-2807-49a3-abed-016619aa4a4a
.doubleclick.net/ Name: IDE
Value: AHWqTUlpu176sh95lOcgbarqklZwNV2Fk36bT3a_1yxNNHOzcDesUfTJRfqGf0j_
.thetruedefender.com/ Name: cto_bundle
Value: eNm6O19yVHAwdWpHN1BwQUJISGExQjF5Zk5iRFglMkJyQm1reWRnSDdkWXRRQjRESnRvbkQ2R1hvVmFFTjYyMks4emEweHdaS0RCR0s2UzhzVFU3QWpseVRUczc3d21tMjBtZ0NJOHpEcnJaM042SVdnNmdGV0ZZR2ZZSWkwd1lpVmd2aTZkcXZrNzloV3RRZEVDRktnUHVFOWZ3VzlLNiUyQjZCOERDZiUyQlU3ZEVFb0tmUk0lM0Q
thetruedefender.com/ Name: cto_bundle
Value: 28V8WV9YcFVUdnpuamY1emxETnE0MG1CbFFhdmI0ZUt0dnZxbGUzRW9QN3AlMkJUTG5JSWtkUmVTMEtWaVRxc2JtJTJCdGNFNGJuQnByJTJCVktIV1BwZmpQd3FHRTdoMnltVnhzdjFncjZUZndUY2NFUXZHU1hjUE5wbDBKdXZxek5pRjVZUVNLcWN5OWVwcmFJOEN4bnJOWHZBcTElMkZPaWVYbGFsNzAzWnElMkZOZUxJVWdldzNBJTNE
thetruedefender.com/ Name: cto_bidid
Value: v6GD3l9DRGR5dU5pbHZCaUNpc1FUcmR1U0tzSTVmYVIzVXRJOEgxNU9YaVZjSyUyQm0wUkZBa25peTVVJTJCMmxIM3lHa29LNlRucHRaWUVEVTkyd2wwd2J5REdjQzlVUUhkS2dQQU84Z2hCeFgyQXBlY2hqN3hNRm5xMjE2eUw4dGVZRU9NVlA
.adfarm1.adition.com/ Name: UserID1
Value: 7025412537328466064
.openx.net/ Name: i
Value: 3c557f7b-b1cd-0348-3157-1b4e06afbfd3|1635731323
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 45D82A35-8016-4EDD-86FF-9E673E2D9254
.smartadserver.com/ Name: csync
Value: 91:45D82A35-8016-4EDD-86FF-9E673E2D9254|124:bea6d3f0-2a63-4863-a682-083f342a5a44
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.sharethrough.com/ Name: stx_user_id
Value: 2910dcf5-2271-4a06-88ec-e3e54af9c217
.yahoo.com/ Name: A3
Value: d=AQABBHtHf2ECEGhnQMf0V5c4VPkB42vs_c8FEgEBAQGYgGGJYQAAAAAA_eMAAA&S=AQAAAirCttOZrY7S4P1HztS57NY
.bidswitch.net/ Name: tuuid
Value: 5c09b74c-07e2-4ada-a245-d453efdf34a0
.bidswitch.net/ Name: c
Value: 1635731323
.bidswitch.net/ Name: tuuid_lu
Value: 1635731323
.casalemedia.com/ Name: CMPS
Value: 5202
.id5-sync.com/ Name: id5
Value: b1edbfca-8699-4316-8834-03ddf52ab7c9#1635731336801#2
.id5-sync.com/ Name: 3pi
Value:
.id5-sync.com/ Name: callback
Value:
.advertising.com/ Name: APID
Value: UPd84ed7f9-3ab5-11ec-8648-0226963cdaa0
.casalemedia.com/ Name: CMID
Value: YX9He08mG63Ryzj4R9.cKgAA
.casalemedia.com/ Name: CMPRO
Value: 1218
.adhigh.net/ Name: gi_u
Value: u6ajsFLsS64R.AikABlF82S86Vw
ms.quantumdex.io/ Name: qdsp_uid
Value: a1523f1a-fec2-4d56-97f5-636ff2b0c427
.adsniper.ru/ Name: uuid3
Value: IiRkODVkOWEwNi0zYWI1LTExZWMtODZlMC0wMDI1OTBjMDY0N2M*
.adsrvr.org/ Name: TDID
Value: 0f51f656-4a2e-4b17-be16-8af6bf3473c9
.admixer.net/ Name: am-uid
Value: 374bbd348b16427e8c2bbb7a16289d57
.analytics.yahoo.com/ Name: IDSYNC
Value: "192w~21a1:192x~21a1"
.yahoo.com/ Name: APID
Value: UPd84ed7f9-3ab5-11ec-8648-0226963cdaa0
.yahoo.com/ Name: APIDTS
Value: 1635731323
.ads.pubmatic.com/ Name: KCCH
Value: YES
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwiEpYH7jrmOOhAFOAE.
.bumlam.com/ Name: suuid3
Value: IiRkODVkOWEwNi0zYWI1LTExZWMtODZlMC0wMDI1OTBjMDY0N2M*
.adhigh.net/ Name: btw_sync
Value: IYc
.lijit.com/ Name: ljt_reader
Value: 30ca94a4c8fd86775a6cdb2d
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-3c1269d2-6f4c-4623-ac37-b360c8b930a0-003%22%7D
.w55c.net/ Name: wfivefivec
Value: Hw8hIMKs1MHmrh5
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-3c1269d2-6f4c-4623-ac37-b360c8b930a0-003%22%7D
.w55c.net/ Name: matchcasale
Value: 5
.owneriq.net/ Name: si
Value: Q6890177231130174202
.owneriq.net/ Name: p2
Value: cc
.betweendigital.com/ Name: ut
Value: YX9HewALz3DB3igvO0de8USCAq6hBXjcPDUudw==
.bidr.io/ Name: bito
Value: AAKrIU7C_o8AAB7TPZB7vQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.eqads.com/ Name: EQUser
Value: UID=549a5349-4a06-44d3-aec0-8a170b4ebad5
.aidata.io/ Name: __upin
Value: p5wbrxVCjLSGlGWGKNRDog
.aidata.io/ Name: __upints
Value: 1635731323
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YX9HewAAAVArRwBG
.casalemedia.com/ Name: CMST
Value: YX9He2F-R3wA
x01.aidata.io/ Name: adsnpr
Value: 1
.casalemedia.com/ Name: CMRUM3
Value: 58617f477c2760YX9HewAAAVArRwBG&e6617f477b2760&2d617f477b05a0&c4617f477b05a0&28617f477c2760549a5349-4a06-44d3-aec0-8a170b4ebad5&40617f477b2760no-consent&f1617f477b05a0&c3617f477b2760av-a7772fb8-13aa-4e81-9fa1-ebc7de1c0400&2f617f477b2760Hw8hIMKs1MHmrh5&82617f477b2760AAKrIU7C_o8AAB7TPZB7vQ&27617f477b0b40

3 Console Messages

Source Level URL
Text
javascript error URL: https://thetruedefender.com/biden-almost-expelled-from-the-g20-summit-stage-in-rome-he-was-talking-to-himself/
Message:
Access to XMLHttpRequest at 'https://links.services.disqus.com/api/ping' from origin 'https://thetruedefender.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://links.services.disqus.com/api/ping
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.disquscdn.com
acdn.adnxs.com
ad4m.at
ads.betweendigital.com
ads.pubmatic.com
an.yandex.ru
ap.lijit.com
assetscdn.pushengage.com
bidder.criteo.com
bidswitch-eu.splicky.com
bttrack.com
c.disquscdn.com
c0.wp.com
cache.betweendigital.com
casale-match.dotomi.com
cdn.connectad.io
cdn.jsdelivr.net
cdn.viglink.com
cdn1.lockerdomecdn.com
cdn2.lockerdomecdn.com
cdn4.telesco.pe
clientcdn.pushengage.com
cm.adgrx.com
cm.g.doubleclick.net
cmp.optad360.io
cs.lkqd.net
csync.loopme.me
d.adroll.com
disqus.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eu-u.openx.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
get.optad360.io
googleads.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
i.connectad.io
i.ytimg.com
i1.wp.com
i2.wp.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
inv-nets.admixer.net
links.services.disqus.com
lockerdome.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
ms.quantumdex.io
mug.criteo.com
nep.advangelists.com
onetag-sys.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.wp.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prg.smartadserver.com
px.adhigh.net
px.owneriq.net
referrer.disqus.com
rtb-csync.smartadserver.com
rtb.adpone.com
s.ad.smaato.net
s.amazon-adsystem.com
script.4dex.io
secure-assets.rubiconproject.com
secure.gravatar.com
securepubads.g.doubleclick.net
ssp.wp.pl
ssum-sec.casalemedia.com
static.criteo.net
static.doubleclick.net
stats.g.doubleclick.net
stats.wp.com
std.wpcdn.pl
sync-eu.connectad.io
sync-tm.everesttech.net
sync.1rx.io
sync.bumlam.com
sync.go.sonobi.com
sync.quantumdex.io
sync.targeting.unrulymedia.com
sync3.adsniper.ru
sync3.sniperlog.ru
t.adx.opera.com
thetruedefender-com.disqus.com
thetruedefender.com
tlgr.org
token.rubiconproject.com
um2.eqads.com
ups.analytics.yahoo.com
useast.quantumdex.io
users.api.jeeng.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.tns-counter.ru
www.youtube.com
x.bidswitch.net
x01.aidata.io
xn--r1a.website
yt3.ggpht.com
links.services.disqus.com
www.youtube.com
104.111.242.53
104.154.142.214
142.250.185.226
143.204.98.125
143.204.98.22
146.0.227.110
146.20.128.182
147.75.38.124
149.154.164.25
151.101.0.134
151.101.130.49
151.236.71.146
162.55.6.212
168.119.168.202
172.217.18.98
178.162.133.149
178.250.0.157
178.250.2.131
18.157.150.79
18.159.140.98
185.184.8.65
185.64.190.78
185.86.138.144
185.86.139.58
192.0.76.3
192.0.77.2
192.0.77.37
192.132.33.46
193.232.148.142
199.232.196.134
199.232.198.49
2.18.232.130
2.18.233.180
2.18.234.21
2001:6d0:4001::226
212.77.98.32
212.77.99.29
213.19.147.45
216.52.2.39
23.37.42.132
23.79.143.124
2600:9000:2156:5000:6:b871:4f00:93a1
2600:9000:2156:5600:1b:5138:8a40:93a1
2600:9000:2156:6200:a:cbb7:a940:93a1
2600:9000:2156:a00:b:6268:b880:93a1
2600:9000:2156:a600:6:8656:f5c0:93a1
2600:9000:2156:d400:11:a4de:2580:93a1
2606:4700:10::6816:36ce
2606:4700:10::6816:387e
2606:4700:10::ac43:264e
2606:4700:20::681a:842
2606:4700:20::681a:8a9
2606:4700:20::681a:a19
2606:4700:20::681a:bd1
2606:4700::6810:5514
2606:4700::6810:a30d
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2006
2a00:1450:4001:811::200e
2a00:1450:4001:812::200a
2a00:1450:4001:812::200e
2a00:1450:4001:827::2016
2a00:1450:4001:828::2004
2a00:1450:4001:828::2008
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2002
2a00:1450:400c:c06::9b
2a02:2638::1c
2a02:2638::3
2a02:6b8::90
2a02:fa8:8806:16::1370
2a04:fa87:fffe::c000:4902
2a05:d018:d29:3601:df82:91d9:7297:1e70
3.125.99.7
3.126.56.137
3.127.209.187
3.217.109.237
3.33.220.150
31.172.81.158
31.172.81.172
35.244.159.8
37.252.173.215
51.178.20.139
51.89.9.252
52.16.229.21
52.18.183.31
52.46.154.242
54.174.249.39
54.36.109.156
66.155.71.25
69.173.144.139
72.251.241.196
82.145.213.8
85.114.159.93
88.212.252.22
89.108.119.43
95.216.186.40
0111ef8fb7bab66f02ebb76acf1c20ebff86c7eddef1834b50529d3396410c26
023d2dda72814a8b932eaa0e1d2c7c1c4bd5f493d9c018e3345d8bc3f9bc6d69
02613859f88dc6d2b048d508315456d884816dfccf7647ec58ab10774eb71d24
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
033cdf2b4601b534a053dad43675610131a713d8121cae53cbf761f21f407613
0395cb34995627b7a16ec7e822168737dfd7fee33684c8d85cd5b487f39b3ac0
0428c13ff57781d86804da6cedb692094c3b6d893b241a21f9e8a4205e252b15
043fb8c51a80e4d940ea86a32433b58ded5528d4005b8d97479fcf38b3bd5f44
071ae33974e54b0b7586b5ecc94a40ab118f7df9a387f351231095b51aafe93e
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
09255fc220032ea7ecb474d0b0b6daffccade6134caae15332892691465788f8
0a1fc524469c189ab3ef5bb0fd741d4ca4b9397535b88666e87b412fb78cb4f1
0b721ba64a02eb660eb62d1b6d7558ec8d86490c0e4444262b38ac5a54004e88
0e518e01ed18cb69a308745f4e6efd686e430d64957ca4d3fb686eb699889d18
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad
0f661b180cb5ec06a2458d8be5c013a37abe06a0d446945709010132ca813d15
0fc433d29c75ad01a8b659920e90e0e9cec6a29f64554b294f0b711531e95be0
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
14c5e032b8f50fa35a4b25feb81d6e23db74721bbb42d83471aabe2e134a8004
14f7e8767eae2938acc03f4f5935fc659cb90504207b219c13c475e4c102d4dc
17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9
1fabd9cf5a7cb762fe2d495c5bffeff52affc2b4c4f45d6ad51d82fe64da03d5
2012ff344123f2abe1d29d1851979cb835057f72860a3a347d301ab1f7eb54ad
202cd96978dd79f15c51e076087b0493a118b345aab51117f7d0992bad5a7ddf
206265ae26336f7c89900f764c662ac1e8e33de7b87cb48d5091fd0e110b206d
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
2414cfaa22a8bfa4294324bc0e1e9e9fb193a6f310149502eebf0151c81d1c5c
2592b4e46e8af0af3a6d226a426ab1eeff99edd04bc7d064317f0c01717df7fb
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2892a779cee25c3a681f6c8d4c779f0e8632741aec6485a87da48000d84b96c5
2a6256a8cda2be6b3467365b05cca0b6e8a7d92ffe60f72f9400f7b86b8e606d
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b5304ba90a1201b1aa51bcfe259eba101eeda9c3ef0be5ef6197f1874706091
2c996f42ddaa85cc8c2758d035f9d9cac8ea1f2f8693baf4c16479a6460f4bdf
2dcda7a0ad7fa9d3a2380fc217467ed666b3162e1a875f3a354e7a68ad20e040
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
300c2a57d0ed169063b3daaff0550227cf8be6e702a58ab79f40a351df655243
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
351d5f12c0976c1728b524817d2c6d49057c798afa91ea32a87076f735fdb15f
360cb757953c12a86e5cab86a14bc19f343fae4b09fa758b1a0535dca3c5f26f
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37af7bfb8b71df5cb9f912d0980965340e171692a48ba40928f58c593d5c7e11
37b1fd207790317793e7a625decd6868999d0136dbbed74da32f2fbdd0cd0f5e
38fd2fa1c9bb4724854dc55617ab234182eeca455e3b72fdc9f1e6ddca9ffd1a
3a97df53baadc7f20a3ccd6bb9c6b5fab12ce7efaab6ca0987be6c62489b2dc2
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dec177dc170f02a8d94a8c38f30f749ab24a1d16aa891cecd2ccf6c4a120635
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e994c6b869ce31ac6a8997cfcdaca22ac6c47f137ec735b2ac413e466b7ca0c
3ebe3ff6e3d8d47304ff7bbcb28cc0579ca64c2cd7989015db2fbdb08ec8dd92
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4023d3dc503fbc6a9ccc0d0e06ea42c8cdef5f2ed2415b2c498d40894410719c
4031dea4a8a48b0efd5836f07da70d2f72a3fcd76d50f2d411b3ccec4e980b28
406f8f561a264967c993f7075951301220b809adc5cabc2eb5d834a9119821b0
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0
4747c28b7d737f1e2ab5f3c66ff87df45d412bc786709b8a880d322c4f40beef
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49cb7f860d83b8c607afffa3e3d16040d88ee9f95e5e1065abc83e750fa19276
4aedd618e5afdcceeaeb82c1d6926175a4bb43dd363e9c64eacfca2ae80c9b60
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4c797355fdbc5008cb1c2db5648cd47acc0c8f6f92dfac3e6a8e903667761c0f
4d958aa0fe56b2c9ef407522721c72a3f0ac4f0ae063a2e2d05c134b7a79fa85
4d99f2c1e6fde96e2c2308b915e4da16aee198a8d8f86b9350676830544b66fa
4dba1e011745c1bec0b32691b466bf85c8972935bdb186a45fc96296136b23d8
4e2ff4dda6510591e0123ec9153d0dd7f35a566566df7095694625e6c654e527
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
506fed9cf30ffd83f5c73e8a04a73a3486fea0c108bd1bc70d988614ae7fa092
51e78e904c795ed5b0154a9995d1ab0b7e3667f5aede719bda86ba38236c5989
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
545f7284439440fac6a2ce4a53a16cf7e9c7f9f6dc7a6f09877bd2af7c85e3b1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5576184f46f1849cc7807498bec4c70ca5ebc23171b04ca8ef61265443728b2c
59274b2a317083b284de199623f83dde26f71623d3c18555d70b9580e6f4943f
597cbe38286e21d62b879f02a00942cc6a162526a6f25144c50448ee402c5963
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29
60631ed8f1dfa6713ff9e30fec41786aadc477c0cac5a75dca66b5a49f76b901
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6990ea232bb26e9f419f1c364efc4d46ab62288a58f57aff6f289f4a98459240
6a78a0de507129528831483053094ff43ffc594aa43da6c79cf3f06c134520d2
6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b305c2db0fd8ece01e42e1d5d918ffe7d40daff5559297e1345a4e440749866
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c84b15475645a583ebcacf9dce3e2ac8ada4feacf3640b2ba60c9139dc9e382
6db623175e53f8a8fbe0dd0b9ef38213bfffab51835c940b2ff705514b3bee9c
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453
724734608f337327557662c7222b4a416e467fec061e33588f977a4adf58dae7
7383b553b9c0cf9a720710cc29af301b3e66b69de9d4fbcba8fa3769c5b39253
7462bdf789a89db34e26ce9deeb27e2d532113145d71bb560aad30c67dceaf88
7555f86a33c4dce08fbe536e66411d99700850715859cedf5f1ead70c7114440
76c5af278930130ec960bad13ef702aacf39b6bf8da552eceb8afd437c6b5178
7832129e5e666d4cc05e2dfe7257602b2e092d3a173e494e44a2485fb283594d
7af53d7077c16f6ad9efd63a975749c4835ce6e495c337fa4176f15ed385f80b
7dcbd9ddb813cf06084d60b6158da5289b9e33ba3f9e7c463fd20e7ec8462014
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
80b5f56879cce5196b2c10bf238bd7e83df53c26ecf581637249d0ff8c28d770
81d657bcaddad398f9324eb7b82be51e3bb5893d8c3669ca766ee2baa55a2987
82649ad7d4ec9c61f1e525b2dade75153ffb03610b88d22e1ba3ba98fd55de81
82e95b02cef8ad794453e841a77c55f92f6c289d44bc3f0ff50b7a3db32c9f04
82ff4455c684dc06d7c2a3531129f7900085f0260c188d67215dc7b9b9d61b5d
831b502b7f9c15c2cd3ee726d68d5e1b0a7637b2fd1c01f190af2cf43c56d902
84d8f388cb532fa03d78de854a9f98fb6ef603fc0775c9c915ef889dedcb41e9
88264adf3d3193fb56c229f0b92e2a6096770eb76996d1fedc95f5bcb208ccda
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a4ea6812b93a3308a7e267996a9fc880a15c2fa41e9003adfdd7f6ded032f74
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
953166db4f8341fa3778411c56de31cb9b8378d78100fb536b485db9882d20fe
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
9a211890e04f6342daafeab7c7d11cd15419e8a4830f530176b28d872e6a1d9a
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2601ca32610d643f60e5cf25ec5871ea07cdbfdab0012d17cdd9f23c9bd9845
a6c04007ae11cd4a4e63a5ce4f032265d8d4da82a9947767c786f99d0d85cb76
a7145e35459692778d48ee4720e0897425811356b8e60ecdf87decaa8db0fdd6
a846027190475a9eb5b551fa377a0d60857db115d88ad60b3e0377fb00dac74a
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa4e9fcb86e5a604183b1a6d1590eff2fe041424a5d125cb8aad57b22f042fdf
aae68d7418f7820c7267d6dc0ec4f3f0935d15e965d5dfd0730ee15265cb932e
ae5df397c5c0dac0b9a5156343d18306f38b277664010be4121bd082f795131c
af835718d2bbc006f11104cbd1258b00c59804cbcfda40488707a58c672b2e94
b03a87f179ef9c572383188c376c2aba16eef1c429f91cffb5e670f77b55a995
b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27e0fd58dabc8c58c7944cfda0a7fcdefcab27547fbe4d939b27d93af483ca2
b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6
b4e54900492e7fa37b1da9dfb701b52ce20eb8709219e48f9db66b9fd547c429
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b5c639313a20041c6986df07dae08542d6e26be05464cadce13a51141b8a8886
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bc906ccf37ead40bd23d581b6baecced40627d81810e3cab81edd703d61b5518
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf3b52f874aebd7cfc4c49cc840977ec1fa179df6026c7cbb23794a3ccbde172
bf72ba0b566ecbe65620ed97fdaef5efae0a235f48d845a25a33888a4e47ef84
bf7cf40cac4303c84fe1f2023fd8905b9b6e91fc6d37d1b50d12acd3e418ad5d
c0c3fbbc9f124fcd13db136627470ef5deb4f956c05456e0c294c85e4b9916c3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c3d8f1101a790ab1233144c17ffcd9e31d648cd90a92cd96fafe64522b1916e0
c473a2b5a7895fff511ea06f4455362e3f3ad30699564b79e3c4413dfcfdab01
c6811ace8dcadada9d9969a950eaaeda6ebc9fdd3e3a045392bf2705579c6aaa
c9ca9fbe90c932d2954e1c8cb18dea47e37035aea6157e8e10a97e70f09402fe
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cde2f59f96d0942bb5b2e7f286a46b73fc392caefb9c037c6e631c522c8e1dcb
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d12fa4b5546986e4184d7f9872c134261ebbeb00fff580e38c3fe21d5769c6a0
d2b435a3903298990f107305f0c581fb1b2f24a6c9f2b152c50d08af5b013912
d417d2cfe4b97e101cd920fa2fbe54b69664c398ea013e8f1ce20428eb0449cc
d436a11fef6a32350946d3e8979a698e63213a0449bdccc01fac1be1a814ef7f
d712796d188539ac294a0dd7a2d0b2770cbaca32d836863fd2565e6b39ae5f52
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d90a92a7cfa091e8b08b8a24572b8c67d1aa35d4e2a9b09887cfb412acc3adfc
dcd346804a786db16b40af2672924a5b8787623f71d648a017da7e236e1b19b4
dce64d173726d9f24dd1d5569d96f069efec0a8a10c1343e8e80626cf185e5f1
dd7c2679c9cfa6b04a5599f2b379e62760791546dd02d58b35ee5187246d63f2
dde8d8d5c56eb93e433b3b333cb6cbab4e98448622c6738f28264f66657164df
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
de8518c6a3c7a5a8b6e555bc47c7d74b1370986672fc880ef09143f570abe7ef
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45a511788ede5bd47b30b972566d77da2c4d38c7ea797912f0566a6f5f69296
e4a467f338cd040cbc2d95708a69495f6fbc9050fb1b7cc8fe4763f468d6992a
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
e7dba4ee9a220e14aabe7ad5cbc5333313e1aea2f07091673f0e42dc405858aa
e84a340caf47fb7f52d6d4eef3db512e84c911268acf1c5eb66b44887f343457
e856293f0bfd6bee2a808701afc266d9b70995c66fed88a78583a304c1a67a2c
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9020c4c53ca9b85fff4e05ef42fbc1d0004cf8c2eb78fc98b0c8b7dc1d1bf79
eb46d82ef6f86859f18e379660e0f45b85c6f69fa97111905f0c125a08506376
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd5ad608d8f3603b3eb9ca9f2c65ed45d7ca18acd0296fe5fc24b150eb4c4e9
efd9e824a1e4ebcc1191decc082d4718bc50ca3ac692bb9529753d4cc97c5ecc
f1672b6adb575ab5321d426ebcca1e8b00217bfb2704fb41797f0dc91f5f5061
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f3a7f51da6149b03e0bf9d19c2299740475661a044954fc56fdcc9244d8c4d6d
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5010764339d94d1fa6a5cc219dd0ab07cfca326a11e866768b80d6081773950
f5627ea74eac809576ae16667ed7522b8dff46df48c38d9452dbe2eb208d2eef
f6d836acd1e04a5a600e876f874a681d1590b961b051390c62b61fe6d8570f0b
f78153738f18a6d1b3f7311bf1bc17a3970238802f5a3a07cfed3e95a1bcaa4c
f7d50018e8f90fed92e85b97dd6f8f6294c488c7de11ee92bec3923dbe692d4e
f84c61e99a5aad0342783ba8276421b954977e38b383aa6f2e41bebb12c3f6c1
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ff17f08db808e813e0f3270329ce38e06376065502acddb467d39eea8d84d67c
ffb35efd480af56d9f533db9624e16256a9ffe66621e6d34fb8689510d70381a