thetruedefender.com Open in urlscan Pro
104.26.9.66 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Submission: On October 30 via api (October 30th 2021, 5:58:26 am UTC) from US — Scanned from DE

Summary HTTP 475 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 95 IPs in 15 countries across 92 domains to perform 475 HTTP transactions. The main IP is 104.26.9.66, located in United States and belongs to CLOUDFLARENET, US. The main domain is thetruedefender.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 5th 2021. Valid for: a year.

This is the only time thetruedefender.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
33	104.26.9.66 104.26.9.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.98.119 143.204.98.119	16509 (AMAZON-02) (AMAZON-02)
2	18.66.139.98 18.66.139.98	16509 (AMAZON-02) (AMAZON-02)
4	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	142.250.185.200 142.250.185.200	15169 (GOOGLE) (GOOGLE)
4	142.250.186.78 142.250.186.78	15169 (GOOGLE) (GOOGLE)
7	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
2	104.22.57.174 104.22.57.174	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	143.204.98.115 143.204.98.115	16509 (AMAZON-02) (AMAZON-02)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
10	143.204.98.58 143.204.98.58	16509 (AMAZON-02) (AMAZON-02)
3	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	143.204.98.17 143.204.98.17	16509 (AMAZON-02) (AMAZON-02)
3	169.55.146.12 169.55.146.12	36351 (SOFTLAYER) (SOFTLAYER)
12	95.216.186.40 95.216.186.40	24940 (HETZNER-AS) (HETZNER-AS)
8	104.26.7.35 104.26.7.35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
2	104.16.86.20 104.16.86.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.154.142.214 104.154.142.214	15169 (GOOGLE) (GOOGLE)
2	104.26.8.169 104.26.8.169	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	212.77.99.29 212.77.99.29	12827 (WIRTUALNA...) (WIRTUALNAPOLSKA GDANSK)
2	104.26.10.25 104.26.10.25	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 66	104.22.57.126 104.22.57.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	104.22.54.206 104.22.54.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11 32	37.252.172.37 37.252.172.37	29990 (ASN-APPNEX) (ASN-APPNEX)
5	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
5	147.75.38.124 147.75.38.124	54825 (PACKET) (PACKET)
5	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	185.86.139.96 185.86.139.96	201081 (SMARTADSE...) (SMARTADSERVER)
1 16	188.42.29.196 188.42.29.196	7979 (SERVERS-COM) (SERVERS-COM)
15	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
1	192.0.73.2 192.0.73.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	142.250.186.138 142.250.186.138	15169 (GOOGLE) (GOOGLE)
24	149.154.165.133 149.154.165.133	62041 (TELEGRAM) (TELEGRAM)
15	143.204.98.83 143.204.98.83	16509 (AMAZON-02) (AMAZON-02)
4	151.101.64.134 151.101.64.134	54113 (FASTLY) (FASTLY)
1	13.224.193.64 13.224.193.64	16509 (AMAZON-02) (AMAZON-02)
2	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
2 6	104.92.74.8 104.92.74.8	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.16.186.107 2.16.186.107	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	104.16.19.94 104.16.19.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	89.187.169.39 89.187.169.39	60068 (CDN77 ^_^) (CDN77 ^_^)
2	151.101.65.26 151.101.65.26	54113 (FASTLY) (FASTLY)
2	216.58.212.170 216.58.212.170	15169 (GOOGLE) (GOOGLE)
2	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
3	192.187.114.18 192.187.114.18	33387 (NOCIX) (NOCIX)
2	8.39.36.141 8.39.36.141	26667 (RUBICONPR...) (RUBICONPROJECT)
1	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
3	66.102.1.156 66.102.1.156	15169 (GOOGLE) (GOOGLE)
1	2.16.186.82 2.16.186.82	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	185.29.134.249 185.29.134.249	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	185.86.139.59 185.86.139.59	201081 (SMARTADSE...) (SMARTADSERVER)
2	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
1	199.232.194.49 199.232.194.49	54113 (FASTLY) (FASTLY)
2 8	178.63.52.121 178.63.52.121	24940 (HETZNER-AS) (HETZNER-AS)
12	34.248.176.243 34.248.176.243	16509 (AMAZON-02) (AMAZON-02)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2	178.250.2.130 178.250.2.130	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	104.16.160.13 104.16.160.13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	85.114.131.235 85.114.131.235	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 2	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1	93.159.228.11 93.159.228.11	200107 (KL-EXT) (KL-EXT)
1	185.86.137.17 185.86.137.17	201081 (SMARTADSE...) (SMARTADSERVER)
4	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2.21.141.148 2.21.141.148	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
5	185.86.138.142 185.86.138.142	201081 (SMARTADSE...) (SMARTADSERVER)
1 2	37.252.172.45 37.252.172.45	29990 (ASN-APPNEX) (ASN-APPNEX)
8 10	18.157.70.90 18.157.70.90	16509 (AMAZON-02) (AMAZON-02)
1 2	52.50.110.98 52.50.110.98	16509 (AMAZON-02) (AMAZON-02)
2 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
2 2	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	212.77.98.32 212.77.98.32	12827 (WIRTUALNA...) (WIRTUALNAPOLSKA GDANSK)
2 2	35.210.53.219 35.210.53.219	15169 (GOOGLE) (GOOGLE)
2 2	193.232.148.143 193.232.148.143	48061 (UMA-TECH-AS) (UMA-TECH-AS)
11 11	216.52.2.30 216.52.2.30	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
4 5	31.172.81.159 31.172.81.159	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	151.236.71.146 151.236.71.146	204720 (CDNETWORKS) (CDNETWORKS)
14 15	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
10	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
10 10	35.157.177.200 35.157.177.200	16509 (AMAZON-02) (AMAZON-02)
5 5	18.157.150.79 18.157.150.79	16509 (AMAZON-02) (AMAZON-02)
15 15	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
12 16	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
3 8	51.89.42.86 51.89.42.86	16276 (OVH) (OVH)
5 5	146.20.128.151 146.20.128.151	27357 (RACKSPACE) (RACKSPACE)
8 33	2.21.141.232 2.21.141.232	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
23 23	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
4 8	209.54.177.54 209.54.177.54	16509 (AMAZON-02) (AMAZON-02)
4 4	51.178.20.139 51.178.20.139	16276 (OVH) (OVH)
1	173.231.180.197 173.231.180.197	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
3 5	37.157.3.29 37.157.3.29	198622 (ADFORM) (ADFORM)
6 7	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
2 2	3.126.16.11 3.126.16.11	16509 (AMAZON-02) (AMAZON-02)
1 3	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER)
1	3.222.216.135 3.222.216.135	14618 (AMAZON-AES) (AMAZON-AES)
1	104.26.11.209 104.26.11.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.241.40.233 35.241.40.233	() ()
1 1	157.90.167.185 157.90.167.185	24940 (HETZNER-AS) (HETZNER-AS)
2 2	213.155.156.182 213.155.156.182	1299 (TWELVE99 ...) (TWELVE99 Twelve99)
9	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	198.47.127.20 198.47.127.20	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 2	146.59.148.16 146.59.148.16	16276 (OVH) (OVH)
6 7	3.122.214.165 3.122.214.165	16509 (AMAZON-02) (AMAZON-02)
1 1	46.228.164.13 46.228.164.13	56396 (AMOBEE) (AMOBEE)
1 1	91.228.74.134 91.228.74.134	16509 (AMAZON-02) (AMAZON-02)
2 2	52.49.238.187 52.49.238.187	16509 (AMAZON-02) (AMAZON-02)
1 1	185.183.112.155 185.183.112.155	60350 (VP) (VP)
1 1	89.207.16.137 89.207.16.137	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	3.228.229.208 3.228.229.208	14618 (AMAZON-AES) (AMAZON-AES)
1 1	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	89.108.119.43 89.108.119.43	197695 (AS-REG) (AS-REG)
1 2	194.226.130.228 194.226.130.228	52016 (TNSMSK-) (TNSMSK-)
1 1	185.255.84.152 185.255.84.152	200271 (IGUANE-) (IGUANE-)
1	195.244.31.11 195.244.31.11	63140 (IGUANA-WO...) (IGUANA-WORLDWIDE)
1 2	77.88.21.90 77.88.21.90	() ()
1	82.145.213.8 82.145.213.8	() ()
475	95

33 104.26.9.66 (United States)

ASN13335 (CLOUDFLARENET, US)

thetruedefender.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.119 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-119.fra50.r.cloudfront.net

cmp.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.139.98 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.57.174 (United States)

ASN13335 (CLOUDFLARENET, US)

users.api.jeeng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.115 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-115.fra50.r.cloudfront.net

clientcdn.pushengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 143.204.98.58 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-58.fra50.r.cloudfront.net

cdn1.lockerdomecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.17 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-17.fra50.r.cloudfront.net

cdn2.lockerdomecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 169.55.146.12 (United States)

ASN36351 (SOFTLAYER, US)
PTR: c.92.37a9.ip4.static.sl-reverse.com

rumble.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 95.216.186.40 (Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.40.186.216.95.clients.your-server.de

xn--r1a.website	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tlgr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.26.7.35 (United States)

ASN13335 (CLOUDFLARENET, US)

www.bitchute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.196.134 (United States)

ASN54113 (FASTLY, US)

thetruedefender-com.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.86.20 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.154.142.214 (United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com

lockerdome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.8.169 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 212.77.99.29 (Gdańsk, Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: ssp.wp.pl

ssp.wp.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.10.25 (United States)

ASN13335 (CLOUDFLARENET, US)

rtb.adpone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

66 104.22.57.126 (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

useast.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ms.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.22.54.206 (United States)

ASN13335 (CLOUDFLARENET, US)

i.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-eu.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 37.252.172.37 (Ascension Island) 11 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.184.8.65 (Poland)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.86.139.96 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 188.42.29.196 (Luxembourg) 1 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 51.89.9.252 (Germany)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.73.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 149.154.165.133 (United Kingdom)

ASN62041 (TELEGRAM, VG)

cdn4.telesco.pe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 143.204.98.83 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-83.fra50.r.cloudfront.net

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.64.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.64 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-64.fra2.r.cloudfront.net

assetscdn.pushengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.11 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)

sp.rmbl.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.92.74.8 (Netherlands) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-8.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.107 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-107.deploy.static.akamaitechnologies.com

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.19.94 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.187.169.39 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-39.cdn77.com

static-3.bitchute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.26 (United States)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.170 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f10.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.187.114.18 (Kansas City, United States)

ASN33387 (NOCIX, US)

seed125.bitchute.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.39.36.141 (United States)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 66.102.1.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.82 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-82.deploy.static.akamaitechnologies.com

apps.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.134.249 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.59 (France)

ASN201081 (SMARTADSERVER, FR)

itx4.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.194.49 (United States)

ASN54113 (FASTLY, US)

a.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 178.63.52.121 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.121.52.63.178.clients.your-server.de

ad.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad20.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.248.176.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-176-243.eu-west-1.compute.amazonaws.com

s.update.mediamathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.160.13 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.131.235 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: srv21039.dus4.fastwebserver.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.239.217 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.159.228.11 (Russian Federation)

ASN200107 (KL-EXT, RU)

media.kaspersky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.17 (France)

ASN201081 (SMARTADSERVER, FR)

www8.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.21.141.148 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-148.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.86.138.142 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.45 (Ascension Island) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.157.70.90 (United States) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-70-90.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.50.110.98 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-110-98.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.151 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 212.77.98.32 (Gdańsk, Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: wifi32.ras.wp.pl

std.wpcdn.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.148.143 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp4.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 216.52.2.30 (United States) 11 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 31.172.81.159 (Germany) 4 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.172.81.158 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.236.71.146 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)

cache.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 3.126.56.137 (Frankfurt am Main, Germany) 14 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.157.177.200 (Frankfurt am Main, Germany) 10 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-177-200.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.157.150.79 (United States) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-150-79.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 213.19.147.44 (United Kingdom) 15 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 52.223.40.198 (Seattle, United States) 12 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 51.89.42.86 (Germany) 3 redirects

ASN16276 (OVH, FR)
PTR: p26.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 146.20.128.151 (San Antonio, United States) 5 redirects

ASN27357 (RACKSPACE, US)

cs.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2.21.141.232 (Ascension Island) 8 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-232.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 142.250.186.130 (United States) 23 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 209.54.177.54 (Osaka, Japan) 4 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.178.20.139 (France) 4 redirects

ASN16276 (OVH, FR)
PTR: ns31193669.ip-51-178-20.eu

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.231.180.197 (United States)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.3.29 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.66.49 (United States) 6 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.16.11 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-16-11.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 159.253.128.183 (Amsterdam, Netherlands) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.222.216.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-216-135.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.11.209 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.40.233 (None, ) 1 redirects

ASN- ()

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.90.167.185 (United States) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.185.167.90.157.clients.your-server.de

bidswitch-eu.splicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.182 (Ascension Island) 2 redirects

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-182.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.132.245 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.59.148.16 (Norway) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-2.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.122.214.165 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.134 (United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.238.187 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-238-187.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.183.112.155 (Netherlands) 1 redirects

ASN60350 (VP, FR)

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.207.16.137 (Sweden) 1 redirects

ASN41041 (VCLK-EU-SE, US)
PTR: ams03-usadmm.dotomi.com

casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.228.229.208 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-229-208.compute-1.amazonaws.com

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.150 (Southampton, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.119.43 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51370.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.226.130.228 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

www.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.152 (France) 1 redirects

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.244.31.11 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)

visitor-usa02.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.88.21.90 (None, ) 1 redirects

ASN- ()

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (None, )

ASN- ()

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
66	quantumdex.io 5 redirects useast.quantumdex.io sync.quantumdex.io ms.quantumdex.io	10 KB
39	adnxs.com 12 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	113 KB
33	casalemedia.com 8 redirects ssum-sec.casalemedia.com dsum-sec.casalemedia.com dsum.casalemedia.com	36 KB
33	thetruedefender.com thetruedefender.com	415 KB
29	doubleclick.net 23 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	200 KB
24	telesco.pe cdn4.telesco.pe	1 MB
18	pubmatic.com ads.pubmatic.com image6.pubmatic.com image2.pubmatic.com simage2.pubmatic.com image4.pubmatic.com simage4.pubmatic.com	47 KB
17	yahoo.com 15 redirects pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	15 KB
17	betweendigital.com 1 redirects ads.betweendigital.com cache.betweendigital.com	10 KB
16	adsrvr.org 12 redirects match.adsrvr.org	7 KB
16	disquscdn.com c.disquscdn.com a.disquscdn.com	547 KB
15	onetag-sys.com onetag-sys.com	9 KB
13	wp.com i0.wp.com c0.wp.com stats.wp.com i1.wp.com pixel.wp.com i2.wp.com	151 KB
12	mediamathtag.com s.update.mediamathtag.com	53 KB
12	smartadserver.com prg.smartadserver.com itx4.smartadserver.com www8.smartadserver.com rtb-csync.smartadserver.com	16 KB
12	bitchute.com www.bitchute.com static-3.bitchute.com seed125.bitchute.com	3 MB
11	lijit.com 11 redirects ap.lijit.com	6 KB
11	criteo.com 2 redirects bidder.criteo.com gum.criteo.com dis.criteo.com	8 KB
11	connectad.io i.connectad.io cdn.connectad.io sync-eu.connectad.io	5 KB
11	lockerdomecdn.com cdn1.lockerdomecdn.com cdn2.lockerdomecdn.com	149 KB
10	1rx.io 10 redirects sync.1rx.io	6 KB
10	advertising.com 10 redirects pixel.advertising.com	3 KB
10	sonobi.com sync.go.sonobi.com	5 KB
10	bidswitch.net 8 redirects x.bidswitch.net	4 KB
10	tlgr.org tlgr.org	115 KB
10	wp.pl ssp.wp.pl	2 KB
8	amazon-adsystem.com 4 redirects s.amazon-adsystem.com	5 KB
8	id5-sync.com 3 redirects id5-sync.com	10 KB
8	ad-srv.net 2 redirects ad.ad-srv.net ad20.ad-srv.net	7 KB
8	rubiconproject.com 2 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	22 KB
8	disqus.com thetruedefender-com.disqus.com disqus.com referrer.disqus.com links.services.disqus.com Failed	62 KB
7	eyeota.net 6 redirects ps.eyeota.net	4 KB
7	everesttech.net 6 redirects sync-tm.everesttech.net	2 KB
7	mathtag.com 3 redirects tags.mathtag.com pixel.mathtag.com sync.mathtag.com	5 KB
5	adform.net 3 redirects c1.adform.net	2 KB
5	lkqd.net 5 redirects cs.lkqd.net	2 KB
5	unrulymedia.com 5 redirects sync.targeting.unrulymedia.com	2 KB
5	sharethrough.com 5 redirects match.sharethrough.com	940 B
5	bumlam.com 4 redirects sync.bumlam.com	2 KB
5	wpcdn.pl std.wpcdn.pl	136 KB
5	a-mo.net prebid.a-mo.net	270 B
5	creativecdn.com prebid-eu.creativecdn.com	905 B
4	dyntrk.com 4 redirects gu.dyntrk.com	2 KB
4	google-analytics.com www.google-analytics.com	40 KB
3	simpli.fi 1 redirects um.simpli.fi	1 KB
3	turn.com 3 redirects ad.turn.com d.turn.com	1 KB
3	cloudflare.com cdnjs.cloudflare.com	58 KB
3	googleapis.com fonts.googleapis.com imasdk.googleapis.com	314 KB
3	lockerdome.com lockerdome.com	46 KB
3	rumble.com rumble.com	32 KB
3	pushengage.com clientcdn.pushengage.com assetscdn.pushengage.com	26 KB
3	optad360.io cmp.optad360.io get.optad360.io	232 KB
2	yandex.ru 1 redirects an.yandex.ru	673 B
2	omnitagjs.com 1 redirects visitor.omnitagjs.com visitor-usa02.omnitagjs.com	719 B
2	tns-counter.ru 1 redirects www.tns-counter.ru	707 B
2	aidata.io 2 redirects x01.aidata.io	1 KB
2	bidr.io 2 redirects match.prod.bidr.io	1 KB
2	onaudience.com 2 redirects pixel.onaudience.com	791 B
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	adsniper.ru 2 redirects sync3.adsniper.ru	1 KB
2	adhigh.net 2 redirects px.adhigh.net	821 B
2	admedo.com 2 redirects pool.admedo.com	717 B
2	awin1.com 1 redirects www.awin1.com	1 KB
2	contentspread.net cdn.contentspread.net	2 KB
2	viglink.com cdn.viglink.com	533 B
2	criteo.net static.criteo.net	54 KB
2	gstatic.com fonts.gstatic.com	32 KB
2	polyfill.io cdn.polyfill.io	2 KB
2	sascdn.com ced-ns.sascdn.com apps.sascdn.com	11 KB
2	rmbl.ws sp.rmbl.ws	56 KB
2	adpone.com rtb.adpone.com	2 KB
2	4dex.io script.4dex.io	23 KB
2	jsdelivr.net cdn.jsdelivr.net	34 KB
2	xn--r1a.website xn--r1a.website	18 KB
2	jeeng.com users.api.jeeng.com	120 KB
1	opera.com t.adx.opera.com	410 B
1	sitescout.com 1 redirects pixel-sync.sitescout.com	299 B
1	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com	373 B
1	dotomi.com 1 redirects casale-match.dotomi.com	187 B
1	adotmob.com 1 redirects sync.adotmob.com	307 B
1	quantserve.com 1 redirects pixel.quantserve.com	542 B
1	splicky.com 1 redirects bidswitch-eu.splicky.com	221 B
1	brand-display.com 1 redirects dmp.brand-display.com	317 B
1	ad4m.at ad4m.at
1	adentifi.com rtb.adentifi.com	88 B
1	adgrx.com cm.adgrx.com	408 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	487 B
1	kaspersky.com media.kaspersky.com	62 KB
1	2mdn.net s0.2mdn.net	17 KB
1	gravatar.com secure.gravatar.com	39 KB
1	googletagmanager.com www.googletagmanager.com	35 KB
475	92

	Domain	Requested by
56	sync.quantumdex.io	get.optad360.io sync.quantumdex.io ssum-sec.casalemedia.com ads.pubmatic.com
33	thetruedefender.com	thetruedefender.com
32	ib.adnxs.com	11 redirects get.optad360.io acdn.adnxs.com ssum-sec.casalemedia.com
24	cdn4.telesco.pe	xn--r1a.website thetruedefender.com
23	cm.g.doubleclick.net	23 redirects
18	dsum-sec.casalemedia.com	4 redirects ssum-sec.casalemedia.com
16	match.adsrvr.org	12 redirects ssum-sec.casalemedia.com
16	ads.betweendigital.com	1 redirects get.optad360.io ads.betweendigital.com
15	ups.analytics.yahoo.com	14 redirects ssum-sec.casalemedia.com
15	c.disquscdn.com	thetruedefender-com.disqus.com disqus.com c.disquscdn.com
15	onetag-sys.com	get.optad360.io thetruedefender.com sync.quantumdex.io cache.betweendigital.com
13	ssum-sec.casalemedia.com	4 redirects sync.quantumdex.io ssum-sec.casalemedia.com
12	s.update.mediamathtag.com	tags.mathtag.com s.update.mediamathtag.com
11	ap.lijit.com	11 redirects
10	sync.1rx.io	10 redirects
10	pixel.advertising.com	10 redirects
10	sync.go.sonobi.com	sync.quantumdex.io
10	x.bidswitch.net	8 redirects ssum-sec.casalemedia.com
10	tlgr.org	xn--r1a.website
10	ssp.wp.pl	get.optad360.io
10	cdn1.lockerdomecdn.com	thetruedefender.com cdn1.lockerdomecdn.com lockerdome.com
8	s.amazon-adsystem.com	4 redirects ssum-sec.casalemedia.com
8	id5-sync.com	3 redirects sync.quantumdex.io
8	www.bitchute.com	thetruedefender.com www.bitchute.com cdnjs.cloudflare.com
7	ps.eyeota.net	6 redirects ads.pubmatic.com
7	sync-tm.everesttech.net	6 redirects ssum-sec.casalemedia.com
7	c0.wp.com	thetruedefender.com
6	ads.pubmatic.com	sync.quantumdex.io ads.pubmatic.com
5	image2.pubmatic.com	ads.pubmatic.com
5	c1.adform.net	3 redirects ssum-sec.casalemedia.com ads.pubmatic.com
5	cs.lkqd.net	5 redirects
5	sync.targeting.unrulymedia.com	5 redirects
5	match.sharethrough.com	5 redirects
5	ms.quantumdex.io	5 redirects
5	sync.bumlam.com	4 redirects thetruedefender.com
5	std.wpcdn.pl	ssp.wp.pl
5	rtb-csync.smartadserver.com	thetruedefender.com
5	acdn.adnxs.com	get.optad360.io
5	cdn.connectad.io	get.optad360.io
5	prg.smartadserver.com	get.optad360.io
5	bidder.criteo.com	get.optad360.io
5	prebid.a-mo.net	get.optad360.io
5	prebid-eu.creativecdn.com	get.optad360.io
5	i.connectad.io	get.optad360.io
5	useast.quantumdex.io	get.optad360.io
4	simage2.pubmatic.com	ads.pubmatic.com
4	gu.dyntrk.com	4 redirects
4	gum.criteo.com	get.optad360.io static.criteo.net gum.criteo.com
4	ad20.ad-srv.net	ad.ad-srv.net
4	ad.ad-srv.net	2 redirects thetruedefender.com ad.ad-srv.net
4	eus.rubiconproject.com	thetruedefender.com eus.rubiconproject.com cache.betweendigital.com
4	disqus.com	thetruedefender-com.disqus.com c.disquscdn.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com rumble.com
3	sync.mathtag.com	3 redirects
3	um.simpli.fi	1 redirects ssum-sec.casalemedia.com ads.pubmatic.com
3	tags.mathtag.com	ced-ns.sascdn.com thetruedefender.com
3	stats.g.doubleclick.net	lockerdome.com
3	seed125.bitchute.com	www.bitchute.com
3	cdnjs.cloudflare.com	www.bitchute.com
3	lockerdome.com	cdn2.lockerdomecdn.com
3	rumble.com	thetruedefender.com rumble.com
3	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net
2	an.yandex.ru	1 redirects thetruedefender.com
2	www.tns-counter.ru	1 redirects thetruedefender.com
2	x01.aidata.io	2 redirects
2	match.prod.bidr.io	2 redirects
2	pixel.onaudience.com	2 redirects
2	d5p.de17a.com	2 redirects
2	dsum.casalemedia.com	ssum-sec.casalemedia.com
2	pm.w55c.net	2 redirects
2	sync3.adsniper.ru	2 redirects
2	px.adhigh.net	2 redirects
2	pool.admedo.com	2 redirects
2	dis.criteo.com	2 redirects
2	ad.turn.com	2 redirects
2	pr-bh.ybp.yahoo.com	1 redirects ssum-sec.casalemedia.com
2	secure.adnxs.com	1 redirects ssum-sec.casalemedia.com
2	www.awin1.com	1 redirects ad.ad-srv.net
2	cdn.contentspread.net	ad.ad-srv.net
2	cdn.viglink.com	thetruedefender.com
2	static.criteo.net	get.optad360.io static.criteo.net
2	referrer.disqus.com	c.disquscdn.com thetruedefender.com
2	token.rubiconproject.com	eus.rubiconproject.com
2	fonts.gstatic.com	fonts.googleapis.com
2	imasdk.googleapis.com	rumble.com imasdk.googleapis.com
2	cdn.polyfill.io	www.bitchute.com
2	secure-assets.rubiconproject.com	2 redirects
2	sp.rmbl.ws	rumble.com
2	rtb.adpone.com	get.optad360.io
2	script.4dex.io	get.optad360.io script.4dex.io
2	cdn.jsdelivr.net	get.optad360.io www.bitchute.com
2	thetruedefender-com.disqus.com	thetruedefender.com
2	xn--r1a.website	thetruedefender.com tlgr.org
2	clientcdn.pushengage.com	thetruedefender.com clientcdn.pushengage.com
2	users.api.jeeng.com	thetruedefender.com users.api.jeeng.com
2	i0.wp.com	thetruedefender.com
2	get.optad360.io	thetruedefender.com get.optad360.io
1	simage4.pubmatic.com	ads.pubmatic.com
1	t.adx.opera.com	thetruedefender.com
1	visitor-usa02.omnitagjs.com	thetruedefender.com
1	visitor.omnitagjs.com	1 redirects
1	pixel-sync.sitescout.com	1 redirects
1	beacon.lynx.cognitivlabs.com	1 redirects
1	casale-match.dotomi.com	1 redirects
1	sync.adotmob.com	1 redirects
1	pixel.quantserve.com	1 redirects
1	d.turn.com	1 redirects
1	image4.pubmatic.com	ads.pubmatic.com
1	bidswitch-eu.splicky.com	1 redirects
1	dmp.brand-display.com	1 redirects
1	ad4m.at	ssum-sec.casalemedia.com
1	rtb.adentifi.com	ssum-sec.casalemedia.com
1	cm.adgrx.com	ssum-sec.casalemedia.com
1	image6.pubmatic.com	ads.pubmatic.com
1	sync-eu.connectad.io	cdn.connectad.io
1	cache.betweendigital.com	ads.betweendigital.com
1	dsp.adfarm1.adition.com	1 redirects
1	www8.smartadserver.com	thetruedefender.com
1	media.kaspersky.com	ad.ad-srv.net
1	pixel.mathtag.com	thetruedefender.com
1	a.disquscdn.com	thetruedefender.com
1	itx4.smartadserver.com	ced-ns.sascdn.com
1	apps.sascdn.com	ced-ns.sascdn.com
1	s0.2mdn.net	imasdk.googleapis.com
1	static-3.bitchute.com	www.bitchute.com
1	ced-ns.sascdn.com	thetruedefender.com
1	assetscdn.pushengage.com	thetruedefender.com
1	fonts.googleapis.com	xn--r1a.website
1	i2.wp.com	thetruedefender.com
1	secure.gravatar.com	thetruedefender.com
1	pixel.wp.com	thetruedefender.com
1	i1.wp.com	thetruedefender.com
1	cdn2.lockerdomecdn.com	thetruedefender.com
1	stats.wp.com	thetruedefender.com
1	www.googletagmanager.com	thetruedefender.com
1	cmp.optad360.io	thetruedefender.com
0	links.services.disqus.com Failed	c.disquscdn.com
475	137

This site contains links to these domains. Also see Links.

Domain
rumble.com
t.me
www.facebook.com
twitter.com
www.linkedin.com
www.tumblr.com
pinterest.com
reddit.com
vk.com
connect.ok.ru
getpocket.com
beforeitsnews.com
www.bitchute.com
api.whatsapp.com
telegram.me
lockerdome.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-01-05` - `2022-01-04`	a year	crt.sh
*.optad360.io Amazon	`2020-12-17` - `2022-01-15`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
jeeng.com Cloudflare Inc ECC CA-3	`2021-09-13` - `2022-09-12`	a year	crt.sh
*.pushengage.com Amazon	`2021-01-27` - `2022-02-24`	a year	crt.sh
*.lockerdomecdn.com Amazon	`2021-02-24` - `2022-03-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.rumble.com DigiCert SHA2 Secure Server CA	`2020-10-29` - `2021-11-29`	a year	crt.sh
xn--r1a.website R3	`2021-10-28` - `2022-01-26`	3 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.lockerdome.com Go Daddy Secure Certificate Authority - G2	`2021-09-27` - `2022-10-29`	a year	crt.sh
*.wp.pl RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-05` - `2022-03-14`	a year	crt.sh
connectad.io Cloudflare Inc ECC CA-3	`2021-05-16` - `2022-05-15`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.a-mo.net R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-06` - `2022-02-16`	2 years	crt.sh
onetag-sys.com R3	`2021-10-14` - `2022-01-12`	3 months	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
tlgr.org R3	`2021-10-26` - `2022-01-24`	3 months	crt.sh
*.telesco.pe Go Daddy Secure Certificate Authority - G2	`2020-03-10` - `2022-04-13`	2 years	crt.sh
a.disquscdn.com Amazon	`2020-11-30` - `2021-12-29`	a year	crt.sh
sp.rmbl.ws R3	`2021-09-17` - `2021-12-16`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.sascdn.com DigiCert SHA2 Secure Server CA	`2021-09-13` - `2022-09-13`	a year	crt.sh
static-3.bitchute.com R3	`2021-10-20` - `2022-01-18`	3 months	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2020	`2021-06-04` - `2022-07-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.bitchute.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-01` - `2022-03-01`	2 years	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
*.disquscdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
ad-srv.net R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
update.mediamathtag.com R3	`2021-10-27` - `2022-01-25`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
ssl1029306.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-07-12` - `2022-06-30`	a year	crt.sh
contentspread.net R3	`2021-10-04` - `2022-01-02`	3 months	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
*.wpcdn.pl RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-14` - `2022-05-15`	a year	crt.sh
cache.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-08` - `2022-02-05`	2 years	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.id5-sync.com R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-17` - `2022-02-09`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
adentifi.com Amazon	`2021-09-04` - `2022-10-03`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-24` - `2022-02-16`	6 months	crt.sh
*.adx.opera.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-14` - `2022-06-10`	a year	crt.sh

This page contains 77 frames:

Primary Page: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Frame ID: 64A760BE2AEA79711F4F5F13D12D89EF
Requests: 145 HTTP requests in this frame

Frame: https://rumble.com/embed/vloy5t/?pub=4
Frame ID: 9E03DA4D65371CD20028BA1CB8A989BB
Requests: 8 HTTP requests in this frame

Frame: https://xn--r1a.website/s/TheTrueDefender
Frame ID: BD2CF02F8B04AF2D6F9AD6609424CB11
Requests: 41 HTTP requests in this frame

Frame: https://www.bitchute.com/embed/vfV71S3H1YRi/
Frame ID: 5F6AAF375900AB86CB581307F424A8A5
Requests: 18 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13997836195017830?pubid=ld-5318-880&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Frame ID: A810B0153FD2208DA2558E3BE34F909C
Requests: 6 HTTP requests in this frame

Frame: https://lockerdome.com/lad/14009642120598886?pubid=ld-7836-312&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Frame ID: 9AB0030D3AC7093E8D8FFD1D42E41204
Requests: 14 HTTP requests in this frame

Frame: https://lockerdome.com/lad/14447308783736934?pubid=ld-14447308783736934&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=1560
Frame ID: A19B4F7854051E099A329A365E6AA280
Requests: 2 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34079%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34079&t_u=https%3A%2F%2Fthetruedefender.com%2Fdurham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails%2F&t_e=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails!&t_d=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails!&t_t=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails!&s_o=default
Frame ID: C7473483641428ADCF924DF0B43FA77D
Requests: 16 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Frame ID: DFD1B264D27891958AF76953CA47C79B
Requests: 3 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Frame ID: EDB9E50AAA77BE20AF48291B0AEC9A1A
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html
Frame ID: 8C52F6A5F0E6B0821D788AC60F49A65C
Requests: 1 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22449904201728267803%22%2c%22adomain%22%3a%22kaspersky.de%22%2c%22page%22%3a%221366485%22%2c%22format%22%3a%2289189%22%2c%22crid%22%3a%227515751%22%2c%22dsp%22%3a%2225%22%2c%22buyer%22%3a%2213088%22%2c%22cid%22%3a%22746345%22%2c%22adid%22%3a%227515751%22%2c%22hash%22%3a%228688035902788523009%22%7d
Frame ID: 022A17D52693797E69B3EB3E4BEFF2C1
Requests: 1 HTTP requests in this frame

Frame: https://tags.mathtag.com/notify/js?exch=sas&s_exch=sas&id=5aW95q2jLzIzLyAvWm1VNVpqYzFPR0l0TlRKbU1pMWlZbVpoTFRBd01EQXRNREF3TURBd01EQXdNREF3LzI3NTYxMDE3ODMwNzk3MTc4NjIvNzUxNTc1MS81NjM3MjU0LzM5L1FkTjZKNzZubEx6NWE0YVdac2lYZ0RFX0VUa0pqMWxYNGVBUkFUd1FiVlEvMS8xMDAwLzAvMC8xMTgzNDc3LzM2MzI0OTIzMDkvMjM0NDk1Lzc0NjM0NS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8xMDQvNDIwODQ5LzAvMC8yNzU2MTAxNzgzMDc5NzE3ODYyL3pyaC8wLzIwMDYvMzMvOTk5LzMyMi8yMTYuMTMxLjExMS4wLzAuMDAwLzE2MzU1NzM0OTYvMTYzNTU4NjA5Ni8xMDAwLzIwNzkv/8d3NMb0GyLnCxtCu5tLGefRngw8&nodeid=2636&group=zrh&auctionid=2756101783079717862&shardkey=2756101783079717862&sid=5637254&cid=7515751&price=0.036549&bp=a_adgfej&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.132.67
Frame ID: A65BDD873E4C7C2D68F09431A56FFD52
Requests: 18 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=8wexqd9dxefc&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2756101783079717862%26mt_id%3D7515751%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D39%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd0fa617c-def9-4401-bbac-ac4b0129ed38%26mt_cid%3Dd0fa617c-def9-4401-bbac-ac4b0129ed38%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_2756101783079717862&random=2756101783079717862&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:sas&extVar[]=MM_DOM_RTB:thetruedefender.com&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&documentReferer=https%3A%2F%2Fthetruedefender.com%2Fdurham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails%2F&ancestorOrigins=https%3A%2F%2Fthetruedefender.com%2Chttps%3A%2F%2Fthetruedefender.com&uidRedirect=1
Frame ID: 0938830BF0F2B05CC9A05339A7DA136F
Requests: 5 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 9F6FA93B0B6AABA5314777705C0F7F31
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 1D064C8946C793572BEF8EDABB5ED4EB
Requests: 1 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=9bda091792derQTbIfj57zqhZIENdE85NeW24OhUOoIQJooIfRoLf3ktDy6YTRPOAQh7EkcctjOtPTpqTV9SbNXYRc7U16sfY8AIibEW_MT8B_62W6vxBIycaXYUoZXm1TifNWhIO6HyxbTCw3fA4diogBm1dh4uL-TZNCqaKb3A_EZHGy0HbgIJ2z8rCGjW27uve045y-CEZRwNXR8wATNr&subid=61411000026638401319921011763020&redirectClick=https%3A%2F%2Fad20.ad-srv.net%2Fc%2Fpzfnpzvdzzelva7%3Ftprde%3D&uidRedirect=1
Frame ID: 3FCC99368C9335B6E1739549D0B2FF92
Requests: 6 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2519508&v=14098&q=379082&r=559379&pv=1&pref1=85361200026638601649445011763020
Frame ID: 38CD57CB4F38A3AD49404547AD3A12E9
Requests: 1 HTTP requests in this frame

Frame: blob://https://thetruedefender.com/3dfe0b25-666f-410e-b35c-22c3639a58a2
Frame ID: A5D9EC24808C532E983173E120270A8C
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 784F9244187FAA04E15042C03C9AB761
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: 77E2F62DA631EF381B009452725363CC
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1635573496177
Frame ID: 2EAF44D9F89ECAF92C2D7D3E55E03371
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: E79CA53212615B943B86FC645B3C4F01
Requests: 2 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 166B2B8CDD1ED7056FE8C77F027ACA97
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1635573496216
Frame ID: 5789BBC2CD38697468F1D014C728B565
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0F055959463BCB4A900D6D215B9BD316
Requests: 3 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: 5B27317C880033EF913031DF3CCBFB0A
Requests: 2 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: F9D0A3BE00FB83F57EED07DB70671FC7
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 767AF984C032C426B234EE6D5FA94BEA
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0CE13B0B0E109CB8DCB3C99F616C9661
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1635573496177
Frame ID: 97027AA369CA2385D2658DB0E04898C0
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: 0E7AAFACF8F0F15E6414463A9450A4B9
Requests: 12 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: 57CA17BDCAD0E393C0E3E9EE7157BBEB
Requests: 12 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 41A4C2547234ADE62E408DF7E9D2CEE2
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: DDBDAE4B812C2DF1D8C7B4249C856863
Requests: 3 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: 52AD1C83CB2AF126DFE6F9AF498688B9
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: DFE6E0647743346EB2A773207F9F236B
Requests: 12 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: A1007C9794352F9416F2ECCE26C46679
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 4C2D617993F4653C61EEA6050A26F30A
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: F161CB09FFAC5B936FF3241B0CF51465
Requests: 12 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: AC8794CE21423ED4FFA45C30756D11E9
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F701234797C92302F29E33C9C9D4C0DB
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 35AD9A1F08803AD9F3E9868EB4933132
Requests: 3 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: BFE6944916AA9F048A07ADFFE659A5C3
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: 4BE7ED4FD6F9749C0FB91A1450206393
Requests: 2 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: D449C42710EBE1A208ADE575592E9E69
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: B42B22298736130C7F5A23294FED73E3
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: D8CB11AB5036048DB8C65B9ED406DBCB
Requests: 2 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=05273810-3907-512f-8ea2-2fa6efdef15e&CACHEBUSTER=71237
Frame ID: 3B722AE7F28AB6F6DDDD3BE53E46072C
Requests: 7 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1
Frame ID: 53B710AC14DB6F4F201147669D3D7ED1
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 7B6581CE6B3291599E0802704D138DDC
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 8D50AA085825FEE1C3433600ADEDF85B
Requests: 14 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 21C407AF1F9850240365BDDF5F48A401
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: B8F49074CEECD5980282CE70660BC5A3
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 7CEF77BEC930F1EEA96479A4E0DACE69
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 5A9C089DD5474A2E5A3932F2E402FDEE
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: BCBAD2900A2348640593F66F08806187
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 6A1B1FE2AC9A3C295AC539D97A049A2E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 57BCDD8818037420640C0A476EA8CA04
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: A821475E8CCB27368FE20FF2A3DCCBAA
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 4F0596F138BEBEBA8A745D4056BD058B
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 525D30ED6F918BA06CCBC645D6C44FE1
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 497D5CDD0814CCDB5C06D5AFE978E0C9
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Frame ID: 6B19D7950F234FDDEAB54BA39D8F2137
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 98559F0E4262AEE1132F6E88D33E6D4C
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 190BDDDB948EA6C361E9F76A9D4FE1E2
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: E266F28FA1649A31474788F5AD76C42E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 75C42055D32DD2C227E411F2D6184D89
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: C3539818BA3C416EBB01D47FD7D8E4F9
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: CAD60EAE4EC071A42D5F17E721F79A72
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=ADF93C57-F871-4579-9A73-551DAC73099F
Frame ID: 6DF94F023FCD646FF75DD9172B8A52E9
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2102099676820377009
Frame ID: A4DB6425516C993CEE95705F2C0D8C41
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: F6151A831DBB64D8C06EC52D08F74B57
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=ADF93C57-F871-4579-9A73-551DAC73099F
Frame ID: EF7FC5B8050994CC1DFBD3B35C3DCAF3
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 00DF5FE9F6C965D32A60F05DCC915F63
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: 845E64AE498B60223507AD48E6BF5144
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=thetruedefender.com
Frame ID: 0F170C094FD597757E59544700DABF22
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Durham Targets Obama And Hillary | Children Crimes | $2.3 Billion Tax Fraud| 650,000 Clinton Emails! - The True Defender !

Page Statistics

475
Requests

79 %
HTTPS

0 %
IPv6

92
Domains

137
Subdomains

95
IPs

15
Countries

7277 kB
Transfer

15521 kB
Size

116
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://rumble.com/c/ConservativeMedia
Title: Rumble

Search URL Search Domain Scan URL

URL: https://t.me/TheTrueDefender
Title: Telegram

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails%21&url=https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/&title=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails%21
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.tumblr.com/share/link?url=https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/&name=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails%21
Title: Tumblr

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/&description=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails%21&media=https://i0.wp.com/thetruedefender.com/wp-content/uploads/2021/10/trump_russia_probe_prosecutor_08539.jpg_2021.10.21-2021.i.1634865728.4-scaled.jpg?fit=2560%2C2129&ssl=1
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://reddit.com/submit?url=https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/&title=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails%21
Title: Reddit

Search URL Search Domain Scan URL

URL: https://vk.com/share.php?url=https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Title: VKontakte

Search URL Search Domain Scan URL

URL: https://connect.ok.ru/dk?st.cmd=WidgetSharePreview&st.shareUrl=https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/&description=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails%21&media=https://i0.wp.com/thetruedefender.com/wp-content/uploads/2021/10/trump_russia_probe_prosecutor_08539.jpg_2021.10.21-2021.i.1634865728.4-scaled.jpg?fit=2560%2C2129&ssl=1
Title: Odnoklassniki

Search URL Search Domain Scan URL

URL: https://getpocket.com/save?title=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails%21&url=https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Title: Pocket

Search URL Search Domain Scan URL

URL: https://rumble.com/vob4aj-durham-probe-targets-obama-and-hillary-crimes-against-children-2.5b-tax-fra.html
Title: Rumble

Search URL Search Domain Scan URL

URL: https://beforeitsnews.com/alternative/2021/10/durham-probe-targets-obama-hillary-crimes-against-children-2-5b-tax-fraud-650000-more-emails-3760658.html
Title: Before It's News

Search URL Search Domain Scan URL

URL: https://www.bitchute.com/video/vfV71S3H1YRi/
Title: Bitchute

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails%21%20https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?url=https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/&text=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails%21
Title: Telegram

Search URL Search Domain Scan URL

URL: https://lockerdome.com/roi
Title: Promoted

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 138

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

Request Chain 240

https://ad.ad-srv.net/request.php?zone=8wexqd9dxefc&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2756101783079717862%26mt_id%3D7515751%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D39%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd0fa617c-def9-4401-bbac-ac4b0129ed38%26mt_cid%3Dd0fa617c-def9-4401-bbac-ac4b0129ed38%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_2756101783079717862&random=2756101783079717862&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:sas&extVar[]=MM_DOM_RTB:thetruedefender.com&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&documentReferer=https%3A%2F%2Fthetruedefender.com%2Fdurham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails%2F&ancestorOrigins=https%3A%2F%2Fthetruedefender.com%2Chttps%3A%2F%2Fthetruedefender.com HTTP 302
https://ad.ad-srv.net/request.php?zone=8wexqd9dxefc&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2756101783079717862%26mt_id%3D7515751%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D39%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd0fa617c-def9-4401-bbac-ac4b0129ed38%26mt_cid%3Dd0fa617c-def9-4401-bbac-ac4b0129ed38%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_2756101783079717862&random=2756101783079717862&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:sas&extVar[]=MM_DOM_RTB:thetruedefender.com&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&documentReferer=https%3A%2F%2Fthetruedefender.com%2Fdurham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails%2F&ancestorOrigins=https%3A%2F%2Fthetruedefender.com%2Chttps%3A%2F%2Fthetruedefender.com&uidRedirect=1

Request Chain 258

https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=9bda091792derQTbIfj57zqhZIENdE85NeW24OhUOoIQJooIfRoLf3ktDy6YTRPOAQh7EkcctjOtPTpqTV9SbNXYRc7U16sfY8AIibEW_MT8B_62W6vxBIycaXYUoZXm1TifNWhIO6HyxbTCw3fA4diogBm1dh4uL-TZNCqaKb3A_EZHGy0HbgIJ2z8rCGjW27uve045y-CEZRwNXR8wATNr&subid=61411000026638401319921011763020&redirectClick=https%3A%2F%2Fad20.ad-srv.net%2Fc%2Fpzfnpzvdzzelva7%3Ftprde%3D HTTP 302
https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=9bda091792derQTbIfj57zqhZIENdE85NeW24OhUOoIQJooIfRoLf3ktDy6YTRPOAQh7EkcctjOtPTpqTV9SbNXYRc7U16sfY8AIibEW_MT8B_62W6vxBIycaXYUoZXm1TifNWhIO6HyxbTCw3fA4diogBm1dh4uL-TZNCqaKb3A_EZHGy0HbgIJ2z8rCGjW27uve045y-CEZRwNXR8wATNr&subid=61411000026638401319921011763020&redirectClick=https%3A%2F%2Fad20.ad-srv.net%2Fc%2Fpzfnpzvdzzelva7%3Ftprde%3D&uidRedirect=1

Request Chain 263

https://www.awin1.com/cshow.php?s=2519508&v=14098&q=379082&r=559379&pv=0&pref1=85361200026638601649445011763020 HTTP 302
https://media.kaspersky.com/de/affiliates/evergreen-kis-728x90.jpg

Request Chain 311

https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7024734688416168083&gdpr=0&gdpr_consent=

Request Chain 312

https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=7581706081706848258&gdpr=0&gdpr_consent=

Request Chain 313

https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=smartadserver&ssp_user_id=9c9c2e49-33c4-46be-bb00-a6d9fd376ff3 HTTP 302
https://x.bidswitch.net/sync?dsp_id=74&&user_id=171316728&expires=5&ssp=smartadserver HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=9c9c2e49-33c4-46be-bb00-a6d9fd376ff3&gdpr=&gdpr_consent=

Request Chain 315

https://ad.turn.com/r/cs?pid=33&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D32%26partneruserid%3D%23USER_ID%23%26gdpr%3D%23GDPR_APPLICABLE%23%26gdpr_consent%3D%23GDPR_CONSENT%23&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=3386979819021929186&gdpr=0&gdpr_consent=

Request Chain 316

https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=9849d599-7672-4cdb-911d-30d0a8b48f32&gdpr=0&gdpr_consent=

Request Chain 321

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=9c9c2e49-33c4-46be-bb00-a6d9fd376ff3 HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=9c9c2e49-33c4-46be-bb00-a6d9fd376ff3 HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=651ccceb-894b-4ac7-a232-95287507d24b&user_group=1&ssp=between&bsw_param=9c9c2e49-33c4-46be-bb00-a6d9fd376ff3 HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=9c9c2e49-33c4-46be-bb00-a6d9fd376ff3

Request Chain 322

https://px.adhigh.net/p/cm/btw HTTP 302
https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=u6YlKYse1sJL.AikABlF8z8cHJQ

Request Chain 323

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true HTTP 307
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=00f11824b2f43c58da75d87e

Request Chain 324

https://sync.bumlam.com/?src=bw1&uid=05273810-3907-512f-8ea2-2fa6efdef15e HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABj7vfOLBlIFvp7KygpiJDA1MjczODEwLTM5MDctNTEyZi04ZWEyLTJmYTZlZmRlZjE1ZQ** HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARj7vfOLBlIFvp7KygpiJDA1MjczODEwLTM5MDctNTEyZi04ZWEyLTJmYTZlZmRlZjE1ZaIBEGIE4oA5RhHspukAJZDIJDc* HTTP 302
https://sync.bumlam.com/?src=bw1&s_data=CAIQABj7vfOLBmIkMDUyNzM4MTAtMzkwNy01MTJmLThlYTItMmZhNmVmZGVmMTVlogEQYgTigDlGEeym6QAlkMgkNw** HTTP 302
https://sync.bumlam.com/?src=bw1&s_data=CAIQARj7vfOLBmIkMDUyNzM4MTAtMzkwNy01MTJmLThlYTItMmZhNmVmZGVmMTVlogEQYgTigDlGEeym6QAlkMgkNw** HTTP 302
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=6204e280-3946-11ec-a6e9-002590c82437

Request Chain 333

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-7KF9w1FE2uFvl1GEgrteLiVcxcFcBPIdghO3XYY-~A

Request Chain 334

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7581706081706848258

Request Chain 335

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=8ae8c595-5c8a-46a9-b906-96a45361c0f0

Request Chain 337

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP621e0066-3946-11ec-a15c-06bbc839886a HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP621e0066-3946-11ec-a15c-06bbc839886a

Request Chain 338

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7581706081706848258

Request Chain 339

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=052c04cc-c9a2-4dee-9b97-c08ab894e4a7

Request Chain 340

https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8062024603 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8062024603 HTTP 302
https://sync.1rx.io/usersync/tradedesk/c0b79904-fedc-4723-9ff4-f9e478218089 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-9d6a8df4-d643-4ab5-a7d1-4700038f2d1a-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-9d6a8df4-d643-4ab5-a7d1-4700038f2d1a-003 HTTP 302
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-9d6a8df4-d643-4ab5-a7d1-4700038f2d1a-003

Request Chain 341

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=2d3f95075ce6aafc9bf18845

Request Chain 342

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

Request Chain 343

https://cs.lkqd.net/cs?partnerId=758&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dlkqd-desktop%26uid%3D%24%24userId%24%24 HTTP 302
https://sync.quantumdex.io/setuid?bidder=lkqd-desktop&uid=ejUYM_nRIxs

Request Chain 344

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=ea4baf77-3061-41c3-8adb-1ff961365ef5

Request Chain 346

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7581706081706848258

Request Chain 347

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP621e0066-3946-11ec-a15c-06bbc839886a HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP621e0066-3946-11ec-a15c-06bbc839886a

Request Chain 348

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7581706081706848258

Request Chain 349

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-7KF9w1FE2uFvl1GEgrteLiVcxcFcBPIdghO3XYY-~A

Request Chain 350

https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8718208411 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8718208411 HTTP 302
https://sync.1rx.io/usersync/tradedesk/c0b79904-fedc-4723-9ff4-f9e478218089 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-9d6a8df4-d643-4ab5-a7d1-4700038f2d1a-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-9d6a8df4-d643-4ab5-a7d1-4700038f2d1a-003 HTTP 302
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-9d6a8df4-d643-4ab5-a7d1-4700038f2d1a-003

Request Chain 351

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=47eb33e6-fd92-4bb1-9223-f0023ad4cfdd

Request Chain 352

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=2d3f95075ce6aafc9bf18845

Request Chain 353

https://cs.lkqd.net/cs?partnerId=758&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dlkqd-desktop%26uid%3D%24%24userId%24%24 HTTP 302
https://sync.quantumdex.io/setuid?bidder=lkqd-desktop&uid=elfoaO2L0u8

Request Chain 355

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=2d3f95075ce6aafc9bf18845

Request Chain 356

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

Request Chain 357

https://cs.lkqd.net/cs?partnerId=758&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dlkqd-desktop%26uid%3D%24%24userId%24%24 HTTP 302
https://sync.quantumdex.io/setuid?bidder=lkqd-desktop&uid=eejpOywuwvM

Request Chain 358

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7581706081706848258

Request Chain 359

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-7KF9w1FE2uFvl1GEgrteLiVcxcFcBPIdghO3XYY-~A

Request Chain 360

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=dd25c8ad-1cae-4fca-a5bc-80eb6bd175c8

Request Chain 362

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP621e0066-3946-11ec-a15c-06bbc839886a HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP621e0066-3946-11ec-a15c-06bbc839886a

Request Chain 363

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7581706081706848258

Request Chain 364

https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1954166093 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1954166093 HTTP 302
https://sync.1rx.io/usersync/tradedesk/45522983-0872-4887-9a8c-ea2d4f2986f4 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-9d6a8df4-d643-4ab5-a7d1-4700038f2d1a-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-9d6a8df4-d643-4ab5-a7d1-4700038f2d1a-003 HTTP 302
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-9d6a8df4-d643-4ab5-a7d1-4700038f2d1a-003

Request Chain 365

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=052c04cc-c9a2-4dee-9b97-c08ab894e4a7

Request Chain 366

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7581706081706848258

Request Chain 367

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=2d3f95075ce6aafc9bf18845

Request Chain 368

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

Request Chain 369

https://cs.lkqd.net/cs?partnerId=758&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dlkqd-desktop%26uid%3D%24%24userId%24%24 HTTP 302
https://sync.quantumdex.io/setuid?bidder=lkqd-desktop&uid=edUvPTL6Oi0

Request Chain 370

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-7KF9w1FE2uFvl1GEgrteLiVcxcFcBPIdghO3XYY-~A

Request Chain 372

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=26d06a2b-bd05-4e9a-805e-b05dafc6cdb9

Request Chain 373

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP621e0066-3946-11ec-a15c-06bbc839886a HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP621e0066-3946-11ec-a15c-06bbc839886a

Request Chain 374

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7581706081706848258

Request Chain 375

https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7668164328 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7668164328 HTTP 302
https://sync.1rx.io/usersync/tradedesk/c0b79904-fedc-4723-9ff4-f9e478218089 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-9d6a8df4-d643-4ab5-a7d1-4700038f2d1a-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-9d6a8df4-d643-4ab5-a7d1-4700038f2d1a-003 HTTP 302
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-9d6a8df4-d643-4ab5-a7d1-4700038f2d1a-003

Request Chain 376

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=052c04cc-c9a2-4dee-9b97-c08ab894e4a7

Request Chain 377

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 382

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 386

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 390

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Request Chain 394

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7581706081706848258

Request Chain 395

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=2d3f95075ce6aafc9bf18845

Request Chain 397

https://cs.lkqd.net/cs?partnerId=758&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dlkqd-desktop%26uid%3D%24%24userId%24%24 HTTP 302
https://sync.quantumdex.io/setuid?bidder=lkqd-desktop&uid=efiCbDnI2Bc

Request Chain 398

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-7KF9w1FE2uFvl1GEgrteLiVcxcFcBPIdghO3XYY-~A

Request Chain 399

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=dd25c8ad-1cae-4fca-a5bc-80eb6bd175c8

Request Chain 401

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP621e0066-3946-11ec-a15c-06bbc839886a HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP621e0066-3946-11ec-a15c-06bbc839886a

Request Chain 402

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7581706081706848258

Request Chain 403

https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2660743608 HTTP 302
https://sync.1rx.io/usersync/tradedesk/c0b79904-fedc-4723-9ff4-f9e478218089 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-9d6a8df4-d643-4ab5-a7d1-4700038f2d1a-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-9d6a8df4-d643-4ab5-a7d1-4700038f2d1a-003 HTTP 302
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-9d6a8df4-d643-4ab5-a7d1-4700038f2d1a-003

Request Chain 404

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=052c04cc-c9a2-4dee-9b97-c08ab894e4a7

Request Chain 405

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YXze.wIPxzqelYpfuJquhQAA HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YXze.wIPxzqelYpfuJquhQAA&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJ2G6hLaWS5LRekIujW9UOQ&google_cver=1&gdpr=1&google_hm=2

Request Chain 407

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YXze-wIPxzqelYpfuJqugwAABHYAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YXze-wIPxzqelYpfuJqugwAABHYAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECiYxX89rGJFzkJTiRF64ys&google_cver=1

Request Chain 408

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXze-wIPxzqelYpfuJqugwAABHYAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXze-wIPxzqelYpfuJqugwAABHYAAAAB&dcc=t

Request Chain 411

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

Request Chain 414

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YXze-wIPxzqelYpfuJquhQAABJQAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YXze-wIPxzqelYpfuJquhQAABJQAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEB5DgiojUslYFbIAHBUM1I0&google_cver=1

Request Chain 415

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXze-wIPxzqelYpfuJquhQAABJQAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXze-wIPxzqelYpfuJquhQAABJQAAAAB&dcc=t

Request Chain 416

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YXze.wIPxzqelYpfuJquhQAA HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YXze.wIPxzqelYpfuJquhQAA&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMwampk7HfEdyCNCIHrd0GM&google_cver=1&gdpr=1&google_hm=2

Request Chain 420

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YXze_wAAuZGL-QBG HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YXze_wAAuZGL-QBG&gdpr=1&_test=YXze_wAAuZGL-QBG

Request Chain 421

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=BmlUo01I1MGHnJ5&gdpr=1

Request Chain 424

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YXze.wIPxzqelYpfuJquhQAA HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YXze.wIPxzqelYpfuJquhQAA&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIi_eaX9ZKvjnaxblM9LwHI&google_cver=1&gdpr=1&google_hm=2

Request Chain 425

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXze-wIPxzqelYpfuJquhQAABJQAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXze-wIPxzqelYpfuJquhQAABJQAAAAB&dcc=t

Request Chain 426

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YXze-wIPxzqelYpfuJquhQAABJQAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YXze-wIPxzqelYpfuJquhQAABJQAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENJYE3y_3t3-HQdpLu2eLc8&google_cver=1

Request Chain 427

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
https://um.simpli.fi/no_match_opted_out

Request Chain 430

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YXze_wAAs8eNLgAz

Request Chain 433

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YXze.wIPxzqelYpfuJquhQAA HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YXze.wIPxzqelYpfuJquhQAA&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGFxJWjCAmBx-nzTWikPuSg&google_cver=1&gdpr=1&google_hm=2

Request Chain 434

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXze-wIPxzqelYpfuJquhQAABJQAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXze-wIPxzqelYpfuJquhQAABJQAAAAB&dcc=t

Request Chain 435

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YXze-wIPxzqelYpfuJquhQAABJQAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YXze-wIPxzqelYpfuJquhQAABJQAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKXvkBQJA4KTOHjg4_7bdWo&google_cver=1

Request Chain 437

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1 HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=b2a83282-9c70-edb9-8500d790

Request Chain 438

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YXze_wAAs8aNKgAz HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YXze_wAAs8aNKgAz&gdpr=1&_test=YXze_wAAs8aNKgAz

Request Chain 439

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

Request Chain 445

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=between&bsw_custom_parameter=9c9c2e49-33c4-46be-bb00-a6d9fd376ff3 HTTP 302
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=between&expires=10&bsw_param=9c9c2e49-33c4-46be-bb00-a6d9fd376ff3 HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=9c9c2e49-33c4-46be-bb00-a6d9fd376ff3

Request Chain 446

https://c1.adform.net/serving/cookie/match?party=14&cid=ADF93C57-F871-4579-9A73-551DAC73099F HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=ADF93C57-F871-4579-9A73-551DAC73099F

Request Chain 447

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2102099676820377009

Request Chain 448

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 450

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rfk8V_hxRXmac1UdrHMJnw%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rfk8V_hxRXmac1UdrHMJnw%3D%3D&google_tc= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 451

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d0fa617c-def9-4401-bbac-ac4b0129ed38

Request Chain 452

https://pixel.onaudience.com/?partner=214&mapped=ADF93C57-F871-4579-9A73-551DAC73099F HTTP 302
https://pixel.onaudience.com/?partner=236&icm&cver&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m HTTP 302
https://ps.eyeota.net/pixel?gdpr=&gdpr_consent=&pid=3b2cb90&t=gif&uid=6e19d18acf6952da HTTP 302
https://ps.eyeota.net/pixel/bounce/?gdpr=&gdpr_consent=&pid=3b2cb90&t=gif&uid=6e19d18acf6952da HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MkRpVjVrSDR6RjJZeWJxVzN1Znp3NWV6SUY0bGZFRkZueTBNMGd6eUxVOEk&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=3b2cb90&referrer_pid=3b2cb90&google_gid=CAESEMelwnRiEF1BkeBI8jgO1Qk&google_cver=1 HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=3386979819021929186&newuser=1&dc_rc=2&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%3D3b2cb90 HTTP 302
https://ps.eyeota.net/match?bid=7vi0rg0&uid=d0fa617c-def9-4401-bbac-ac4b0129ed38&dc_rc=3&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%3D3b2cb90 HTTP 302
https://ps.eyeota.net/match?uid=YXze_wAAuZGL-QBG&bid=0rijhbu&dc_rc=4&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1 HTTP 302
https://ps.eyeota.net/match?uid=c0b79904-fedc-4723-9ff4-f9e478218089&bid=1e2n4ou

Request Chain 453

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QURGOTNDNTctRjg3MS00NTc5LTlBNzMtNTUxREFDNzMwOTlG&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QURGOTNDNTctRjg3MS00NTc5LTlBNzMtNTUxREFDNzMwOTlG&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 454

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMOA9fGx9lp6vvCqgsdSAtg&google_cver=1

Request Chain 456

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d0fa617c-def9-4401-bbac-ac4b0129ed38&gdpr=0&gdpr_consent=

Request Chain 457

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c0b79904-fedc-4723-9ff4-f9e478218089

Request Chain 458

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=862498899543868534

Request Chain 459

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7581706081706848258&gdpr=0&gdpr_consent=

Request Chain 460

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=TDXP_h5hnv9XZ5mqHGLV_E43nqlXNpn-STagiXzg

Request Chain 463

https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1 HTTP 303
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAMypk7C-b4AAByF9n5Wig&expiration=1636783099&gdpr=1

Request Chain 464

https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3386979819021929186

Request Chain 465

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1

Request Chain 466

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1635659899&gdpr=1

Request Chain 467

https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=46eb4eec-d546-4d8e-857e-00cfd3b34257&expiration=1667109500

Request Chain 468

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1638165499

Request Chain 470

https://sync.bumlam.com/?src=aid0 HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=6204e280-3946-11ec-a6e9-002590c82437 HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=6204e280-3946-11ec-a6e9-002590c82437&bounce=1 HTTP 302
https://sync.bumlam.com/?src=aid1&uid=7nCY9NJEowbqThOf6ZMioQ&

Request Chain 471

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

Request Chain 474

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/71237 HTTP 302
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/71237

Request Chain 480

https://x.bidswitch.net/sync?dsp_id=429&user_id=05273810-3907-512f-8ea2-2fa6efdef15e&expires=60 HTTP 302
https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=9c9c2e49-33c4-46be-bb00-a6d9fd376ff3&name=BIDSWITCH HTTP 307
https://visitor-usa02.omnitagjs.com/visitor/sync?name=BIDSWITCH&uid=2a62ca3297af454b8f19eb7922ed945f&visitor=9c9c2e49-33c4-46be-bb00-a6d9fd376ff3

Request Chain 482

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F05273810-3907-512f-8ea2-2fa6efdef15e HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/05273810-3907-512f-8ea2-2fa6efdef15e HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/05273810-3907-512f-8ea2-2fa6efdef15e?redir-setuniq=1

475 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/ 221 KB
28 KB 789ms
741ms Document
text/html 104.26.9.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698e63451f828f97957e480c923bb8634a39ceb8c541f728b94cd9c9a454a99f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 30 Oct 2021 05:58:15 GMT
content-type: text/html; charset=UTF-8
cf-ray: 6a6269272840750d-LHR
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://thetruedefender.com/wp-json/>; rel="https://api.w.org/", <https://thetruedefender.com/wp-json/wp/v2/posts/34079>; rel="alternate"; type="application/json", <https://thetruedefender.com/?p=34079>; rel=shortlink
vary: Accept-Encoding,User-Agent
cf-cache-status: BYPASS
cf-apo-via: origin,no-cache
cf-edge-cache: cache,platform=wordpress
cf-railgun: direct (starting new WAN connection)
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pragma: no-cache
x-pingback: https://thetruedefender.com/xmlrpc.php
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yEg%2B%2BTnrKskOSem7vD9BHPqW7%2FR59OCslFKZy50e1hWMuK3%2BRDYmDw5lK0Hhs3FIfVtDenzqbrZAMdwD9Q05XEkNAdhnPBRZKFv112cwm7gpP6tS%2BjxPkqoc7gegZWy4UxeSYd0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br

GET
H2 200 f8ec1629-32c3-44fb-be24-9764b22efcd2.min.js Show response
cmp.optad360.io/items/ 2 B
357 B 76ms
28ms Script
application/javascript 143.204.98.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.optad360.io/items/f8ec1629-32c3-44fb-be24-9764b22efcd2.min.js
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-119.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
last-modified: Thu, 28 Oct 2021 09:48:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "99914b932bd37a50b983c5e7c90ae93b"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
content-length: 2
x-amz-cf-id: 5mOOgxDpQ7E_9biso6dSCETHLdKtKTjpei3SzVqQPtlZmgqBXn4h6A==

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/ab4db02e-f004-4923-8d56-ed722ad49704/ 384 KB
89 KB 44ms
9ms Script
application/javascript 18.66.139.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/ab4db02e-f004-4923-8d56-ed722ad49704/plugin.min.js
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b27e0fd58dabc8c58c7944cfda0a7fcdefcab27547fbe4d939b27d93af483ca2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:06:52 GMT
content-encoding: gzip
last-modified: Fri, 29 Oct 2021 09:22:37 GMT
server: AmazonS3
age: 3084
etag: W/"274e65d5213db929459b72fc2944ec63"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: _Qli19kn8ywq8pDZyr_DJT1QiO0B7mZ7DZ_5NMJrguVNqh6E7aESmg==

GET
H2 200 this.png
thetruedefender.com/wp-content/uploads/2021/01/ 19 KB
19 KB 22ms
21ms Image
image/png 104.26.9.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thetruedefender.com/wp-content/uploads/2021/01/this.png
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efd9e824a1e4ebcc1191decc082d4718bc50ca3ac692bb9529753d4cc97c5ecc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4051
cf-polished: origSize=21749
content-length: 19502
last-modified: Tue, 05 Jan 2021 23:49:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QGLq1HAp2sIpsocDNetXafi9zTdZ5yaxMIckkc950Cpvsa03bzTrvjGAYgpgMOxSttNgkKPuYzh9liv5e7Q%2FSHmswpZhXibmFWNdBCc6COmLog8zLRMCJBV11bUwE9sxT89seIY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6a62692c7bad750d-LHR
cf-bgj: imgq:100,h2pri

GET
H2 200 trump_russia_probe_prosecutor_08539.jpg_2021.10.21-2021.i.1634865728.4-scaled.jpg
i0.wp.com/thetruedefender.com/wp-content/uploads/2021/10/ 31 KB
31 KB 22ms
7ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/thetruedefender.com/wp-content/uploads/2021/10/trump_russia_probe_prosecutor_08539.jpg_2021.10.21-2021.i.1634865728.4-scaled.jpg?resize=780%2C470&ssl=1

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

700b4593fb1403c22602ab898bcebdd6fc3ff0c80131ed0c5432d0e78e8f1d8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Sat, 30 Oct 2021 05:58:15 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Oct 2021 11:50:24 GMT
server: nginx
etag: "0d42b7e3c66e4d59"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://thetruedefender.com/wp-content/uploads/2021/10/trump_russia_probe_prosecutor_08539.jpg_2021.10.21-2021.i.1634865728.4-scaled.jpg>; rel="canonical"
content-length: 31684
expires: Sat, 28 Oct 2023 23:50:24 GMT

GET
H2 200 tielabs-fonticon.woff
thetruedefender.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/ 40 KB
40 KB 23ms
21ms Font
font/woff 104.26.9.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82649ad7d4ec9c61f1e525b2dade75153ffb03610b88d22e1ba3ba98fd55de81

Request headers

Referer: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Origin: https://thetruedefender.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:15 GMT
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 4051
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EkJyXTfrEttOXbIJIgFdUF5lRNDLXx%2B5Jjqn0glR0n6WjUqpSXz%2FboDJk6kPJ576E3kra%2FAofv3I3bxIDwGwHbSv%2B1JkddMohd7D0oe%2BI1GjAFZx1TDQEV4x7WdOOvM7lYY3O7o%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a62692beb50750d-LHR

GET
H2 200 fa-solid-900.woff2
thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/ 78 KB
78 KB 40ms
37ms Font
font/woff2 104.26.9.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-solid-900.woff2
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Request headers

Referer: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Origin: https://thetruedefender.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:15 GMT
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 4051
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Ff9Gd4Yf8Gwu8J4aWjSnoWkrclSFowf%2BrGt1f8PcluptP0XEjnqwpLc0g5%2Fs3bLuqaFqwdaLyiaeGG%2FtKHKV9HBcfAYlwTyIzbWRm%2Bpwp6g%2FJLqYzqrugKdXDITccGPTD9dlRgE%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a62692beb51750d-LHR

GET
H2 200 fa-brands-400.woff2
thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/ 75 KB
75 KB 23ms
21ms Font
font/woff2 104.26.9.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-brands-400.woff2
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29

Request headers

Referer: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Origin: https://thetruedefender.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:15 GMT
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 4051
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wqbQfIfUgkT3Yd55OMVLlLxCZinvS82Tgh9p%2B8cYZpauJ84flZUrjSThAot80HthEfx33HtzlTEU1mZb8UOzvxcO3YrUw1PgMklA3po0LpjU3xx0iqXSfHZYW7EXj%2FKB9isa5bQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a62692beb52750d-LHR

GET
H2 200 fa-regular-400.woff2
thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/ 13 KB
14 KB 41ms
39ms Font
font/woff2 104.26.9.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/fonts/fontawesome/fa-regular-400.woff2
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65

Request headers

Referer: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Origin: https://thetruedefender.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:15 GMT
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 4051
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cr0Gx1EEwut7O48N0CPwHtyrCKryduneI4rM56W6xlkcAIOc47HavqXTYiNtR9AQRgASdDNbvbYf4ltsnQ9chg%2BGt23MFzBosrJl%2BHSPfTq1rgYQp5N8BQVJx%2BZudkk0t2b%2FIP4%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a62692beb54750d-LHR

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 65ms
28ms Script
application/javascript 142.250.185.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-186892928-1

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4125108a748bfd0915b6f9ad0d1839294fca7ea1e5d0ea7754ab9fa54c8e9bfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35786
x-xss-protection: 0
last-modified: Sat, 30 Oct 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 30 Oct 2021 05:58:15 GMT

GET
H2 200 frontend.min.css
thetruedefender.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/css/ 7 KB
1 KB 40ms
37ms Stylesheet
text/css 104.26.9.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/css/frontend.min.css?ver=6.6.2
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7145e35459692778d48ee4720e0897425811356b8e60ecdf87decaa8db0fdd6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Mar 2021 22:03:52 GMT
server: cloudflare
age: 4051
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NHCSrGUeAj%2FWeDifAIJBcwq9GZOmlovoaBa4iCrfKcmQNryU8ORWeDWXiDvJk7Te44zJFRKabp%2B8r9Mks1%2FROgJNaH687Uv3T07oYNrZbRuMVCNknUKiZzz%2FYWcJEEt39i3nvzo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a62692beb55750d-LHR

GET
H2 200 base.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 41 KB
9 KB 41ms
39ms Stylesheet
text/css 104.26.9.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/css/base.min.css?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae68d7418f7820c7267d6dc0ec4f3f0935d15e965d5dfd0730ee15265cb932e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 4051
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TA%2BJuN%2B1gBfJEXfGYx%2FN1hmo%2F6wU8hnrqh7lUOAPHY%2F9nYpOLnGydCCF3I8aYRusiSEgN%2BRF4QlWeeoqQDu64qOf4EaXzvV6a10APCWwJ6apGEvjp%2F4NYa%2BVYh9f2PoAKq8%2BqB4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a62692beb56750d-LHR

GET
H2 200 style.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 171 KB
30 KB 41ms
39ms Stylesheet
text/css 104.26.9.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/css/style.min.css?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4e54900492e7fa37b1da9dfb701b52ce20eb8709219e48f9db66b9fd547c429

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 4051
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2FJUB4rJHVfPF2XOGITlup3tBLhXPBu1chOBdVjW3Kk81iRP2%2FiJAKt3u8dj8MAv1jHbJi%2BFfRbGy3Ff70vHPLDv8LaQzeQdSFAc1UC9Nc6NtzeGmpBiaYPCmlCPcRp%2BQDAg6Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a62692beb57750d-LHR

GET
H2 200 widgets.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 53 KB
10 KB 41ms
39ms Stylesheet
text/css 104.26.9.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/css/widgets.min.css?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 300c2a57d0ed169063b3daaff0550227cf8be6e702a58ab79f40a351df655243

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 4051
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fnx2dgA%2FhFMk5cmO2NGDQ8kFLsmL041uWoSN8W9KQnbckyq9UoNP354d1v0D9RyUHOBtk3GXiD6bS8eVEQoxaE5JoyXy7l7R3aQdnfb5Z21gyR9j2omYU90GfH4Dx1%2BF3x78e1s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a62692beb58750d-LHR

GET
H2 200 helpers.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 15 KB
4 KB 39ms
38ms Stylesheet
text/css 104.26.9.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efd5ad608d8f3603b3eb9ca9f2c65ed45d7ca18acd0296fe5fc24b150eb4c4e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 4051
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BpFg%2FLSz%2BnD8556bDm5WSIiQN4wiarGEoOTY8ADFobuLbVhK5wPNdgOu2NvDbHGOaRXIY9YRbnMmgKSEJrDzfuyl65yzzCe5uBM30Fuv8VGeR2TlJjAW0uW3eJ09mlDlRHgrHN8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a62692beb59750d-LHR

GET
H2 200 fontawesome.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 57 KB
13 KB 39ms
38ms Stylesheet
text/css 104.26.9.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/css/fontawesome.css?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e994c6b869ce31ac6a8997cfcdaca22ac6c47f137ec735b2ac413e466b7ca0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 4051
cf-polished: origSize=58662
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WlmKo78NNKOrbDYX%2F65sAu5OJbj0FZn%2B%2FHocfnTczHEesawNM4TceuQwhqVmsYlNE9KI1u30EQxQMb0LlyCLEjGdDjZcAm1wvQnbCrbcjcNYJgo8xtwf1dZUoXHyXiXqb2%2BbUZk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a62692beb5a750d-LHR
cf-bgj: minify

GET
H2 200 skin.css
thetruedefender.com/wp-content/themes/jannah/assets/ilightbox/dark-skin/ 10 KB
2 KB 41ms
40ms Stylesheet
text/css 104.26.9.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/ilightbox/dark-skin/skin.css?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff17f08db808e813e0f3270329ce38e06376065502acddb467d39eea8d84d67c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 4051
cf-polished: origSize=12018
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ybwzvs%2BNFjdXGDYj%2F4M9k0ICNwhYjTeK00dbdYjCIsu4lZjmUE8h6TmxH1Se0zVOAx2peLCj5MT0MsHkY7al6VnsWPQRvvQwC63sVUYLZLnOPTMEpHIgZ9De7zIZ4BGi0O9S1hY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a62692c0b63750d-LHR
cf-bgj: minify

GET
H2 200 shortcodes.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/plugins/ 11 KB
3 KB 54ms
53ms Stylesheet
text/css 104.26.9.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/css/plugins/shortcodes.min.css?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf3b52f874aebd7cfc4c49cc840977ec1fa179df6026c7cbb23794a3ccbde172

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 4051
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2KWIt9qSliVk%2BBQRN%2BUqRusI8OjWznoHybpK3Zpi0wiuZjOfu3UkNyqHJ9LcqK5H4xmLXF4pwR4bILzyymSAEXMs8bfoDiHCjVGQG0JZy1HxZ1idYlp3A%2BXzYNYkD824F2Z0HvQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a62692c0b64750d-LHR

GET
H2 200 single.min.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 40 KB
8 KB 41ms
40ms Stylesheet
text/css 104.26.9.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/css/single.min.css?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5010764339d94d1fa6a5cc219dd0ab07cfca326a11e866768b80d6081773950

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 4051
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x4k0OVRziaF1FWe8LiLxkOo52KHmiNSpFocJ0CP8jzyBBqCsi9pNhsAfvNe61wUGEFd0qg81vjwgVPQweuwEsRAzSDf%2BVkLDrwikaqSEfmNFlHvfTzVidKpw3fSNpjAWYv2w2DU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a62692c0b65750d-LHR

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 50ms
14ms Script
text/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-186892928-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 7029
date: Sat, 30 Oct 2021 04:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 30 Oct 2021 06:01:06 GMT

GET
H2 200 wp-emoji-release.min.js Show response
thetruedefender.com/wp-includes/js/ 18 KB
5 KB 23ms
23ms Script
application/javascript 104.26.9.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 12:55:33 GMT
server: cloudflare
age: 4051
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V1uqPpJfJfjKGlSYRoR2O3GBkDF8n3%2FxDBbpnQx0MxjDvMuF7zn6k1l8Ja8ZclyUcnq1OM51I3%2FkhbEX%2BkDZZCbmUGMDEXcOyP62Y3qlImjWQ%2FFzUHtTFGdH5D24pNiBjg6g%2FLg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a62692cabd7750d-LHR

GET
H2 200 print.css
thetruedefender.com/wp-content/themes/jannah/assets/css/ 2 KB
1 KB 26ms
24ms Stylesheet
text/css 104.26.9.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/css/print.css?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1672b6adb575ab5321d426ebcca1e8b00217bfb2704fb41797f0dc91f5f5061

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 4051
cf-polished: origSize=2175
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5XIklfO5UWmVEg0bjAYWVT7MW5ocsKHml4QKwlyObHyhZYDplMp%2BMLV4aIniR2GVyRZ9N%2Fl%2FkFQMjet%2B4knEXXJv%2BLHIOq%2FnQSSW5gxkLEJbVN%2Bq2%2FXGJW3%2FM6oug38B0Afw76I%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a62692d0c34750d-LHR
cf-bgj: minify

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/9.5.3/css/ 75 KB
13 KB 21ms
6ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/9.5.3/css/jetpack.css

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

0b721ba64a02eb660eb62d1b6d7558ec8d86490c0e4444262b38ac5a54004e88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: br
last-modified: Tue, 23 Feb 2021 16:08:42 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sun, 30 Oct 2022 05:58:15 GMT

GET
H2 200 frontend-gtag.min.js Show response
thetruedefender.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/ 9 KB
3 KB 22ms
21ms Script
application/javascript 104.26.9.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=6.6.2
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a1fc524469c189ab3ef5bb0fd741d4ca4b9397535b88666e87b412fb78cb4f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Mar 2021 22:03:52 GMT
server: cloudflare
age: 4051
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ATaYW%2FKOG4KO7h0jMOMcYK6lW2Wp17YTe1Dj5h1y18di%2B793lY25TCmH8tcapQVCKnQkcDYZQbpkC1XHTepBIT2boZ6o7Xv6avMG3qts3xTsQpgBgb%2B3rWD73XyO3WthMhUFWKU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a62692cabd9750d-LHR

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/5.8.1/wp-includes/js/jquery/ 87 KB
30 KB 26ms
11ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.1/wp-includes/js/jquery/jquery.min.js

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: br
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sun, 30 Oct 2022 05:58:15 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/5.8.1/wp-includes/js/jquery/ 11 KB
4 KB 26ms
11ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.1/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sun, 30 Oct 2022 05:58:15 GMT

GET
H2 200 frontend.js Show response
thetruedefender.com/wp-content/plugins/fullworks-anti-spam-pro/frontend/js/ 439 B
599 B 24ms
23ms Script
application/javascript 104.26.9.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/plugins/fullworks-anti-spam-pro/frontend/js/frontend.js?ver=1.2.3
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c84b15475645a583ebcacf9dce3e2ac8ada4feacf3640b2ba60c9139dc9e382

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 07 Jun 2021 12:31:13 GMT
server: cloudflare
age: 4051
cf-polished: origSize=1539
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ABPNfZ6YOtG5D1I8tADk%2Fz%2Fa%2BbZui%2BLvxjLoKr6WzFJk%2FliaAeSosebw5%2FE0g1g1T5%2B4bqq1matdtjFk8%2B3RpmOZ3eViYYdUxgzpcFzrKKNhIo%2FVKwaxx98O86GUiUd1dMZvG44%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a62692cabdb750d-LHR
cf-bgj: minify

GET
H2 200 jquery.form.min.js Show response
c0.wp.com/c/5.8.1/wp-includes/js/jquery/ 16 KB
6 KB 26ms
11ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.1/wp-includes/js/jquery/jquery.form.min.js

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

7dcbd9ddb813cf06084d60b6158da5289b9e33ba3f9e7c463fd20e7ec8462014

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: br
last-modified: Thu, 18 Mar 2021 17:53:19 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sun, 30 Oct 2022 05:58:15 GMT

GET
H2 200 just-contact-form-ajax-script.js Show response
thetruedefender.com/wp-content/plugins/just-contact-form/js/ 388 B
621 B 22ms
21ms Script
application/javascript 104.26.9.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/plugins/just-contact-form/js/just-contact-form-ajax-script.js?ver=5.8.1
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae5df397c5c0dac0b9a5156343d18306f38b277664010be4121bd082f795131c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 22 Nov 2020 12:53:32 GMT
server: cloudflare
age: 4051
cf-polished: origSize=463
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bu%2FZqgDZZ5oWxjosIErApMmTd%2BxDkjtZ%2FYdkzwIXoehay483xKTYxIP7fjcilDKMFjUKPN9N1AAL%2FBEL1jCEGbzef%2FiRRzVhaV2%2FH%2FR%2BwbpOMMSUs%2FHq9z8TUrOXWNTTgje7I7c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a62692cabdf750d-LHR
cf-bgj: minify

GET
H2 200 / Show response
users.api.jeeng.com/users/domains/0Lvxx4MBY1/sdk/ 354 KB
120 KB 92ms
56ms Script
text/javascript 104.22.57.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://users.api.jeeng.com/users/domains/0Lvxx4MBY1/sdk/
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.57.174 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 95b90e9b9930aaf8f8fa2427cd89aad8ec9bcd99db52e5bc64877432c50b9487

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 3333
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: *
server: cloudflare
etag: W/"589e3-Y8e8ARBfGMvSqmk8tSRRorBOxgc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 3ffec0ecfde687fb371812ad42f5cfc2.cloudfront.net (CloudFront)
x-cloud-trace-context: bf19031bb93fda6b7dbbe5d8228b8846
cache-control: max-age=3600
x-amz-cf-pop: AMS1-C1
cf-ray: 6a62692d3e8d876a-DUS
x-amz-cf-id: oG2mEEViJ2fE7Lo6_LJrvPJf7X_VR1vpU3Uv_GJYbZRDo4l2qaP6ag==

GET
H2 200 email-decode.min.js Show response
thetruedefender.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 19ms
19ms Script
application/javascript 104.26.9.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thetruedefender.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.9.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 12:26:29 GMT
server: cloudflare
etag: W/"616eb975-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZHNS0UVU8ERcjtY6TN%2BHOVbLfeBfEEtnclt7XqdcjjrkSfWe5dWkTS2jeCsZHZOHZtFNxD4dfgRS1%2FU%2B72GgQf9haO84X9aUdm7Q1zFEY61kfa1ttmAw9CvB5UbveY5EekTrAOY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a62692cec16750d-LHR
vary: Accept-Encoding
expires: Mon, 01 Nov 2021 05:58:15 GMT

GET
H2 200 photon.min.js Show response
c0.wp.com/p/jetpack/9.5.3/_inc/build/photon/ 758 B
425 B 10ms
6ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/9.5.3/_inc/build/photon/photon.min.js

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: br
last-modified: Tue, 31 Mar 2020 17:26:38 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sun, 30 Oct 2022 05:58:15 GMT

GET
H2 200 comment_count.js Show response
thetruedefender.com/wp-content/plugins/disqus-comment-system/public/js/ 708 B
636 B 27ms
22ms Script
application/javascript 104.26.9.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 12:35:35 GMT
server: cloudflare
age: 4051
cf-polished: origSize=889
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2BgfJPZaLhn46FWfIXo2QSl%2BT%2FvSOM1D23EDIfrC5OBl4VVzjOMgLK7hejPMqrzpP2xpEvXDXawAUdrAbugyJkAdwTyv%2B1g65RDuGBtn3rPeGBPdFxjMNAso3%2BKAq7JnB94%2FuoM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a62692d0c28750d-LHR
cf-bgj: minify

GET
H2 200 comment_embed.js Show response
thetruedefender.com/wp-content/plugins/disqus-comment-system/public/js/ 878 B
649 B 26ms
21ms Script
application/javascript 104.26.9.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.22
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60631ed8f1dfa6713ff9e30fec41786aadc477c0cac5a75dca66b5a49f76b901

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 12:35:35 GMT
server: cloudflare
age: 4051
cf-polished: origSize=1232
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y8AlG2W3Ww7ujj5y%2BGDkl2Z0eVzzGoRWSdeg5CrbLxZcZ5zlEXeruV0QY1Ydd84j64aGX0Jvv79h4F5fil%2BTejxE9dj7AYX75diOIZOWRPLu3IW53ZVRqDC0vmNUfRILEZ2yJjE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a62692d0c29750d-LHR
cf-bgj: minify

GET
H2 200 6aee8e32-15aa-46b8-b94d-8d12cf53c25c.js Show response
clientcdn.pushengage.com/core/ 76 KB
19 KB 49ms
9ms Script
application/javascript 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://clientcdn.pushengage.com/core/6aee8e32-15aa-46b8-b94d-8d12cf53c25c.js?ver=5.8.1
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 80b5f56879cce5196b2c10bf238bd7e83df53c26ecf581637249d0ff8c28d770

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:56:28 GMT
content-encoding: gzip
server: nginx
age: 107
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=120
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 244Yu4WprSU-tlTSxRqFP4ixIc3rrHTKoPGp5Bi3RscO6h-V0888Rw==
via: 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)

GET
H2 200 intersectionobserver-polyfill.min.js Show response
thetruedefender.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/ 8 KB
3 KB 28ms
23ms Script
application/javascript 104.26.9.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/intersectionobserver-polyfill.min.js?ver=1.1.2
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88264adf3d3193fb56c229f0b92e2a6096770eb76996d1fedc95f5bcb208ccda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 03 Jun 2021 12:23:44 GMT
server: cloudflare
age: 4051
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7k0E%2FqurS8IwfuKbceAzIGEzs3mLRyD18C25McOwpMjqih3nVTUhtoiSerxfFH4BWWOpxjryTPAhKArdr953%2FXNgAB0THPjHQ1ooo4hwB%2FlxWWJrlyeSpQ9DU8dnn6SMofmH%2Bws%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a62692d0c2a750d-LHR

GET
H2 200 lazy-images.min.js Show response
thetruedefender.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/ 3 KB
2 KB 33ms
28ms Script
application/javascript 104.26.9.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/lazy-images.min.js?ver=1.1.2
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51e78e904c795ed5b0154a9995d1ab0b7e3667f5aede719bda86ba38236c5989

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 03 Jun 2021 12:23:44 GMT
server: cloudflare
age: 4051
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YjUgEzlpCcLM4aa8b%2FQ6Eh%2BiOnj7ZpBKTCr%2BfnBCK9kcNha8VDfrwql%2BuYtDhJsSt%2Baq1Onq9id6PUXJdv9YKGIXaDMalGdRZWgceO63pEtdYcuaXDP10gyu2CBzQdLFzPghUvA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a62692d0c2b750d-LHR

GET
H2 200 scripts.min.js Show response
thetruedefender.com/wp-content/themes/jannah/assets/js/ 22 KB
7 KB 32ms
27ms Script
application/javascript 104.26.9.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/js/scripts.min.js?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d90a92a7cfa091e8b08b8a24572b8c67d1aa35d4e2a9b09887cfb412acc3adfc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 4051
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hznqzT0J1IzHR71ZLCsuMZRGvbCchTGue3CCW7Zsk%2Fg3aN8AyCdCrPyBRehFoBLO8TiyHN8Spp0guBzL6OIf8e8d%2BTPQalb7YSUj%2B0E%2FFEjrVn4Jgz%2BOYX5uimMtMkUM9P2LQ%2FI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a62692d0c2c750d-LHR

GET
H2 200 lightbox.js Show response
thetruedefender.com/wp-content/themes/jannah/assets/ilightbox/ 79 KB
25 KB 32ms
28ms Script
application/javascript 104.26.9.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 545f7284439440fac6a2ce4a53a16cf7e9c7f9f6dc7a6f09877bd2af7c85e3b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 4051
cf-polished: origSize=81423
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9tXPtD08u0nuF5L%2Fn%2BmHOy4%2FjQKSlGueq6XA3noHKw4kc7M8eeygzmUB9x0stdyQBG9D3SfgiOwQiy0MrmWGL6fEDRgOclu6o04OL78mocmtZVc4GCB3pFBRcahXBb%2FAzGAVxnY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a62692d0c2d750d-LHR
cf-bgj: minify

GET
H2 200 sliders.min.js Show response
thetruedefender.com/wp-content/themes/jannah/assets/js/ 48 KB
12 KB 30ms
26ms Script
application/javascript 104.26.9.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/js/sliders.min.js?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4aedd618e5afdcceeaeb82c1d6926175a4bb43dd363e9c64eacfca2ae80c9b60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 4051
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yEhAmjbeiHVmB3LhP%2BfHw63StgfAhDJLvo0JnSKnAjAM8wFTU9zlO9h7WS0Fxj0fEonkQLO%2BhNki6Mn9dof1SiucuZTdEpYS4iRhg5J1PiWPxM2xnSwRAIE6Deb5IVe55gEEsYk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a62692d0c2e750d-LHR

GET
H2 200 shortcodes.js Show response
thetruedefender.com/wp-content/themes/jannah/assets/js/ 10 KB
4 KB 27ms
23ms Script
application/javascript 104.26.9.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/js/shortcodes.js?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a211890e04f6342daafeab7c7d11cd15419e8a4830f530176b28d872e6a1d9a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 4051
cf-polished: origSize=11181
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=amT9kj5Omze%2Fql8jEiEVKbr6x5tdjMoXahA%2Bz6qGFLHpHFcnpYCnDmXOTQoeII7Mo4QEQUmjx39p2Aj6ywh6jTQsMXYToco%2BzuG2lEV2FF%2BqkzIg9dXVbQS8k3TmwAAHoJe4q38%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a62692d0c2f750d-LHR
cf-bgj: minify

GET
H2 200 desktop.min.js Show response
thetruedefender.com/wp-content/themes/jannah/assets/js/ 16 KB
6 KB 29ms
25ms Script
application/javascript 104.26.9.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/js/desktop.min.js?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7462bdf789a89db34e26ce9deeb27e2d532113145d71bb560aad30c67dceaf88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 4051
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=23gjnpMuljKIYi7V0Fz6d5F2e%2FSmFbXZvHvffcHlINAEM8b%2Bp9CJy2VxvUcqu7Kv2h0YVIACfNLpqaFEsSewVk0dyI%2BAGLYrpKX7ADWwDy4waApA%2Bg5JmYHgdzgBIzJ5S%2FyPq%2Fs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a62692d0c30750d-LHR

GET
H2 200 live-search.js Show response
thetruedefender.com/wp-content/themes/jannah/assets/js/ 14 KB
5 KB 30ms
26ms Script
application/javascript 104.26.9.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/js/live-search.js?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ebe3ff6e3d8d47304ff7bbcb28cc0579ca64c2cd7989015db2fbdb08ec8dd92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 4051
cf-polished: origSize=14601
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2BYQ3%2FfeGIEAgz7b9maRZMHX%2FpGCafYqeC5lt6ELgccoFHXc6CsU7HsxdcMjtuvQrL5%2BJJXWIXDsf1qVYIvu3%2FCZGykmgQWpedezH0THyak3W9f1HNH4k21w%2B2%2BvEUA05oo4%2BEk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a62692d0c31750d-LHR
cf-bgj: minify

GET
H2 200 single.min.js Show response
thetruedefender.com/wp-content/themes/jannah/assets/js/ 5 KB
2 KB 28ms
24ms Script
application/javascript 104.26.9.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/js/single.min.js?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e84a340caf47fb7f52d6d4eef3db512e84c911268acf1c5eb66b44887f343457

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 4051
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6bOBGyWrGf%2Fbwqs48g6xSWrvMVs%2FedQvA3AACtVTmYCe6uSiJIyAbZrCrYb2k122T7TddwQKk3Eg5979PJkxIqJHaiYukqnNGmOnlXEieQUq2FkfxCtePTx2tdCXOvrhbKO9tQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a62692d0c32750d-LHR

GET
H2 200 comment-reply.min.js Show response
c0.wp.com/c/5.8.1/wp-includes/js/ 3 KB
1 KB 9ms
6ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.1/wp-includes/js/comment-reply.min.js

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: br
last-modified: Thu, 18 Mar 2021 17:48:23 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sun, 30 Oct 2022 05:58:15 GMT

GET
H2 200 wp-embed.min.js Show response
c0.wp.com/c/5.8.1/wp-includes/js/ 1 KB
719 B 9ms
6ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.8.1/wp-includes/js/wp-embed.min.js

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: br
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sun, 30 Oct 2022 05:58:15 GMT

GET
H2 200 br-news.js Show response
thetruedefender.com/wp-content/themes/jannah/assets/js/ 5 KB
2 KB 28ms
25ms Script
application/javascript 104.26.9.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruedefender.com/wp-content/themes/jannah/assets/js/br-news.js?ver=5.4.9
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 360cb757953c12a86e5cab86a14bc19f343fae4b09fa758b1a0535dca3c5f26f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Oct 2021 21:21:28 GMT
server: cloudflare
age: 4051
cf-polished: origSize=5594
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ud%2FnIMKg7tLvQ%2FIEFCIIO%2FlHtsO%2FxLAoYUrB%2BeLZBTBOGsGofV0SavEIsDZuQ4HUdlRo0NmEh0uK1PNI08lt7h8ezFhNiVjBgXNoGNFOd9f%2FNT0MIx3%2Fv%2F5bzI%2F0CH%2FjP4H7j0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a62692d0c33750d-LHR
cf-bgj: minify

GET
H2 200 e-202143.js Show response
stats.wp.com/ 9 KB
3 KB 39ms
5ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202143.js
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn
date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 16 Oct 2022 21:07:39 GMT

GET
H2 200 thetruedefender_thetruedefender_sticky.js Show response
cdn1.lockerdomecdn.com/embeds/ 1020 B
1 KB 58ms
9ms Script
application/javascript 143.204.98.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.lockerdomecdn.com/embeds/thetruedefender_thetruedefender_sticky.js
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-58.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6990ea232bb26e9f419f1c364efc4d46ab62288a58f57aff6f289f4a98459240

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 5SJgwcOSQVDADRfSedXeHumqp.bTbaay
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 16:39:44 GMT
server: AmazonS3
age: 13096
etag: "5bc9056f1e2006913082934b4e7f8720"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Sat, 30 Oct 2021 02:20:00 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1020
x-amz-cf-id: BYyqHq9vhkMoYs5DVj0GPAnz3DTzPyoj8P7-Pb5zrn6J7J5a58AjXA==

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
27 KB 72ms
26ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/ab4db02e-f004-4923-8d56-ed722ad49704/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

8acf26e5da31fbcf97b58ad60baa4121ab276efd4ab78661e842fee1ff975071

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1028 / 642 of 1000 / last-modified: 1635545117"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27325
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 30 Oct 2021 05:58:15 GMT

GET
H2 200 prebid5.14.0.js Show response
get.optad360.io/sf/ 460 KB
142 KB 9ms
7ms Script
application/javascript 18.66.139.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid5.14.0.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/ab4db02e-f004-4923-8d56-ed722ad49704/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 08:09:18 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 07:59:54 GMT
server: AmazonS3
age: 3188938
etag: W/"6dd0a13bde35d2daa452bba998871016"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
cache-control: public, max-age=360000000
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: wEocRt2GvzbSv5xPt_HyzPXZftRHo0qClRqgSrYPaz_6kmWGP1W28A==

GET
H2 200 ajs.js Show response
cdn2.lockerdomecdn.com/_js/ 5 KB
3 KB 54ms
7ms Script
application/javascript 143.204.98.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.17 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-17.fra50.r.cloudfront.net
Software: /
Resource Hash: 17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 02:03:28 GMT
content-encoding: gzip
last-modified: Fri, 29 Oct 2021 19:55:39 GMT
age: 14087
etag: W/"14f4-17ccd9f44a9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: n0SMHgvckd_fwHPqVsEV9CczIV2J30Qktsz0BsXEHcuvdVNfu43zrQ==

GET
H2 200 / Show response
rumble.com/embed/vloy5t/ Frame 9E03 17 KB
7 KB 304ms
103ms Document
text/html 169.55.146.12
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/embed/vloy5t/?pub=4

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.55.146.12 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

c.92.37a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

ac217a1333908ad6e4fd4c29298ee1f32cf3e3372c8dfe1ed8895d58e5bf6ee4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

server: nginx
date: Sat, 30 Oct 2021 05:58:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://rumble.com/vob4aj-durham-probe-targets-obama-and-hillary-crimes-against-children-2.5b-tax-fra.html>; rel="canonical"
strict-transport-security: max-age=31536000;includeSubDomains;preload
content-encoding: br

GET
H/1.1 200
OK TheTrueDefender Show response
xn--r1a.website/s/ Frame BD2C 108 KB
17 KB 144ms
54ms Document
text/html 95.216.186.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://xn--r1a.website/s/TheTrueDefender

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.216.186.40 , Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.40.186.216.95.clients.your-server.de

Software

nginx /

Resource Hash

4c6853bb850ee8aab39a34df9ef231e33068958ca25d69745078ac9c00c98f1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=35768000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

Server: nginx
Date: Sat, 30 Oct 2021 05:58:15 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Pragma: no-cache
Cache-control: no-store
Strict-Transport-Security: max-age=35768000
Access-Control-Allow-Origin: *
Content-Encoding: gzip

GET
H2 200 Capture-331.png
i0.wp.com/thetruedefender.com/wp-content/uploads/2021/10/ 40 KB
41 KB 7ms
7ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/thetruedefender.com/wp-content/uploads/2021/10/Capture-331.png?resize=390%2C220&ssl=1

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

0d23e1c01de5ec7d4ffb9dc2da027172fdde2f1aa13da7c7995007da2c325e2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sat, 30 Oct 2021 05:58:15 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Oct 2021 11:50:27 GMT
server: nginx
etag: "4f81daf6d3961a1d"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://thetruedefender.com/wp-content/uploads/2021/10/Capture-331.png>; rel="canonical"
content-length: 41328
expires: Sat, 28 Oct 2023 23:50:27 GMT

GET
H2 200 Capture-332.png
i1.wp.com/thetruedefender.com/wp-content/uploads/2021/10/ 17 KB
17 KB 7ms
7ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/thetruedefender.com/wp-content/uploads/2021/10/Capture-332.png?resize=390%2C220&ssl=1

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

fd7dd91d94dcfbf74df3f0b41a63f17cca4aec394923059233ca46785f29f374

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sat, 30 Oct 2021 05:58:15 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Oct 2021 12:00:55 GMT
server: nginx
etag: "fbbf1cfa1adca4d4"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://thetruedefender.com/wp-content/uploads/2021/10/Capture-332.png>; rel="canonical"
content-length: 17348
expires: Sun, 29 Oct 2023 00:00:55 GMT

GET
H2 200 / Show response
www.bitchute.com/embed/vfV71S3H1YRi/ Frame 5F6A 3 KB
2 KB 565ms
516ms Document
text/html 104.26.7.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitchute.com/embed/vfV71S3H1YRi/

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.7.35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d07cb7c57183d8bfe6dc615c7cec788de53852598aa244d2a049937385dd103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
content-type: text/html; charset=utf-8
vary: Cookie,Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Mi1FMXeRi2N6Jy3kDPRLjzKdG7nnPfzSbLA%2BAPhTY40hMPN3q6K7X4g1cQ9FYOaTpo9qLkQvfvuD%2Fjp7Ufxm0%2Bpo6HE6YqxyXrco0gcsHxRYk1BfN00W%2Fh4HhwaqxTSqFA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a62692ddb737711-LHR
content-encoding: br

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 16ms
15ms Script
text/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3148
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 30 Oct 2021 06:05:47 GMT

GET
H/1.1 200
OK count.js Show response
thetruedefender-com.disqus.com/ 1 KB
2 KB 48ms
6ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://thetruedefender-com.disqus.com/count.js

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 67
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 28 Oct 2021 19:06:48 GMT
Server: nginx
ETag: "617af4c8-367"
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: DFW3-C1
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: _Lf_aQWSSp2qkXznM2kYav8BYGvaxzESWwOJ3Q2utZPq78EdavXqcg==

GET
H/1.1 200
OK embed.js Show response
thetruedefender-com.disqus.com/ 74 KB
24 KB 200ms
158ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://thetruedefender-com.disqus.com/embed.js

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.22

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

422f05991badee1af6bf99c0904eea33eceba98fca0553f8299cc10f138bcb2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:16 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router_gunicorn
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 24524
Cross-Origin-Resource-Policy: cross-origin

GET
H2 200 sjs.js Show response
cdn1.lockerdomecdn.com/embeds/ 17 KB
18 KB 9ms
8ms Script
application/javascript 143.204.98.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.lockerdomecdn.com/embeds/sjs.js
Requested by: Host: cdn1.lockerdomecdn.com
URL: https://cdn1.lockerdomecdn.com/embeds/thetruedefender_thetruedefender_sticky.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-58.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4e2ff4dda6510591e0123ec9153d0dd7f35a566566df7095694625e6c654e527

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: .wYtctBP_XBnIa5iny.dScquLAjeZQyF
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
last-modified: Mon, 24 May 2021 16:45:53 GMT
server: AmazonS3
age: 15329
etag: "4b1238444af4e820876b6750a0d87dbf"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Sat, 30 Oct 2021 01:46:56 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 17533
x-amz-cf-id: kqxd7Aq4WJRUgpFUoOq0nBPqfiLgSW9mUFnRm8NYfJ71oCHgCBKNHw==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 37ms
15ms XHR
application/json 104.16.86.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211030

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.86.20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

685df4d5cf060fe847afa24bfd796d5302e559451f32322eb1c83d19e6fa132c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10630
x-jsd-version: 1.0.1145
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19152-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"69b-xM+sftEdGOGs4G0QC061UlQ3kbw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6a62692e0f8c21ab-DUS

GET
H2 200 g.gif
pixel.wp.com/ 50 B
116 B 6ms
6ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A9.5.3&blog=189343063&post=34079&tz=0&srv=thetruedefender.com&host=thetruedefender.com&ref=&fcp=1012&rand=0.14807328030983946
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 30 Oct 2021 05:58:16 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 21ms
20ms XHR
text/plain 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1560277746&t=pageview&_s=1&dl=https%3A%2F%2Fthetruedefender.com%2Fdurham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails%2F&ul=en-us&de=UTF-8&dt=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails!%20-%20The%20True%20Defender%20!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUIhAAAAAC~&jid=1047227514&gjid=1186655349&cid=688016768.1635573496&tid=UA-186892928-1&_gid=211219134.1635573496&_r=1&gtm=2ouar0&did=dNDMyYj&z=403665437

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 13997836195017830 Show response
lockerdome.com/lad/ Frame A810 39 KB
15 KB 689ms
311ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/13997836195017830?pubid=ld-5318-880&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Requested by: Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash: bcf6e49c5f8c4efc74d73f648a89124855ef93f5802c331b7d6376b141fc4285

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Content-Length: 14403
Date: Sat, 30 Oct 2021 05:58:16 GMT

GET
H/1.1 200
OK 14009642120598886 Show response
lockerdome.com/lad/ Frame 9AB0 113 KB
29 KB 699ms
311ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/14009642120598886?pubid=ld-7836-312&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Requested by: Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash: 4d2b526fcb97fd3a98042412b8ca71ea876153555e7d3970276cadb693536f3a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Content-Length: 28475
Date: Sat, 30 Oct 2021 05:58:16 GMT

GET
H3 200 pubads_impl_2021102701.js Show response
securepubads.g.doubleclick.net/gpt/ 353 KB
119 KB 48ms
24ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102701.js?31063350

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

9d07f01e075074db0154aae1cd5fc2f2f3ffe87d787783f686444f5583503437

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121586
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 08:34:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 30 Oct 2021 05:58:16 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 125 B
119 B 45ms
23ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=thetruedefender.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

f6d836acd1e04a5a600e876f874a681d1590b961b051390c62b61fe6d8570f0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Oct 2021 05:58:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94
x-xss-protection: 0
expires: Sat, 30 Oct 2021 05:58:16 GMT

GET
H2 200 pushengage.js Show response
clientcdn.pushengage.com/ 18 KB
5 KB 8ms
8ms Script
application/javascript 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://clientcdn.pushengage.com/pushengage.js
Requested by: Host: clientcdn.pushengage.com
URL: https://clientcdn.pushengage.com/core/6aee8e32-15aa-46b8-b94d-8d12cf53c25c.js?ver=5.8.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: c3d8f1101a790ab1233144c17ffcd9e31d648cd90a92cd96fafe64522b1916e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:57:29 GMT
content-encoding: gzip
server: nginx
age: 47
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=300
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: qaSCobM_sNgHMO_K65vyfhQ8zgnzHvxgVe1f_bbz_-jdAY8RN0patQ==
via: 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)

GET
H2 200 entities Show response
users.api.jeeng.com/ 132 B
604 B 240ms
218ms XHR
application/json 104.22.57.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://users.api.jeeng.com/entities?description_md5=&domain_id=0Lvxx4MBY1&image_url_encoded_md5=&image_url_md5=&published_at_md5=&read_only=false&sdk_version=4.8&title_md5=&url=https%3A%2F%2Fthetruedefender.com%2Fdurham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails%2F
Requested by: Host: users.api.jeeng.com
URL: https://users.api.jeeng.com/users/domains/0Lvxx4MBY1/sdk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.57.174 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9e00c9e56b1f5e077f8d626274bce386a0fa335075aa05b522e928d7e906b5a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
via: 1.1 609487f3e9c1fd7ddcc7b01d9818bfed.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: AMS1-C1
x-powered-by: Express
x-cache: Miss from cloudfront
content-encoding: gzip
server: cloudflare
etag: W/"84-weiOn1IsH7vKEcgfym5eOdFeN/g"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 080922abc1ba4c127fe209731118a4d4
cache-control: max-age=3600
cf-ray: 6a62692e9b567174-DUS
x-amz-cf-id: 8591nunq5uAsD1_MBfhOGNeI7q0q8JzjlZ776GF3jtiFtClGQGvsow==

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
932 B 79ms
28ms Script
application/javascript 104.26.8.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.8.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 339162
x-amz-request-id: txa9f7a43a20cf4c4c9390f-00616d2a11
x-amz-id-2: txa9f7a43a20cf4c4c9390f-00616d2a11
last-modified: Mon, 18 Oct 2021 08:01:51 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NNfBY%2FLIGghwfqjoErDzywgYgJ2hYoko3imKu07R%2Fni4XLsM5mgw2pij%2FjugHC8zeSvmR8kZJKMu4vvhZWxcMBqT3lZxRMjoG9s5O2HkFMrwftg7K%2Bv%2FDTUYRQ%2FI1QHg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1634544111259554
cf-ray: 6a62692eec0d71d8-LHR

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
275 B 110ms
32ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
server: nginx
access-control-allow-methods: POST, GET
access-control-allow-origin: https://thetruedefender.com
access-control-allow-credentials: true
accept-ch-lifetime: 604800
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
access-control-allow-headers: authorization, origin, x-requested-with, cookie, content-type, accept-ch

POST
H2 200 bid-request Show response
rtb.adpone.com/ 766 B
977 B 96ms
44ms XHR
application/json 104.26.10.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adpone.com/bid-request?pid=121725125956429&gdpr_applies=false&consentString=undefined
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d49d7b4230abea8226dba54e9d32bf6cfa700fd8c1436e0cb8e6eea43170acf

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46MJa84rNIjOa9BSiUvR4mJD5QqZDk6l%2F9YwJXBKHbva6Ym9S%2Fn5Dmk9A0TgURNrnqzs9svpZw1ndYP8ZcgyfveFOJJUMIpvUiJyRRwKXJdufyaO1t%2FGfwwczIJbJ7S%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://thetruedefender.com
access-control-allow-credentials: true
cf-ray: 6a62692eff6f7774-LHR

POST
H2 204 apacdex Show response
useast.quantumdex.io/auction/ 0
339 B 143ms
102ms XHR
text/plain 104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/apacdex
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://thetruedefender.com
access-control-allow-credentials: true
cf-ray: 6a62692eea0a21b1-DUS

POST
H2 204 v2 Show response
i.connectad.io/api/ 0
154 B 77ms
36ms XHR
text/plain 104.22.54.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.54.206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 6a62692eed782157-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 33ms
11ms XHR
application/json 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

d47d9e312e470983a45c637883159cec37f534d0d769305c839f967321406b9d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:16 GMT
X-Proxy-Origin: 216.131.111.21; 216.131.111.21; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: dee65dc4-d9e2-4081-b274-7136619de08a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://thetruedefender.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
181 B 53ms
14ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 , Poland, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
date: Sat, 30 Oct 2021 05:58:16 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
41 B 284ms
97ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Sat, 30 Oct 2021 05:58:16 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://thetruedefender.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 52ms
15ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.14.0&cb=18922406137
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
date: Sat, 30 Oct 2021 05:58:15 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 834 B
2 KB 132ms
69ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: fc3a619fecc79a2042c98e987a3868d8f99f96c844d1d7dd59ac2871a239bc87

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 6%3b19%3b119
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 30ms
12ms XHR
application/json 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

d5f92c831843c12d435cfb26857ccb3636cd4109a2fbec5a202c5db353c9c229

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:16 GMT
X-Proxy-Origin: 216.131.111.21; 216.131.111.21; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: c56fbcff-b577-4b63-83ad-15376f5a813c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://thetruedefender.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
915 B 180ms
57ms XHR
application/json 188.42.29.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
375 B 40ms
8ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://thetruedefender.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H2 200 01552dc04c1d234a01413add9d8d09cd
secure.gravatar.com/avatar/ 39 KB
39 KB 39ms
6ms Image
image/png 192.0.73.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/01552dc04c1d234a01413add9d8d09cd?s=140&d=mm&r=g
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.73.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0111ef8fb7bab66f02ebb76acf1c20ebff86c7eddef1834b50529d3396410c26

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sat, 30 Oct 2021 05:58:16 GMT
last-modified: Wed, 17 Feb 2021 14:09:30 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="01552dc04c1d234a01413add9d8d09cd.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/01552dc04c1d234a01413add9d8d09cd?s=140&d=mm&r=g>; rel="canonical"
content-length: 39893
expires: Sat, 30 Oct 2021 06:03:16 GMT

GET
H2 200 TERRY-MCAULIFFE-ARLINGTON-VIRGINA.jpg
i2.wp.com/thetruedefender.com/wp-content/uploads/2021/10/ 3 KB
4 KB 7ms
6ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/thetruedefender.com/wp-content/uploads/2021/10/TERRY-MCAULIFFE-ARLINGTON-VIRGINA.jpg?resize=220%2C150&ssl=1

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

c149a885fe56a532595b9582aed2c94412ad1e8fac638646245a93d090213b6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sat, 30 Oct 2021 05:58:16 GMT
x-content-type-options: nosniff
last-modified: Sat, 30 Oct 2021 00:36:04 GMT
server: nginx
etag: "837b49d5eb43f6c6"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://thetruedefender.com/wp-content/uploads/2021/10/TERRY-MCAULIFFE-ARLINGTON-VIRGINA.jpg>; rel="canonical"
content-length: 3438
expires: Mon, 30 Oct 2023 12:36:04 GMT

POST
H2 204 v2 Show response
i.connectad.io/api/ 0
484 B 65ms
34ms XHR
text/plain 104.22.54.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.54.206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 6a62692eed792157-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 23ms
10ms XHR
application/json 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e8093ae582e78141567c3c2f6bd8690f46427e20d2a1ddff52323fcc48c99b25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:16 GMT
X-Proxy-Origin: 216.131.111.21; 216.131.111.21; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 50faa841-11f0-4219-b32e-764afef37786
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://thetruedefender.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
181 B 45ms
15ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 , Poland, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
date: Sat, 30 Oct 2021 05:58:16 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 46ms
16ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.14.0&cb=37392020922
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
date: Sat, 30 Oct 2021 05:58:15 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
375 B 35ms
7ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://thetruedefender.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 apacdex Show response
useast.quantumdex.io/auction/ 0
134 B 131ms
104ms XHR
text/plain 104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/apacdex
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://thetruedefender.com
access-control-allow-credentials: true
cf-ray: 6a62692eea0d21b1-DUS

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
21 B 275ms
98ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Sat, 30 Oct 2021 05:58:15 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://thetruedefender.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
18 B 94ms
34ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
server: nginx
access-control-allow-methods: POST, GET
access-control-allow-origin: https://thetruedefender.com
access-control-allow-credentials: true
accept-ch-lifetime: 604800
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
access-control-allow-headers: authorization, origin, x-requested-with, cookie, content-type, accept-ch

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 17 KB
7 KB 122ms
66ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 77f71f31708e21b2f4f9f779150ee5378a30436673880627eb9c5b1bb9aa665e

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 6%3b24%3b62
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
915 B 170ms
56ms XHR
application/json 188.42.29.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 48ms
33ms XHR
application/json 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

60b2b1052bb91bdd45f229e17513a96825f73e5cf03bd5313ab9a2249178426c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:16 GMT
X-Proxy-Origin: 216.131.111.21; 216.131.111.21; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 04d1fe53-621b-47ec-bdd2-530d06462414
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://thetruedefender.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 14447308783736934 Show response
lockerdome.com/lad/ Frame A19B 1 KB
2 KB 490ms
119ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/14447308783736934?pubid=ld-14447308783736934&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=1560
Requested by: Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash: f670413d2ae1a2ae6adb0f76cf9a23e52e96324d60f3c10658a9bfe558a6513d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1342
Date: Sat, 30 Oct 2021 05:58:16 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BD2C 4 KB
1 KB 59ms
23ms Stylesheet
text/css 142.250.186.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f10.1e100.net

Software

ESF /

Resource Hash

2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 30 Oct 2021 05:09:54 GMT
server: ESF
date: Sat, 30 Oct 2021 05:58:16 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Sat, 30 Oct 2021 05:58:16 GMT

GET
H/1.1 200
OK widget-frame.css
tlgr.org/css/ Frame BD2C 67 KB
15 KB 354ms
269ms Stylesheet
text/css 95.216.186.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tlgr.org/css/widget-frame.css?46

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.216.186.40 , Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.40.186.216.95.clients.your-server.de

Software

nginx /

Resource Hash

4d99f2c1e6fde96e2c2308b915e4da16aee198a8d8f86b9350676830544b66fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:16 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type: text/css
Cache-Control: max-age=345600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 03 Nov 2021 05:58:16 GMT

GET
H/1.1 200
OK telegram-web.css
tlgr.org/css/ Frame BD2C 21 KB
5 KB 221ms
135ms Stylesheet
text/css 95.216.186.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tlgr.org/css/telegram-web.css?19

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.216.186.40 , Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.40.186.216.95.clients.your-server.de

Software

nginx /

Resource Hash

2892a779cee25c3a681f6c8d4c779f0e8632741aec6485a87da48000d84b96c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:16 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type: text/css
Cache-Control: max-age=345600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 03 Nov 2021 05:58:16 GMT

GET
H/1.1 200
OK Vu1zgooGkdca77krElN3VzZsC0FzMRbpRC9aDTznau3gQg-lxocJU_mI6aT2CKYtdvU0BLnwzV_PZ9lVOB56wSGoVlssXAUCEJxeWIqzjuLdfFn3gayVZ9XxQ834bgRQBDjzy67qLqUFlVUy0KcZ7TV_7UH-cRRbzn-tC3fYqBNtmfQNKGli8BZ8nDSRYvSXx_MmQ...
cdn4.telesco.pe/file/ Frame BD2C 14 KB
15 KB 61ms
25ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/Vu1zgooGkdca77krElN3VzZsC0FzMRbpRC9aDTznau3gQg-lxocJU_mI6aT2CKYtdvU0BLnwzV_PZ9lVOB56wSGoVlssXAUCEJxeWIqzjuLdfFn3gayVZ9XxQ834bgRQBDjzy67qLqUFlVUy0KcZ7TV_7UH-cRRbzn-tC3fYqBNtmfQNKGli8BZ8nDSRYvSXx_MmQz2Q8HgTxShkBU-3uOAzA-vlaBRQ7h9DxpSIoP_5N1bLdt-3kRMcfRfRrFO-z6Bfu9Mojz-LU34WN83M5b7Qql05g6KowW3UaiOKWQpxFzrdQvee_YZv6ZhoPqF7FY1p0JulFrSfpOkY6pg2KQ.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 , United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

d712796d188539ac294a0dd7a2d0b2770cbaca32d836863fd2565e6b39ae5f52

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 14470
X-XSS-Protection: 1; mode=block
Last-Modified: Sat, 30 Oct 2021 05:58:16 GMT
Server: nginx/1.18.0
Date: Sat, 30 Oct 2021 05:58:16 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-14470, bytes
Expires: Mon, 29 Nov 2021 05:58:16 GMT

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
18 B 57ms
33ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
server: nginx
access-control-allow-methods: POST, GET
access-control-allow-origin: https://thetruedefender.com
access-control-allow-credentials: true
accept-ch-lifetime: 604800
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
access-control-allow-headers: authorization, origin, x-requested-with, cookie, content-type, accept-ch

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
172 B 237ms
95ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Sat, 30 Oct 2021 05:58:15 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://thetruedefender.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0

POST
H2 204 apacdex Show response
useast.quantumdex.io/auction/ 0
134 B 100ms
100ms XHR
text/plain 104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/apacdex
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://thetruedefender.com
access-control-allow-credentials: true
cf-ray: 6a62692efa2521b1-DUS

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
181 B 14ms
14ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 , Poland, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
date: Sat, 30 Oct 2021 05:58:16 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 9ms
9ms XHR
application/json 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

68dac3c7d532538ff89ca6f44db3a4213ba511ddaf43823a63a893249f5bc302

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:16 GMT
X-Proxy-Origin: 216.131.111.21; 216.131.111.21; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 2cbd108b-e72b-4f98-8a89-d3da2033ec87
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://thetruedefender.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
915 B 148ms
70ms XHR
application/json 188.42.29.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 9ms
9ms XHR
application/json 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

45a1d6c802e5b96dcd8a3d1c2f614f57d3b6e0743249d7a9f335296075c09b37

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:16 GMT
X-Proxy-Origin: 216.131.111.21; 216.131.111.21; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 31b397d3-f8d8-4014-8986-686fb9e4d258
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://thetruedefender.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
375 B 9ms
8ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://thetruedefender.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 1 KB
2 KB 95ms
62ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 3ea61e287d96d4285dd1b1fc925113b2ee9299c16ba87938e239c2eef0b50e4d

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 6%3b19%3b56
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 17ms
14ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.14.0&cb=46693973106
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
date: Sat, 30 Oct 2021 05:58:15 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 v2 Show response
i.connectad.io/api/ 0
155 B 36ms
33ms XHR
text/plain 104.22.54.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.54.206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 6a62692f0d8c2157-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
181 B 14ms
14ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 , Poland, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
date: Sat, 30 Oct 2021 05:58:16 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 v2 Show response
i.connectad.io/api/ 0
156 B 39ms
39ms XHR
text/plain 104.22.54.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.54.206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 6a62692f0d902157-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
915 B 127ms
57ms XHR
application/json 188.42.29.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 18ms
18ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.14.0&cb=45185007752
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
date: Sat, 30 Oct 2021 05:58:15 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
18 B 46ms
33ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
server: nginx
access-control-allow-methods: POST, GET
access-control-allow-origin: https://thetruedefender.com
access-control-allow-credentials: true
accept-ch-lifetime: 604800
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
access-control-allow-headers: authorization, origin, x-requested-with, cookie, content-type, accept-ch

POST
H2 204 apacdex Show response
useast.quantumdex.io/auction/ 0
133 B 195ms
195ms XHR
text/plain 104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/apacdex
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://thetruedefender.com
access-control-allow-credentials: true
cf-ray: 6a62692f0a3421b1-DUS

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 1 KB
2 KB 99ms
66ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 51f0d835d45cb60ef05975a6a821914dc7521052f69101fb917842ff01917e49

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:15 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 6%3b25%3b81
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 8ms
8ms XHR
application/json 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

314463b822c910210397d233970d33f292f26a5cdd90555a63d939c60d14d23a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:16 GMT
X-Proxy-Origin: 216.131.111.21; 216.131.111.21; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 134bcfd1-2a62-44c7-bf6c-71a47bfaca8f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://thetruedefender.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
375 B 9ms
9ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://thetruedefender.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
18 B 223ms
96ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Sat, 30 Oct 2021 05:58:15 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://thetruedefender.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 9ms
9ms XHR
application/json 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

6f62819f977bb14f68194e30c6fbe81d163e00b528474a219c72ff77e7b90b42

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:16 GMT
X-Proxy-Origin: 216.131.111.21; 216.131.111.21; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 9f0eb311-84a3-4957-af0d-d02af6457842
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://thetruedefender.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jquery.min.js Show response
tlgr.org/js/ Frame BD2C 94 KB
34 KB 196ms
196ms Script
application/javascript 95.216.186.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tlgr.org/js/jquery.min.js

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.216.186.40 , Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.40.186.216.95.clients.your-server.de

Software

nginx /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:16 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=345600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 03 Nov 2021 05:58:16 GMT

GET
H/1.1 200
OK jquery-ui.min.js Show response
tlgr.org/js/ Frame BD2C 96 KB
28 KB 168ms
167ms Script
application/javascript 95.216.186.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tlgr.org/js/jquery-ui.min.js

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.216.186.40 , Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.40.186.216.95.clients.your-server.de

Software

nginx /

Resource Hash

eb46d82ef6f86859f18e379660e0f45b85c6f69fa97111905f0c125a08506376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:16 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=345600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 03 Nov 2021 05:58:16 GMT

GET
H/1.1 200
OK tgsticker.js Show response
tlgr.org/js/ Frame BD2C 14 KB
4 KB 159ms
109ms Script
application/javascript 95.216.186.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tlgr.org/js/tgsticker.js?24

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.216.186.40 , Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.40.186.216.95.clients.your-server.de

Software

nginx /

Resource Hash

7af53d7077c16f6ad9efd63a975749c4835ce6e495c337fa4176f15ed385f80b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:16 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=345600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 03 Nov 2021 05:58:16 GMT

GET
H/1.1 200
OK widget-frame.js Show response
tlgr.org/js/ Frame BD2C 82 KB
20 KB 245ms
193ms Script
application/javascript 95.216.186.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tlgr.org/js/widget-frame.js?51

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.216.186.40 , Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.40.186.216.95.clients.your-server.de

Software

nginx /

Resource Hash

09255fc220032ea7ecb474d0b0b6daffccade6134caae15332892691465788f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:16 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=345600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 03 Nov 2021 05:58:16 GMT

GET
H/1.1 200
OK telegram-web.js Show response
tlgr.org/js/ Frame BD2C 11 KB
3 KB 163ms
111ms Script
application/javascript 95.216.186.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tlgr.org/js/telegram-web.js?10

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.216.186.40 , Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.40.186.216.95.clients.your-server.de

Software

nginx /

Resource Hash

0f661b180cb5ec06a2458d8be5c013a37abe06a0d446945709010132ca813d15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:16 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=345600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 03 Nov 2021 05:58:16 GMT

GET
H2 200 lounge.0646e37a1d5797cdbecb18f0498b116a.css
c.disquscdn.com/next/embed/styles/ 0
26 KB 64ms
8ms Other
text/css 143.204.98.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.0646e37a1d5797cdbecb18f0498b116a.css

Requested by

Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.83 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-83.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:30:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 214056
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 25963
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 27 Oct 2021 17:58:29 GMT
server: nginx
etag: "61799345-656b"
content-type: text/css; charset=utf-8
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
expires: Thu, 27 Oct 2022 18:30:40 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: hjHcyunTtRksjfUv2URMQ2TkZo0FsqvfyWVP51avidI3JpIz69gzMw==
x-cache-hits: 0

GET
H2 200 common.bundle.2f2f40d40785c9541a90e9086c8770a3.js
c.disquscdn.com/next/embed/ 0
93 KB 68ms
13ms Other
application/javascript 143.204.98.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Requested by

Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.83 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-83.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 14:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 400366
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94779
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Fri, 22 Oct 2021 00:26:02 GMT
server: nginx
etag: "6172051a-1723b"
content-type: application/javascript; charset=utf-8
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
expires: Tue, 25 Oct 2022 14:45:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: DJVJ5xkA7QJdvXWvNhFjxsOVbf59FcvkqJ0wstXKuJ3CYzijaEXRRw==
x-cache-hits: 0

GET
H2 200 lounge.bundle.9cfe6ad219e0358b590e898d09d5f231.js
c.disquscdn.com/next/embed/ 0
119 KB 76ms
21ms Other
application/javascript 143.204.98.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.9cfe6ad219e0358b590e898d09d5f231.js

Requested by

Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.83 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-83.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:30:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 214056
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 120652
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 27 Oct 2021 17:58:28 GMT
server: nginx
etag: "61799344-1d74c"
content-type: application/javascript; charset=utf-8
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
expires: Thu, 27 Oct 2022 18:30:40 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: EXAul2HPGqC-OypoDIC27zOZYHxm09PESTZ5AkPvrZ7jKdqkZSn5iA==
x-cache-hits: 0

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
14 KB 41ms
6ms Other
application/javascript 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:16 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 11
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 13582
X-XSS-Protection: 1; mode=block

GET
H2 200 adagio.js Show response
script.4dex.io/ 71 KB
22 KB 73ms
36ms Fetch
application/javascript 104.26.8.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.8.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 071ae33974e54b0b7586b5ecc94a40ab118f7df9a387f351231095b51aafe93e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 73576
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: txc3a8552075a2425d94848-00616d2a21
x-amz-id-2: txc3a8552075a2425d94848-00616d2a21
last-modified: Mon, 18 Oct 2021 08:01:50 GMT
server: cloudflare
etag: W/"cae476c264f28e37aca638d685ba55b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FvVL5VybjIhLduuzHKE0j7ByjTTUtSRmKrglpcugPCmfzOYXsSE2j7R0YvGvmF53Ga9fwWEFi420QJA7dTddUt7clCv%2FFR%2BwSKkjTaDHs0CfSQFBk9FvzzWMjWvqXba9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1634544110326910
cf-ray: 6a62692fdc2a743b-LHR
access-control-allow-headers: Authorization

GET
H2 200 poweredby.png
assetscdn.pushengage.com/site_assets/img/ 1 KB
1 KB 46ms
7ms Image
image/png 13.224.193.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assetscdn.pushengage.com/site_assets/img/poweredby.png
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.64 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-64.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0fc433d29c75ad01a8b659920e90e0e9cec6a29f64554b294f0b711531e95be0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 06:15:40 GMT
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
last-modified: Fri, 25 Sep 2020 09:48:13 GMT
server: AmazonS3
age: 85415
etag: "02aec77a0221b1cf0bee11ff572c74e3"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 1025
x-amz-cf-id: iYgfC7_10R1jWsSo-rdnxxqu_8Xh14bL9qX7YE38TMuuXMorGS7lDA==

GET
H2 200 ui.r2.js Show response
rumble.com/j/p/ Frame 9E03 68 KB
25 KB 103ms
102ms Script
application/javascript 169.55.146.12
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/j/p/ui.r2.js?_v=290

Requested by

Host: rumble.com
URL: https://rumble.com/embed/vloy5t/?pub=4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.55.146.12 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

c.92.37a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cb677e5e49585993b23e98195084ba0673f7a3026338401dce3222dcf3690ec5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
content-encoding: br
last-modified: Wed, 20 Oct 2021 21:26:49 GMT
server: nginx
etag: W/"61708999-111af"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=31536000,immutable,stale-if-error=31536000,stale-while-revalidate=31536000
strict-transport-security: max-age=31536000;includeSubDomains;preload

GET
H2 200 7jWBc.OvCc-small-Durham-Probe-Targets-Obama-.jpg
sp.rmbl.ws/s8/1/7/j/W/B/ Frame 9E03 56 KB
56 KB 57ms
21ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.rmbl.ws/s8/1/7/j/W/B/7jWBc.OvCc-small-Durham-Probe-Targets-Obama-.jpg
Requested by: Host: rumble.com
URL: https://rumble.com/embed/vloy5t/?pub=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: bf72cc35bf253ec2a22138d062eafdc067bd4f0de9c6233bfbceefa356d71b05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
last-modified: Wed, 27 Oct 2021 12:34:57 GMT
etag: "dfb6e1688aa50289fe2cd8f167046829"
x-hw: 1635573496.cds130.am5.hn,1635573496.cds283.am5.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=26724
accept-ranges: bytes
content-length: 57276

GET
H2 206 7jWBc.caa.mp4
sp.rmbl.ws/s8/2/7/j/W/B/ Frame 9E03 3 MB
0 57ms
25ms Media
video/mp4 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://sp.rmbl.ws/s8/2/7/j/W/B/7jWBc.caa.mp4?u=0&b=0
Requested by: Host: rumble.com
URL: https://rumble.com/embed/vloy5t/?pub=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
last-modified: Wed, 27 Oct 2021 13:00:50 GMT
access-control-allow-origin: *
etag: "9b51405c71f1ed6a7d47542db79052cd-50"
x-hw: 1635573496.cds130.am5.hn,1635573496.cds210.am5.c
content-type: video/mp4
Content-Range: bytes 0-256912520/256912521
cache-control: max-age=26216
accept-ranges: bytes
Content-Length: 256912521

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame C747 7 KB
4 KB 115ms
115ms Document
text/html 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34079%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34079&t_u=https%3A%2F%2Fthetruedefender.com%2Fdurham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails%2F&t_e=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails!&t_d=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails!&t_t=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails!&s_o=default

Requested by

Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

dabbf2afa2b7f3f594724f61032c513ae98bd751f8dd337b7680c4ef4a603376

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

Connection: keep-alive
Content-Length: 2945
Server: nginx
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Type: text/html; charset=utf-8
Last-Modified: Fri, 29 Oct 2021 15:29:23 GMT
ETag: W/"lounge:view:8849713856.2a791578cc31c76c448a536b14ddc565.2"
Referrer-Policy: no-referrer-when-downgrade
Content-Encoding: gzip
Date: Sat, 30 Oct 2021 05:58:16 GMT
Age: 2
Vary: Accept-Encoding
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame DFD1
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

281 B
554 B

29ms
7ms

Document
text/html

104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Oct 2021 05:58:16 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Date: Sat, 30 Oct 2021 05:58:16 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK sas-banner-1.2.js Show response
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame EDB9 31 KB
11 KB 460ms
9ms Script
application/x-javascript 2.16.186.107
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.107 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-107.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 62ebdd655eb7d82324ded1127e184b1f4a65132a2b4f5ba0e113d3b65cc47b61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Oct 2021 08:07:40 GMT
Server: AkamaiNetStorage
ETag: "0d7189fa1121540662ae60c7b7896c2f:1634717897.994352"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10406

GET
H2 200 lounge.load.476c68be0ef9b136177aa11ed8dc9365.js Show response
c.disquscdn.com/next/embed/ Frame C747 958 B
1 KB 74ms
6ms Script
application/javascript 143.204.98.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.476c68be0ef9b136177aa11ed8dc9365.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34079%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34079&t_u=https%3A%2F%2Fthetruedefender.com%2Fdurham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails%2F&t_e=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails!&t_d=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails!&t_t=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails!&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.83 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-83.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

6db623175e53f8a8fbe0dd0b9ef38213bfffab51835c940b2ff705514b3bee9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34079%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34079&t_u=https%3A%2F%2Fthetruedefender.com%2Fdurham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails%2F&t_e=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails!&t_d=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails!&t_t=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails!&s_o=default
Origin: https://disqus.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:30:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 214056
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 497
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 27 Oct 2021 17:58:28 GMT
server: nginx
etag: "61799344-1f1"
content-type: application/javascript; charset=utf-8
via: 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
expires: Thu, 27 Oct 2022 18:30:40 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: JZggsMQPrzVpR6Xae1SiqGQMymOgOBKvp8UAloLumJi74W-4u5PrBg==
x-cache-hits: 0

GET
H2 200 plyr.css
cdnjs.cloudflare.com/ajax/libs/plyr/3.4.8/ Frame 5F6A 24 KB
4 KB 46ms
22ms Stylesheet
text/css 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/plyr/3.4.8/plyr.css

Requested by

Host: www.bitchute.com
URL: https://www.bitchute.com/embed/vfV71S3H1YRi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.19.94 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11b7448c22b34dae17fdace8778630f6e9bab3e826c1a1ca960284359ab453b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2745436
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3554
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:32 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa4-5edb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6040XXHIXsVKT3SuVXkQSAATuecYA6fdktmXHr1Li90jqwsuPp9vMhgK3BOEM3wlPNCGhk7zn4EiYfrRPpOBA%2Bp57kORVNvhsPfYRx%2BgxcCzkJJlsUUBc01ooZpn9HHMn06AZMSJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a6269314ec3715d-DUS
expires: Thu, 20 Oct 2022 05:58:16 GMT

GET
H2 200 embed.css
www.bitchute.com/static/v133/css/ Frame 5F6A 3 KB
1 KB 31ms
28ms Stylesheet
text/css 104.26.7.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bitchute.com/static/v133/css/embed.css
Requested by: Host: www.bitchute.com
URL: https://www.bitchute.com/embed/vfV71S3H1YRi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ac4e1992dbf1f7c3673ec6117c0132741d39982215d1af2bed6aa170698a524

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/embed/vfV71S3H1YRi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1098
cf-polished: origSize=3658
last-modified: Wed, 29 Sep 2021 09:10:49 GMT
server: cloudflare
etag: W/"e4a-5cd1eb4d0c517-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jCXz8v2hBgiMNEPlkww7PqZBNlEa3uOqC4OfaJ%2F%2FmJbCt6wTkltu11zQ7XvbPClPVuStuoL4jvVU0%2FKn25VDZ26UvII%2BgawHUhA%2FIiP%2By2UfRENnYZQaqNA3AOS3%2FvZt%2FkA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 6a6269312e827711-LHR
cf-bgj: minify

GET
H2 200 api.js Show response
www.bitchute.com/cdn-cgi/bm/cv/669835187/ Frame 5F6A 35 KB
9 KB 23ms
20ms Script
text/javascript 104.26.7.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitchute.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: www.bitchute.com
URL: https://www.bitchute.com/embed/vfV71S3H1YRi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.7.35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/embed/vfV71S3H1YRi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0gPn%2BX5f9TJmdSUHTcFwmPYO5%2BPrxPBDPWYlmyKJN894r3RzcZrk2P8WD8jjANhlIxnhWBKipLy%2BTWsnPno8f7BY2%2Fj2wEDkAHUxY5oCUlHBaSr%2BbUHwupViYi9fiE4TT1Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 6a6269312e8d7711-LHR

GET
H2 200 vfV71S3H1YRi_640x360.jpg
static-3.bitchute.com/live/cover_images/oACWZBJypqWf/ Frame 5F6A 37 KB
38 KB 54ms
9ms Image
image/jpeg 89.187.169.39
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-3.bitchute.com/live/cover_images/oACWZBJypqWf/vfV71S3H1YRi_640x360.jpg

Requested by

Host: www.bitchute.com
URL: https://www.bitchute.com/embed/vfV71S3H1YRi/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-39.cdn77.com

Software

BunnyCDN-DE1-755 /

Resource Hash

7136aa0fec48cb4c61588871b4a8feb2b121e20a1bbcdfb874a1053edaaa366d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
cdn-edgestorageid: 565
age: 0
cdn-cachedat: 10/27/2021 16:36:44
cdn-pullzone: 89010
content-length: 38317
x-amz-request-id: tx000000000000003d18e3b-00617963fc-82ef209-nyc3a
cache-control: public, max-age=31919000
server: BunnyCDN-DE1-755
last-modified: Wed, 27 Oct 2021 14:33:36 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 206
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: cd868a83-1d51-4455-8c6e-f6ed9fcd8eef
x-rgw-object-type: Normal
cdn-requestid: dc8a57a42e9abea2e954c18a5e328a77
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame 5F6A 95 KB
30 KB 47ms
24ms Script
application/javascript 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: www.bitchute.com
URL: https://www.bitchute.com/embed/vfV71S3H1YRi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.19.94 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 778272
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 30360
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-17b8b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJkFsrWxdLM5BPizGjvJNIYRyVhhnjM8gxTOxiKEW4mrUGtgQjPdhMbSh0iWrzQqobmjIfn%2BhMdhvMcDqgyJvfGHjwk9mwf9X24Ca%2F14G6WgX9TACkE74WOAjhqmlR1uenANc4Np"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a6269315ecf715d-DUS
expires: Thu, 20 Oct 2022 05:58:16 GMT

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v2/ Frame 5F6A 4 KB
1 KB 33ms
7ms Script
text/javascript 151.101.65.26
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js?features=es6,Array.prototype.includes,CustomEvent,Object.entries,Object.values,URL

Requested by

Host: www.bitchute.com
URL: https://www.bitchute.com/embed/vfV71S3H1YRi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.26 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e8af73fa4560eec175777bb3599db76a417328e8b6a2efecb9f6c1629c7dc67b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bitchute.com/
Origin: https://www.bitchute.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 3281766
detected-user-agent: Chrome/95.0.4638
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length: 926
referrer-policy: origin-when-cross-origin
last-modified: Tue, 21 Sep 2021 16:44:46 GMT
date: Sat, 30 Oct 2021 05:58:16 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/95.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 plyr.min.js Show response
cdnjs.cloudflare.com/ajax/libs/plyr/3.4.8/ Frame 5F6A 96 KB
24 KB 47ms
25ms Script
application/javascript 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/plyr/3.4.8/plyr.min.js

Requested by

Host: www.bitchute.com
URL: https://www.bitchute.com/embed/vfV71S3H1YRi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.19.94 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71e321cc2e604ec1fbbe76c0470d616f1e8bcc9a25e27ab8d7b0f07efa54f2e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 826711
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 23866
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:32 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa4-17f39"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EPLCYfQpXw30E54HvUxhu%2FG%2BCT6dcyd06z%2BnvqxnitKo8AFwMzkT6LCswxMrZD7ID8RWaeFyxVp9oivZ%2FiVZb%2BfGH%2F08I1hHdIAL5qP6h0I%2BLd%2FkI4k8i7vh4KJCx3jUA5g2i%2B80"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a6269315ed0715d-DUS
expires: Thu, 20 Oct 2022 05:58:16 GMT

GET
H2 200 rangetouch.js Show response
www.bitchute.com/static/v133/js/third-party/ Frame 5F6A 2 KB
1 KB 33ms
30ms Script
application/javascript 104.26.7.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bitchute.com/static/v133/js/third-party/rangetouch.js
Requested by: Host: www.bitchute.com
URL: https://www.bitchute.com/embed/vfV71S3H1YRi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 955adfc31846d7a5f3b397b90a83e22de43a5e68dfa15dbb93069462256920b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/embed/vfV71S3H1YRi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1314
cf-polished: origSize=3126
last-modified: Wed, 29 Sep 2021 09:11:47 GMT
server: cloudflare
etag: W/"c36-5cd1eb840d5e9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2rxCXiMbCeTODEmzt2ztUrYs6dA8yHUAp%2FnyxRaW6k0ktEq6iNrPwLW543zpzcUA7FCd9dp0so%2FSuRiGBg6cFaPOuuhbthI9u8k%2BpLrHFekkMLGgVJLuGcJJZDEmVl%2FRUD4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 6a6269312e887711-LHR
cf-bgj: minify

GET
H2 200 html-ratio-component.js Show response
www.bitchute.com/static/v133/js/third-party/ Frame 5F6A 1 KB
824 B 34ms
31ms Script
application/javascript 104.26.7.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bitchute.com/static/v133/js/third-party/html-ratio-component.js
Requested by: Host: www.bitchute.com
URL: https://www.bitchute.com/embed/vfV71S3H1YRi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f401eb40ec1fa797bc8afbac7c18519fa46894d8cd6927be908486988ce47da6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/embed/vfV71S3H1YRi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1314
cf-polished: origSize=1882
last-modified: Wed, 29 Sep 2021 09:11:07 GMT
server: cloudflare
etag: W/"75a-5cd1eb5de2cac-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=smGzl%2Bhw5ij1xw33vzNWIDCRvkH5j%2BoORARY5y1z%2BpnfeqeQKcjmlD3JxU9yaaawpKWxwEu5uW0D2J%2FUe%2FRhVE4Xs1qZQMgw4krVBYw89PzQ5E%2Bv0Garlbr6%2F8lpUlgsBiE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 6a6269312e897711-LHR
cf-bgj: minify

GET
H2 200 embed.js Show response
www.bitchute.com/static/v133/js/ Frame 5F6A 247 B
582 B 28ms
26ms Script
application/javascript 104.26.7.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bitchute.com/static/v133/js/embed.js
Requested by: Host: www.bitchute.com
URL: https://www.bitchute.com/embed/vfV71S3H1YRi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fef471c03efd044f419bec563ccab7f14415713b12d0d7a0ce711b8699b8f14f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/embed/vfV71S3H1YRi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1098
cf-polished: origSize=375
last-modified: Wed, 29 Sep 2021 09:11:26 GMT
server: cloudflare
etag: W/"177-5cd1eb6ff74e2-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gx5v7XUtipBR65aPY4OZm91OWCmtnqiNSRruYQjG2z0dOlC3UtZSekJg%2Fha5L%2Bbf%2BtG6yn3ADee9Z16w2Upi0BZxNhF8QZ%2BthOwlPF8qq7qHRI3sdtTByDCyp2p%2Frh7Rrpk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 6a6269312e8b7711-LHR
cf-bgj: minify

GET
H3 200 gun.js Show response
cdn.jsdelivr.net/npm/gun/ Frame 5F6A 95 KB
32 KB 34ms
20ms Script
application/javascript 104.16.86.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/gun/gun.js

Requested by

Host: www.bitchute.com
URL: https://www.bitchute.com/embed/vfV71S3H1YRi/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.86.20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13f3cc49c0d71310a668cd7c3455de6dd9167a891e6e6ea8c8a0a33541373e9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32990
x-jsd-version: 0.2020.1235
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19176-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"17a77-x/NHWx2bS9e1AY7Aa4eKr+Tbx94"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6a6269313eb8715d-DUS

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 9E03 48 KB
19 KB 15ms
14ms Script
text/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=290

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 7030
date: Sat, 30 Oct 2021 04:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 30 Oct 2021 06:01:06 GMT

POST
H2 200 view...loy5t.1jr0903
rumble.com/l/ Frame 9E03 35 B
191 B 95ms
95ms Ping
image/gif 169.55.146.12
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://rumble.com/l/view...loy5t.1jr0903?p=2.3&r=90036748&ref=https%3A%2F%2Fthetruedefender.com%2F&gt=2

Requested by

Host: rumble.com
URL: https://rumble.com/j/p/ui.r2.js?_v=290

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.55.146.12 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

c.92.37a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 30 Oct 2021 05:58:16 GMT
server: nginx
strict-transport-security: max-age=31536000;includeSubDomains;preload
log-code: 3
content-type: image/gif

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 9E03 370 KB
123 KB 80ms
29ms Script
text/javascript 216.58.212.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: rumble.com
URL: https://rumble.com/embed/vloy5t/?pub=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.170 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f10.1e100.net

Software

sffe /

Resource Hash

4a095c4b655aa774d4b1eb479908d0aa5ce3482b701c4b25af75050e0fe85ebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125402
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
expires: Sat, 30 Oct 2021 05:58:16 GMT

GET
H2 200 common.bundle.2f2f40d40785c9541a90e9086c8770a3.js Show response
c.disquscdn.com/next/embed/ Frame C747 282 KB
93 KB 9ms
6ms Script
application/javascript 143.204.98.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.476c68be0ef9b136177aa11ed8dc9365.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.83 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-83.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

4d958aa0fe56b2c9ef407522721c72a3f0ac4f0ae063a2e2d05c134b7a79fa85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34079%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34079&t_u=https%3A%2F%2Fthetruedefender.com%2Fdurham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails%2F&t_e=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails!&t_d=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails!&t_t=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 14:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 400366
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94779
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Fri, 22 Oct 2021 00:26:02 GMT
server: nginx
etag: "6172051a-1723b"
content-type: application/javascript; charset=utf-8
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
expires: Tue, 25 Oct 2022 14:45:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: W36DNfFp0ukwnR77eD3wiYCMzACMKqacHzS-BuqAz70QtGVwnqraFA==
x-cache-hits: 0

GET
H/1.1 200
OK A1NkZLFDhSvy0HfxWAuqoEfWwdy8yImrFoCn8Iwlrf7HEXssbR4CnPHCU9jK7q1YhZaCbvuwjvJBSeTa68UX6K7cbGUsHQqeQpnNLnMhRQLt519p_lC_CoJR4d9HQ0-59wXdYOp7nBzQEU81ZQBw5audJkxWu_k77DcxQXALyYdgRvxTMSmVEhoe7cpXEJ64bs7mS...
cdn4.telesco.pe/file/ Frame BD2C 25 KB
26 KB 53ms
25ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/A1NkZLFDhSvy0HfxWAuqoEfWwdy8yImrFoCn8Iwlrf7HEXssbR4CnPHCU9jK7q1YhZaCbvuwjvJBSeTa68UX6K7cbGUsHQqeQpnNLnMhRQLt519p_lC_CoJR4d9HQ0-59wXdYOp7nBzQEU81ZQBw5audJkxWu_k77DcxQXALyYdgRvxTMSmVEhoe7cpXEJ64bs7mSCK6RqfxvnxQj5INtYgcmRSVDjI3h8Op_RuXiGMa57UHV1-GnpMSi8tZL2Qy-UvrAesBbN_vkSRXhldWKrUqlLqIX8ke9I5G2kh6P0z4MzUgxxo1x-0MfSRBHigkV2dpXHw0_GB3SijAdiRtYg.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 , United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

94f088e3475b554ba46ffaf3f330a2e9135464e9c1f7540c648c033296e329eb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 26094
X-XSS-Protection: 1; mode=block
Last-Modified: Sat, 30 Oct 2021 05:58:16 GMT
Server: nginx/1.18.0
Date: Sat, 30 Oct 2021 05:58:16 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-26094, bytes
Expires: Mon, 29 Nov 2021 05:58:16 GMT

GET
DATA 200
OK truncated
/ Frame BD2C 683 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5c639313a20041c6986df07dae08542d6e26be05464cadce13a51141b8a8886

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK vISWSFBihItslmSbw2ESLtDBFKneBoS7rNYMfzyu95TqyXrRST4qdBvjlLGUG1_2fMEQWOOrU59gklG3S3DY2FJRVl5V-EpqssKXhGns1MPMX2LQwXSEpRaX0A5_rs1rr5bxinp76AnTHfcpLoZE2g5IC-UP60J_N-2PB34uyevTJnxMUVk_QnBKV9MMz-KfD-TSv...
cdn4.telesco.pe/file/ Frame BD2C 34 KB
35 KB 53ms
25ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/vISWSFBihItslmSbw2ESLtDBFKneBoS7rNYMfzyu95TqyXrRST4qdBvjlLGUG1_2fMEQWOOrU59gklG3S3DY2FJRVl5V-EpqssKXhGns1MPMX2LQwXSEpRaX0A5_rs1rr5bxinp76AnTHfcpLoZE2g5IC-UP60J_N-2PB34uyevTJnxMUVk_QnBKV9MMz-KfD-TSvZiT-bH8CXkZfuvklxmY66omoD8dDBfUztU0U4Le8Joafm7BdoLK8Ffv9gxPocCIXkUhTR7q1WSLjs-_uN1wwlHcWaXmT_LoCRuEkSZB5HDdxIiUzoVOj5Oys4M77pMIPGoPccSrTVDyEhYxQg.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 , United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

de014373af5d1bd62d178353857b328568fc64855d56a73dbdffadeac6c969fb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 34722
X-XSS-Protection: 1; mode=block
Last-Modified: Sat, 30 Oct 2021 05:58:16 GMT
Server: nginx/1.20.1
Date: Sat, 30 Oct 2021 05:58:16 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
Expires: Mon, 29 Nov 2021 05:58:16 GMT

GET
H/1.1 200
OK txHro8xm-zdFEDGQFZJLW7YNmb7oOg4vnEHfMSt3-7I7nqTREMotQAMiWPbPnplUFlxBYh_AoiyPNW_vyRb6a690ltgiv3XGVAvKa5CHoxPtFsXi6TFMsTZKXfpXlsy3Z4M8tNy2xyQ0eB8eaExzHLVfEaGWtfAh3-qSVCDL_jWonK7oxPORIogZE3agxym5m26As...
cdn4.telesco.pe/file/ Frame BD2C 48 KB
48 KB 53ms
26ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/txHro8xm-zdFEDGQFZJLW7YNmb7oOg4vnEHfMSt3-7I7nqTREMotQAMiWPbPnplUFlxBYh_AoiyPNW_vyRb6a690ltgiv3XGVAvKa5CHoxPtFsXi6TFMsTZKXfpXlsy3Z4M8tNy2xyQ0eB8eaExzHLVfEaGWtfAh3-qSVCDL_jWonK7oxPORIogZE3agxym5m26AsravR2TPcGwnHOKBPHWgMavU9-ZI118fgWnyllg_WZBdNF7C3ES0b6OLyp9A8-lVbazui2EZtioNpS-jFHoF7whlPWE1HnMSijT1xRjIBnS0CRXD4i5mu6unVZ6n-ZEEjdqjWTPODsyS7J8nmA.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 , United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

adfd15f58488deeed37d073631598f5a941d383be2c258aafeccd9583a92f64f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 48797
X-XSS-Protection: 1; mode=block
Last-Modified: Sat, 30 Oct 2021 05:58:16 GMT
Server: nginx/1.18.0
Date: Sat, 30 Oct 2021 05:58:16 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-48797, bytes
Expires: Mon, 29 Nov 2021 05:58:16 GMT

GET
H/1.1 200
OK IN-QtB2-QBBA5X6MdhfNLhHJPcTNrXj-1mQZLTlwfmmEZJ8XKNo8D8GaVjG8tqZPFFrv0Vuy-k1Pauoag1x-YjGvJHxwUe-BIR_eTKyJ4TNF7Slw1P7uyZfm0VzmWtpnd0Ae9oRSMc8PnIVqdLRlnKiFmGB4HqIUXngtKcTN8KYVCGLoZIBJ4k9vEupK_DMIRNHNd...
cdn4.telesco.pe/file/ Frame BD2C 58 KB
59 KB 53ms
26ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/IN-QtB2-QBBA5X6MdhfNLhHJPcTNrXj-1mQZLTlwfmmEZJ8XKNo8D8GaVjG8tqZPFFrv0Vuy-k1Pauoag1x-YjGvJHxwUe-BIR_eTKyJ4TNF7Slw1P7uyZfm0VzmWtpnd0Ae9oRSMc8PnIVqdLRlnKiFmGB4HqIUXngtKcTN8KYVCGLoZIBJ4k9vEupK_DMIRNHNdgzl9GC0c9HK8LZyb3j55_LjbxYrrZqD6EKbgWuH3G0npBm5Q1f91r5mb98JNvFwuyafIr00kU2N52ilcTgCNtUzHi7wdwXvfhiF7rX6jWuSPmUG6PgewlDQc8QqW_pNKvAvD7ogoXuA3BMjug.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 , United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

9172d5b47aa6dd206cfadcb458e8458ef60101d364c327c4f51c98acd471220b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 59706
X-XSS-Protection: 1; mode=block
Last-Modified: Sat, 30 Oct 2021 05:58:16 GMT
Server: nginx/1.18.0
Date: Sat, 30 Oct 2021 05:58:16 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-59706, bytes
Expires: Mon, 29 Nov 2021 05:58:16 GMT

GET
H/1.1 200
OK WvjfIQyOtroVVl20blJSGCJU07Jh2JeyHFgXXNmIgm2qS5jKAftwaj0ES_5Iinwt1jrsEKG1w1nB6HPXYqObok7mLlAR2UF3t7CR7ZmjjPtlEb0_6bOR6jY1AR2neXydDgcaQejCglkVnmQhPgEZeD9rOrrET5zMM0HgreTF-fDuUygP8RH13Nkt50J8s8G30slpJ...
cdn4.telesco.pe/file/ Frame BD2C 135 KB
135 KB 35ms
19ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/WvjfIQyOtroVVl20blJSGCJU07Jh2JeyHFgXXNmIgm2qS5jKAftwaj0ES_5Iinwt1jrsEKG1w1nB6HPXYqObok7mLlAR2UF3t7CR7ZmjjPtlEb0_6bOR6jY1AR2neXydDgcaQejCglkVnmQhPgEZeD9rOrrET5zMM0HgreTF-fDuUygP8RH13Nkt50J8s8G30slpJKOQXH05fTYHaYUFsyyvWqnrkHTOU8h5uU5RXEnIk6GCC5nCAHKvF5aHiPv5IcfdTg87qXYi00GYyERVVW6ltnWUpKHCXY4xXp3SNyrU0bKkVoFPS-gQO1P8DGikC0ddsPWoRWzFuNXy9x7ggw.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 , United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

f61e5ff2080ffa31128c0cd9654c834e6ed7a9c9b48e6a951dc952a9197b3591

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 137925
X-XSS-Protection: 1; mode=block
Last-Modified: Sat, 30 Oct 2021 05:58:16 GMT
Server: nginx/1.18.0
Date: Sat, 30 Oct 2021 05:58:16 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-137925, bytes
Expires: Mon, 29 Nov 2021 05:58:16 GMT

GET
H/1.1 200
OK CHlC0OIeRO0pGp020ZWfhNq0HdQ-S0UxXJDFuyqxmYfHUBX4VpOFCAixazuOpHepqcZo2181QJ-g1p8KXpKdaXnGYgLNfL6Ljnt9G3tUfTHDrE5-JevaqphEpRNceJ7wHm7yzAN98EgURri1GUe25yTpr7ywarwSpOHBcFXp_1eKiDsEUEJ_rr0AJJvTyNmW9vlmW...
cdn4.telesco.pe/file/ Frame BD2C 52 KB
52 KB 18ms
18ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/CHlC0OIeRO0pGp020ZWfhNq0HdQ-S0UxXJDFuyqxmYfHUBX4VpOFCAixazuOpHepqcZo2181QJ-g1p8KXpKdaXnGYgLNfL6Ljnt9G3tUfTHDrE5-JevaqphEpRNceJ7wHm7yzAN98EgURri1GUe25yTpr7ywarwSpOHBcFXp_1eKiDsEUEJ_rr0AJJvTyNmW9vlmWBGqRsVwsNK-00ZtWnnZ_htB7SnywXai8MtYbsM7QwctYeGjii-Rq1UPSapo4SpMvb3LbTiaz-qVzzvFFFlpSAMwhHGsW5NOyMnySqj0tVHuHaPHgC2TKnXEeFVKqgm6LlFNOQ5GQ1EyJoCvaw.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 , United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

c1ecc4cb012b5af3e335e7a6b4e7b2ab36509738027eb06ef345e9b68591428f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 52743
X-XSS-Protection: 1; mode=block
Last-Modified: Sat, 30 Oct 2021 05:58:16 GMT
Server: nginx/1.20.1
Date: Sat, 30 Oct 2021 05:58:16 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
Expires: Mon, 29 Nov 2021 05:58:16 GMT

GET
H/1.1 200
OK sh5dKdoXn2xIB93ocQtzfK6RKiuxQRU4xTupki1XrMAVHXyDeuXQmLu23kN9IZwaKx_fsBpi9FlLYid5ASfU9NAXtFLCkCJvk42A7VL-jqqBbtIgINvUJCua8y_f_jEZB1jnrfFxlUvApXdINebMytjjulwtLh4hWbCh1LIfm4Wt-QhX-3uL1FGWWCQAI-EhM--8K...
cdn4.telesco.pe/file/ Frame BD2C 68 KB
68 KB 16ms
15ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/sh5dKdoXn2xIB93ocQtzfK6RKiuxQRU4xTupki1XrMAVHXyDeuXQmLu23kN9IZwaKx_fsBpi9FlLYid5ASfU9NAXtFLCkCJvk42A7VL-jqqBbtIgINvUJCua8y_f_jEZB1jnrfFxlUvApXdINebMytjjulwtLh4hWbCh1LIfm4Wt-QhX-3uL1FGWWCQAI-EhM--8KENUqenbXgLHkQWwHAwSn_71jaeEpHpnRN3Xouy6r31rMKKBlheZQRpRFSaslkuiDHRGzK9EDwqBOhdlyOa4VEF7jjwxPmLIq3xBbQKvGqDJdJHJJr4ayS-FKdtIP8dnuloNEWWDHt-FIhiHHg.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 , United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

0d6abff276e1c0fab6e8d8a3557f85b0f7509b8c9c50286daa8b68a60b208a7c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 69415
X-XSS-Protection: 1; mode=block
Last-Modified: Sat, 30 Oct 2021 05:58:16 GMT
Server: nginx/1.18.0
Date: Sat, 30 Oct 2021 05:58:16 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-69415, bytes
Expires: Mon, 29 Nov 2021 05:58:16 GMT

GET
H/1.1 200
OK A2_1zAsChOrD7CNzqxJ7_Db7-wLONS3TI1_qUZz9fAqVvYE8fCcNIo0jXWuG8n0TsK0jZfbEBKpqIkEMBq44kOC1ipRW7R4VASOXph4zSH7F-HSkYqmDTxBzeVc67KoYN8D8bf-t2FnvQHSDq4TPtNXmgURjiPImqq-2GmH1cfG-6j28ML7oH7cfh4BXuxHHn7tri...
cdn4.telesco.pe/file/ Frame BD2C 30 KB
31 KB 17ms
16ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/A2_1zAsChOrD7CNzqxJ7_Db7-wLONS3TI1_qUZz9fAqVvYE8fCcNIo0jXWuG8n0TsK0jZfbEBKpqIkEMBq44kOC1ipRW7R4VASOXph4zSH7F-HSkYqmDTxBzeVc67KoYN8D8bf-t2FnvQHSDq4TPtNXmgURjiPImqq-2GmH1cfG-6j28ML7oH7cfh4BXuxHHn7triQ6ZQJww9HIwOrS6R1nSQuJdn466WqrSPKQAxlVRel0J0-pVEHSIUWC89S-zOw8-JQifHckKT7jW1EZw2RdZA39_qGXwL6LlO74HhW_tglP2rFkKcYVX-7etAisZA58puxhto8pcbPLbp-BxQw.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 , United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

aa0b71a0301e58c9d8274cdb1122da964d5f747b28093571f622d17efaa3d524

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 30726
X-XSS-Protection: 1; mode=block
Last-Modified: Sat, 30 Oct 2021 05:58:16 GMT
Server: nginx/1.18.0
Date: Sat, 30 Oct 2021 05:58:16 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-30726, bytes
Expires: Mon, 29 Nov 2021 05:58:16 GMT

GET
H/1.1 200
OK ST77v4SR9_gBUpkIihDl7BVgOGDNXk1T_VpU2Zh96SwXQFMfFkawX1mAHggltY0hDKpZqtAeG04SFdci-yG5g4xboJ1ww7aQDrYl0y8zApUdEmcWvBDLyJjyIqoyt5Dm8Qm6iNRCqNONGIw0s5J_WbsRyJntgctZZXTUHU54-S2qxveXOE-RAtZmwmh49RgUQEFSA...
cdn4.telesco.pe/file/ Frame BD2C 38 KB
38 KB 18ms
18ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/ST77v4SR9_gBUpkIihDl7BVgOGDNXk1T_VpU2Zh96SwXQFMfFkawX1mAHggltY0hDKpZqtAeG04SFdci-yG5g4xboJ1ww7aQDrYl0y8zApUdEmcWvBDLyJjyIqoyt5Dm8Qm6iNRCqNONGIw0s5J_WbsRyJntgctZZXTUHU54-S2qxveXOE-RAtZmwmh49RgUQEFSAGKCCu0GE1XEXXPZu-_dnFhGZU1h6YgOAkUtXf68aoE0ziiAvrqAxIlJsyhmluQsITp-KASDtWDAKqbqjgwTh_TeaYaXenjxP14GcKdWaelH5tZpzCrGqXztoqiWBm1NMBlAVxtHqGKPo8Pphw.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 , United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

6e9994a2b8c1f0ee7db7822a016b81a0d2d7a32e35492f90d3051b17824c8bbe

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 38578
X-XSS-Protection: 1; mode=block
Last-Modified: Sat, 30 Oct 2021 05:58:16 GMT
Server: nginx/1.20.1
Date: Sat, 30 Oct 2021 05:58:16 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
Expires: Mon, 29 Nov 2021 05:58:16 GMT

GET
H/1.1 200
OK rtty6MPKgotqSc7eq2mgbkkMedOtXD4Q85eyNDTZeV9ZpsuKS2zy8RKVGNLqRcdKmrzMLl9vGiSFSXLuVcAwqfvUauq5zgOl-vAHGiNG0UMsDR8mXkgxUJYfg7iqpd5S6twGnFiZFG6XABuXAHmCcoT0G2d0DGUILuLQVYzYYMvUB0AREHiwMqqImoSG77s8rANrn...
cdn4.telesco.pe/file/ Frame BD2C 43 KB
43 KB 17ms
17ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/rtty6MPKgotqSc7eq2mgbkkMedOtXD4Q85eyNDTZeV9ZpsuKS2zy8RKVGNLqRcdKmrzMLl9vGiSFSXLuVcAwqfvUauq5zgOl-vAHGiNG0UMsDR8mXkgxUJYfg7iqpd5S6twGnFiZFG6XABuXAHmCcoT0G2d0DGUILuLQVYzYYMvUB0AREHiwMqqImoSG77s8rANrno16RsWymaKmPChtv5zn6NGi8Vzz5VrKfR7VTb0DE-mfPYBvD6InuswuXKrBDevpwmrWDaP-9PuOLUtYr6K1Ucjl8lzM0iBgqhodjgq3hQKhCP4xGK3O5_jCupGGPteknu8w-DJf0DscivO_RQ.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 , United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

03dd0cd6265d032fc599e47d7b256576d50745f9e22fe67c698b49de311b5555

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43600
X-XSS-Protection: 1; mode=block
Last-Modified: Sat, 30 Oct 2021 05:58:16 GMT
Server: nginx/1.18.0
Date: Sat, 30 Oct 2021 05:58:16 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-43600, bytes
Expires: Mon, 29 Nov 2021 05:58:16 GMT

GET
H/1.1 200
OK DS4-dDyE337jzWb4bwQf_tbDSUe-cFTIrPhuB4-JDJGUV14kBG4QnruWjlg5sRaKwBhl28lht2hWRgmJB3To-O01p62X4ZBzC04HeUqoIjslavYwzohjaF930UPu4ZKRjHgK_pOfk52NZE1Az7KMLjZ8LEjglcfptgUyXAXZVPpl0pskKgF-w3j_sttN-MCdZxVft...
cdn4.telesco.pe/file/ Frame BD2C 54 KB
55 KB 16ms
16ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/DS4-dDyE337jzWb4bwQf_tbDSUe-cFTIrPhuB4-JDJGUV14kBG4QnruWjlg5sRaKwBhl28lht2hWRgmJB3To-O01p62X4ZBzC04HeUqoIjslavYwzohjaF930UPu4ZKRjHgK_pOfk52NZE1Az7KMLjZ8LEjglcfptgUyXAXZVPpl0pskKgF-w3j_sttN-MCdZxVftKXFxXx_plsea0KVS-ieTQKYV_g53QcXFWr_LEAEa0slL8B-d8DULHSP-020S2O3iSt0qk1DvKAPXXTac2T3dvGuNni3rCRbLpqx7c_D_46y7lVmdUgfulDmSulQSHFkpilN0BKILBsWzEWCcg.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 , United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

8872065b236178a796879bd2e1b895da9e7a73105c04a65ee8d137a93eb2902a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 55686
X-XSS-Protection: 1; mode=block
Last-Modified: Sat, 30 Oct 2021 05:58:16 GMT
Server: nginx/1.18.0
Date: Sat, 30 Oct 2021 05:58:16 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-55686, bytes
Expires: Mon, 29 Nov 2021 05:58:16 GMT

GET
H/1.1 200
OK DCoY6JhYzvYK5rGDUulLQDnKsDw3kHlXf2uEgxdMDng93eguDpeW6cFQU0c5eVxCLBjFggANlyvbcHkwPEjEUWjYY6G3JsgU9Y7aWM2B398zaODgn-rSII9Ex-sVQceyZ9Q3W6rEc2fQ_XmGnSH4CX3D2SjhZyPqyxVY8Vck32RxlzYYO7zwyPcFCgfiR--6MiHAZ...
cdn4.telesco.pe/file/ Frame BD2C 19 KB
20 KB 21ms
20ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/DCoY6JhYzvYK5rGDUulLQDnKsDw3kHlXf2uEgxdMDng93eguDpeW6cFQU0c5eVxCLBjFggANlyvbcHkwPEjEUWjYY6G3JsgU9Y7aWM2B398zaODgn-rSII9Ex-sVQceyZ9Q3W6rEc2fQ_XmGnSH4CX3D2SjhZyPqyxVY8Vck32RxlzYYO7zwyPcFCgfiR--6MiHAZta_ag3U96JfiLq9THZ8uCg9n9XMk41hZ2saETmQ_5vblLGcb-bPIe-pKxFPCaUp31UDxOcQ1ST-rB2bZlbdxfCoLwpIPf1D_Rx-JNlTchEm8UDE7gQFyf1qr27wWmEDsICB9rF02PL8JiRTqA.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 , United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

c9d886450528dec3e352890d9a6b683c9a9d564451ea17bac85463e9c2819c0f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 19346
X-XSS-Protection: 1; mode=block
Last-Modified: Sat, 30 Oct 2021 05:58:16 GMT
Server: nginx/1.18.0
Date: Sat, 30 Oct 2021 05:58:16 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-19346, bytes
Expires: Mon, 29 Nov 2021 05:58:16 GMT

GET
H/1.1 200
OK AnUM7LzfA2HPALrTDmOOZAytrKG5yYsB8vDnclXIR9igY-Sa7qzpYXyD8-GyIoxRQ8690us_ZMAHEHDxrjE4eXnQuOseYZO26_BmC7hAXgPDWyod3KZdHDcQ06SjHjr5bEIvmDtTKLKGWl4qHWleEK-a2lFHF4r_uCp9r-l14lgjKQ4vzK0_M5pxAx4pWvyqSHUag...
cdn4.telesco.pe/file/ Frame BD2C 72 KB
73 KB 19ms
18ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/AnUM7LzfA2HPALrTDmOOZAytrKG5yYsB8vDnclXIR9igY-Sa7qzpYXyD8-GyIoxRQ8690us_ZMAHEHDxrjE4eXnQuOseYZO26_BmC7hAXgPDWyod3KZdHDcQ06SjHjr5bEIvmDtTKLKGWl4qHWleEK-a2lFHF4r_uCp9r-l14lgjKQ4vzK0_M5pxAx4pWvyqSHUagPwWfqUnp7ljTE4p-c9vX21VZul9jJZARHksA5kR8SLj27OK5ZHa8Qh7wfJf_3MpCR4avAJ2Cyzi6vcAfbU1Wn7g9iYGwM3BDupw62eFHREcqnJ3ShWGUxsYEtm6ANV9zfQQTRYQPMHtgkam6Q.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 , United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

2d1db007682f0d690cbba8933d5b5746413bb47fee9c01b873d24a6260392c69

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 74134
X-XSS-Protection: 1; mode=block
Last-Modified: Sat, 30 Oct 2021 05:58:16 GMT
Server: nginx/1.20.1
Date: Sat, 30 Oct 2021 05:58:16 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
Expires: Mon, 29 Nov 2021 05:58:16 GMT

GET
H/1.1 200
OK Uw965D8xopPf6sni93M4q-O3iJo5KhZ63Y5GhmJ3WFVXNJDwhMTs2CWVNxtrVrLcE7hyQwBy0MT5bRJXPwW1mb7Z0p81kesHb8KGQRSi_TdXRWPUxl6DS7bh96Fk5mrk5QJ-fmkVT09Qnh52BImq-rT51PcQVSiHjVOm_ZX8qUuaxuEomtMHD3wN_FJkzsA1NQLnb...
cdn4.telesco.pe/file/ Frame BD2C 63 KB
64 KB 17ms
17ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/Uw965D8xopPf6sni93M4q-O3iJo5KhZ63Y5GhmJ3WFVXNJDwhMTs2CWVNxtrVrLcE7hyQwBy0MT5bRJXPwW1mb7Z0p81kesHb8KGQRSi_TdXRWPUxl6DS7bh96Fk5mrk5QJ-fmkVT09Qnh52BImq-rT51PcQVSiHjVOm_ZX8qUuaxuEomtMHD3wN_FJkzsA1NQLnbndhsq4jRoyLaOHZ5vlrAmkO0lFZg6Z-FE-piDus9ONoL_zc5AI0HIMu3kgT4MlTtluQrCleVqjxtobz5D12FLoEj15PBNRYHFbWZfE6a7SCY1YMFwPMBdRTNN5LLQ3ZIW6jTZP2Z_jJN5vzFg.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 , United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

fdf8bd974b24f687c634c1d30d47888a0c4343dde3badf48b62387a1e27d5219

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 64596
X-XSS-Protection: 1; mode=block
Last-Modified: Sat, 30 Oct 2021 05:58:16 GMT
Server: nginx/1.18.0
Date: Sat, 30 Oct 2021 05:58:16 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-64596, bytes
Expires: Mon, 29 Nov 2021 05:58:16 GMT

GET
H/1.1 200
OK B4b_cVA20GBmZOl-lJkmp1ZnivSIYUeBadpUmQ9bvnT2S1tAoBapZJxQe5v-wFwNyGNve9Lqjg_uh5tsdtm90dRAGJg9NeAuCHgZsgGjAY-FUrOu734TNtYVPBeJGwDQRt4vzRB0nVDihEkXsaip2w09WUkLmLeIHPjMmIzmd-23eVmj3jQnZbmP0-S326uqCagSQ...
cdn4.telesco.pe/file/ Frame BD2C 57 KB
57 KB 16ms
16ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/B4b_cVA20GBmZOl-lJkmp1ZnivSIYUeBadpUmQ9bvnT2S1tAoBapZJxQe5v-wFwNyGNve9Lqjg_uh5tsdtm90dRAGJg9NeAuCHgZsgGjAY-FUrOu734TNtYVPBeJGwDQRt4vzRB0nVDihEkXsaip2w09WUkLmLeIHPjMmIzmd-23eVmj3jQnZbmP0-S326uqCagSQCbob6Pgpj3jastvXfh4K-cpCC_HSY3PKDT6gPHFgKubj4-vVEqldwLnzhFbVNMaD92_Vcu_-23fPG9--Dve5t1iOon-wjAPBus_vi42fXnOZqGwpTmCONnYQ9t_gDV3bLbYloOcEYncjvG-1w.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 , United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

a9e584dd4afe0dd60d746e271448eca4d34fc85b6c695d9a287e6fcf4c11ed5b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 57980
X-XSS-Protection: 1; mode=block
Last-Modified: Sat, 30 Oct 2021 05:58:16 GMT
Server: nginx/1.18.0
Date: Sat, 30 Oct 2021 05:58:16 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-57980, bytes
Expires: Mon, 29 Nov 2021 05:58:16 GMT

GET
H/1.1 200
OK qoQ09obmi8PjG3Seryh1ylX0bBrGJ7UGAc-Hy68gY7zV3_V2VP4cAll8CzJmeMaSUVtPWFxrzJUQMJb--s99UkCx-SkKUIKBy1Y_LjKFpRB8imJ3X7KwuZrkxWK_sYHeONqD603fUYA3TvE9LvcFq088NJfaCCd-eIulUpFjhjk8sf-7kh6nQd7FUlGdjFJMZ8ttN...
cdn4.telesco.pe/file/ Frame BD2C 40 KB
41 KB 18ms
17ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/qoQ09obmi8PjG3Seryh1ylX0bBrGJ7UGAc-Hy68gY7zV3_V2VP4cAll8CzJmeMaSUVtPWFxrzJUQMJb--s99UkCx-SkKUIKBy1Y_LjKFpRB8imJ3X7KwuZrkxWK_sYHeONqD603fUYA3TvE9LvcFq088NJfaCCd-eIulUpFjhjk8sf-7kh6nQd7FUlGdjFJMZ8ttN33pNOKf_K2WuR8JNHsXkL-iGChnyQEgkQcjJUy_qmTXJ5yLBRbOL4Jgh14YHgtFWM4IybrAfxkWk28AByv1-qPqP79DVJpRTD-KFbGu0Erc-IP8m_8A3dB3l_LhZYBgjShW0tm7AAs4rA1BGw.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 , United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

686af60894c770eb143b39f507d8ddd65d9ad2d86e458893fa7dcc3759ebc49f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 41222
X-XSS-Protection: 1; mode=block
Last-Modified: Sat, 30 Oct 2021 05:58:16 GMT
Server: nginx/1.18.0
Date: Sat, 30 Oct 2021 05:58:16 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-41222, bytes
Expires: Mon, 29 Nov 2021 05:58:16 GMT

GET
H/1.1 200
OK GFEiGrGVvzic2c1y8ueBSEkNGLBsnqMnmsl1z88-57peKYTQdjGSMUgRpPXLim6wKyO8fcQFbDTrWRqaoKNvTHk652JRWOP7BTXya192dc7EMO3LgmKQurvFOtqpzljrhNUJn393wXJe-2_Eo3BP01mcPYXm7Cm24d6RsPKOYFbZiJ3MWhwZuy0ZKadlIW4Bu54Y6...
cdn4.telesco.pe/file/ Frame BD2C 28 KB
29 KB 17ms
17ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/GFEiGrGVvzic2c1y8ueBSEkNGLBsnqMnmsl1z88-57peKYTQdjGSMUgRpPXLim6wKyO8fcQFbDTrWRqaoKNvTHk652JRWOP7BTXya192dc7EMO3LgmKQurvFOtqpzljrhNUJn393wXJe-2_Eo3BP01mcPYXm7Cm24d6RsPKOYFbZiJ3MWhwZuy0ZKadlIW4Bu54Y6F5kjEJroFHoUcV-uGVo-TlWyi8zsfWH6WCnh99sawnb7RdBPEfH7FvquDSsXIN20hHlLwEH5bN6bfGRuav1UKTgiWPyY2HptlE2Yinq5hNM50KQ8gR4haC0iKu5uQ8PcVP22LMABmQyVweRYw.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 , United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

0e233a554f50421377565fea9b207129fa604f01ce24ef4ef9051578d4dee6c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 28744
X-XSS-Protection: 1; mode=block
Last-Modified: Sat, 30 Oct 2021 05:58:16 GMT
Server: nginx/1.18.0
Date: Sat, 30 Oct 2021 05:58:16 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-28744, bytes
Expires: Mon, 29 Nov 2021 05:58:16 GMT

GET
H/1.1 200
OK be5j0_pI-9p33e-HbBWmcuiI2taeIcyBT6SEeOpOeCvY1Pp_kgAKsMpIyBLIlBeDrIDl89OOpMsBKsS9_yEFlxCOo6_qJ0Dqi-1bWfbq5WXYwrkv237ATlZCCHomaO4zSNyqYTCWR60ej4qCoz1AAHNwaZCPvJqWwYhHBYPorFsoocErSYUVgcEQosOfILsWViWKF...
cdn4.telesco.pe/file/ Frame BD2C 36 KB
36 KB 17ms
16ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/be5j0_pI-9p33e-HbBWmcuiI2taeIcyBT6SEeOpOeCvY1Pp_kgAKsMpIyBLIlBeDrIDl89OOpMsBKsS9_yEFlxCOo6_qJ0Dqi-1bWfbq5WXYwrkv237ATlZCCHomaO4zSNyqYTCWR60ej4qCoz1AAHNwaZCPvJqWwYhHBYPorFsoocErSYUVgcEQosOfILsWViWKFV256QVUnRHW2H-hi8UvM-lP76uHlB3Lo_CQHwRWvyMX1fb4Al9nOAyUkTk22SHPaAkhJr-48uzD3wTgFCRmfUCsAxEFySmQPimputlPXOzDRGyoM6Zn-xRW0N3Wh1jfbaqNaxzMirhntXKb1w.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 , United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

77ac89f0c9b8aa5a9add22b08e86557b10af6fce78ca34298ea9a14fab792e8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 36558
X-XSS-Protection: 1; mode=block
Last-Modified: Sat, 30 Oct 2021 05:58:16 GMT
Server: nginx/1.18.0
Date: Sat, 30 Oct 2021 05:58:16 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-36558, bytes
Expires: Mon, 29 Nov 2021 05:58:16 GMT

GET
H/1.1 200
OK YT3rl4mBChmYMeryBE4FL_YeUEKp2kXIu2I9xtF0btKWM6kfjJiHjhm_VYkrdsr4mez1DJfNx3zR-FzD3jkQtlXbsz7FTFBpsHWZ_qoYb1mZnEsd8Gf5kZXMsk0VWFDePwEvGBMXg02z2VWDOO2pkvV4ySBObAPRghwmfGfl8VMeYRlDzxHo7gecSG4iP_T5PkYyD...
cdn4.telesco.pe/file/ Frame BD2C 50 KB
50 KB 18ms
18ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/YT3rl4mBChmYMeryBE4FL_YeUEKp2kXIu2I9xtF0btKWM6kfjJiHjhm_VYkrdsr4mez1DJfNx3zR-FzD3jkQtlXbsz7FTFBpsHWZ_qoYb1mZnEsd8Gf5kZXMsk0VWFDePwEvGBMXg02z2VWDOO2pkvV4ySBObAPRghwmfGfl8VMeYRlDzxHo7gecSG4iP_T5PkYyDGadIJqk5HXW6tdtTOhm0ghRXgNgDlOwELnDYIOS6vT88p30JP0MVhmx4W1mE00ZSdj0FiqBioXG04h-s4bkREakNLZG_xTiY6yoGqiWYB028MvOuGF8RyuAZUhKd9DIY8akqJEJFdBv43bL6A.jpg

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 , United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

772ac5fcda6bcfb66e88d1a4762578b28138903695eba4a18dbed086da9a0f4b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 50962
X-XSS-Protection: 1; mode=block
Last-Modified: Sat, 30 Oct 2021 05:58:16 GMT
Server: nginx/1.18.0
Date: Sat, 30 Oct 2021 05:58:16 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: 0-50962, bytes
Expires: Mon, 29 Nov 2021 05:58:16 GMT

GET
H/1.1 200
OK jKhxTIyFnVBFmAP4JBWySMt6VfGIijlmwHi4sEzbDTM4cp6d81W4xeSucHC_7mW-A1iaHrFy0VQ4EuYTQoowfqfQIYN_QrGsTHaiq2aq2kkl6Dt8S0iPfBY45FgV-txpQ3igQY9idY9WkAN0op7Da8Kz6M0g3_x1rXlx19S5QRERk4xV6uctgeimPvzhAaxA2mgJ5...
cdn4.telesco.pe/file/ Frame BD2C 11 KB
12 KB 15ms
15ms Image
image/jpeg 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn4.telesco.pe/file/jKhxTIyFnVBFmAP4JBWySMt6VfGIijlmwHi4sEzbDTM4cp6d81W4xeSucHC_7mW-A1iaHrFy0VQ4EuYTQoowfqfQIYN_QrGsTHaiq2aq2kkl6Dt8S0iPfBY45FgV-txpQ3igQY9idY9WkAN0op7Da8Kz6M0g3_x1rXlx19S5QRERk4xV6uctgeimPvzhAaxA2mgJ5g3r3ZBXqFrv_QgsacBJ1WLhPHXlod7YG72W_JCFfN7D8vhVOjaWLtw-HmeEel4CPWiU20LUXMizeTNEX_QckOj_SQvnN2CXTxdJAwWCraS2EbRzCr-44pOH4Adw5xbjsG2yt5WsZoVz-d3Pig

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 , United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

e398cbb1a7046979a4b013dee4492ec9da7559e7275f8933033a632ce3dc90a5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Security-Policy: default-src 'none'; sandbox
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 11697
X-XSS-Protection: 1; mode=block
Last-Modified: Sat, 30 Oct 2021 05:58:16 GMT
Server: nginx/1.20.1
Date: Sat, 30 Oct 2021 05:58:16 GMT
X-Frame-Options: DENY
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
Expires: Mon, 29 Nov 2021 05:58:16 GMT

GET
DATA 200
OK truncated
/ Frame BD2C 496 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f48401d810df54d8c06bd7a85a69b65e5403bab8dcb8d7e919f3d31247e5460

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK F09F998F.png
tlgr.org/img/emoji/40/ Frame BD2C 2 KB
2 KB 108ms
105ms Image
image/png 95.216.186.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tlgr.org/img/emoji/40/F09F998F.png

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.216.186.40 , Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.40.186.216.95.clients.your-server.de

Software

nginx /

Resource Hash

2eee814cf1ce6d4f84ed9e5b4a34b61f13e58bfdeb0d2b4a40263416bfb1cac3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:16 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type: image/png
Cache-Control: max-age=345600
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Expires: Wed, 03 Nov 2021 05:58:16 GMT

GET
H/1.1 200
OK F09F9894.png
tlgr.org/img/emoji/40/ Frame BD2C 3 KB
3 KB 161ms
110ms Image
image/png 95.216.186.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tlgr.org/img/emoji/40/F09F9894.png

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.216.186.40 , Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.40.186.216.95.clients.your-server.de

Software

nginx /

Resource Hash

167ca6c0f975c641b52d61bbceb0e83bc0ad69f2edd409002fc191f721f9326c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:16 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type: image/png
Cache-Control: max-age=345600
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Expires: Wed, 03 Nov 2021 05:58:16 GMT

GET
H/1.1 200
OK E29D97.png
tlgr.org/img/emoji/40/ Frame BD2C 684 B
1 KB 109ms
108ms Image
image/png 95.216.186.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tlgr.org/img/emoji/40/E29D97.png

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.216.186.40 , Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.40.186.216.95.clients.your-server.de

Software

nginx /

Resource Hash

81003b15fc9afb795bfb737fb5e8f6bbb65ba6c530ed9bc16475690fe11dda1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xn--r1a.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:16 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type: image/png
Cache-Control: max-age=345600
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Expires: Wed, 03 Nov 2021 05:58:16 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame BD2C 15 KB
16 KB 49ms
13ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xn--r1a.website
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 17:27:37 GMT
x-content-type-options: nosniff
age: 390639
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 25 Oct 2022 17:27:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame BD2C 16 KB
16 KB 62ms
26ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xn--r1a.website
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 08:58:25 GMT
x-content-type-options: nosniff
age: 75591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 29 Oct 2022 08:58:25 GMT

GET
H/1.1 206
Partial Content 1a043e541f.mp4
cdn4.telesco.pe/file/ Frame BD2C 64 KB
0 28ms
27ms Media
video/mp4 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn4.telesco.pe/file/1a043e541f.mp4?token=q7CAz9EAf4p2psnG6SKeND4wRm3OIhktPERDs6vbXStuP84faBugl9LiOxxDLi_UKOPBAXuJmuKUaLywZTRVbyTItVz6VCGWUFqLbOUuwhGojjqTYyppq_o2AwbZT8AmOhnw_O1V2gI6gA3t6HZCdvGPcFImRoJvqEg-HOV28GBdqd50lCMj4mjzoVGAhk8vBAfuT1F1GXiivd-BzADkE7mk6bsffQ4MFczl8o_Ys_uNIf8JkzbzXmbEb3KmCLQMDX5XhQJMMwuE3Cay05y68ykkf6qmK92boNI8rgwCWpq0tHu_bhyDVe42zNDpK1KR-pEMCoglUohBtHXyh7WCCw

Requested by

Host: xn--r1a.website
URL: https://xn--r1a.website/s/TheTrueDefender

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 , United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xn--r1a.website/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=0-

Response headers

Date: Sat, 30 Oct 2021 05:58:16 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Range: bytes 0-4421905/4421906
Connection: keep-alive
Content-Length: 4421906
X-XSS-Protection: 1; mode=block
Last-Modified: Sat, 30 Oct 2021 05:58:16 GMT
Server: nginx/1.18.0
X-Frame-Options: DENY
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Content-Security-Policy: default-src 'none'; sandbox
Accept-Ranges: 0-4421906
Expires: Mon, 29 Nov 2021 05:58:16 GMT

GET
H2 200 plyr-20180117.svg
www.bitchute.com/static/v133/images/ Frame 5F6A 5 KB
2 KB 32ms
32ms Other
image/svg+xml 104.26.7.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bitchute.com/static/v133/images/plyr-20180117.svg
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/plyr/3.4.8/plyr.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dc03fffd12e99785f346aaa00ceaba983531923dcb461971fe0e8a59bbfecab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.bitchute.com/embed/vfV71S3H1YRi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Sep 2021 09:10:49 GMT
server: cloudflare
age: 1299
etag: W/"137d-5cd1eb4d11337"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9JzXT3jbAIPIJtYUBHpDtqSrPJsHJ%2BwOl0xfgYiF%2FnCeH5PZ52fNbtrbUc6HzQqIJ3VGhwQDFe28GzLkCnrY9mFDkA%2B13qrPq29yB7dpSmoCuzskGjaEmr6qos9pn%2FBgfQQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a626931df3a7711-LHR

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame DFD1 31 KB
10 KB 7ms
7ms Script
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 6a6eff7272461a487603a4b3dec6e9a690a86f10f520312f2d51ab12cf15aaa8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Oct 2021 15:56:57 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=37968
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9396
Expires: Sat, 30 Oct 2021 16:31:04 GMT

GET
H/1.1 206
Partial Content vfV71S3H1YRi.mp4
seed125.bitchute.com/oACWZBJypqWf/ Frame 5F6A 31 KB
0 548ms
258ms Media
video/mp4 192.187.114.18
NOCIX

General

Check archive.org

Show headers Download Go to

Full URL: https://seed125.bitchute.com/oACWZBJypqWf/vfV71S3H1YRi.mp4
Requested by: Host: www.bitchute.com
URL: https://www.bitchute.com/embed/vfV71S3H1YRi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.187.114.18 Kansas City, United States, ASN33387 (NOCIX, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.bitchute.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=0-

Response headers

Date: Sat, 30 Oct 2021 05:58:17 GMT
Access-Control-Allow-Origin: https://www.bitchute.com
X-Cache-StatusB: HIT
Access-Control-Allow-Methods: GET,POST,OPTIONS,HEAD, GET,POST,OPTIONS,HEAD
Content-Type: video/mp4
Content-Range: bytes 0-77315736/77315737
Access-Control-Allow_Credentials: true, true
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Access-Control-Allow-Headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range, Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 77315737

GET
H2 200 polyfill.min.js
cdn.polyfill.io/v2/ Frame 5F6A 4 KB
969 B 9ms
7ms Other
text/javascript 151.101.65.26
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js?features=es6,Array.prototype.includes,CustomEvent,Object.entries,Object.values,URL

Requested by

Host: www.bitchute.com
URL: https://www.bitchute.com/embed/vfV71S3H1YRi/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.26 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e8af73fa4560eec175777bb3599db76a417328e8b6a2efecb9f6c1629c7dc67b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bitchute.com/
Origin: https://www.bitchute.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 3281766
detected-user-agent: Chrome/95.0.4638
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length: 926
referrer-policy: origin-when-cross-origin
last-modified: Tue, 21 Sep 2021 16:44:46 GMT
date: Sat, 30 Oct 2021 05:58:16 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/95.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 206
Partial Content vfV71S3H1YRi.mp4
seed125.bitchute.com/oACWZBJypqWf/ Frame 5F6A 47 KB
0 789ms
279ms Media
video/mp4 192.187.114.18
NOCIX

General

Check archive.org

Show headers Download Go to

Full URL: https://seed125.bitchute.com/oACWZBJypqWf/vfV71S3H1YRi.mp4
Requested by: Host: www.bitchute.com
URL: https://www.bitchute.com/embed/vfV71S3H1YRi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.187.114.18 Kansas City, United States, ASN33387 (NOCIX, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.bitchute.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=0-

Response headers

Date: Sat, 30 Oct 2021 05:58:17 GMT
Access-Control-Allow-Origin: https://www.bitchute.com
X-Cache-StatusB: HIT
Access-Control-Allow-Methods: GET,POST,OPTIONS,HEAD, GET,POST,OPTIONS,HEAD
Content-Type: video/mp4
Content-Range: bytes 0-77315736/77315737
Access-Control-Allow_Credentials: true, true
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Access-Control-Allow-Headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range, Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 77315737

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
18 B 35ms
35ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
server: nginx
access-control-allow-methods: POST, GET
access-control-allow-origin: https://thetruedefender.com
access-control-allow-credentials: true
accept-ch-lifetime: 604800
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
access-control-allow-headers: authorization, origin, x-requested-with, cookie, content-type, accept-ch

POST
H2 204 apacdex Show response
useast.quantumdex.io/auction/ 0
36 B 323ms
322ms XHR
text/plain 104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/apacdex
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://thetruedefender.com
access-control-allow-credentials: true
cf-ray: 6a6269325ccb21b1-DUS

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
181 B 15ms
15ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 , Poland, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
date: Sat, 30 Oct 2021 05:58:16 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 16ms
16ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.14.0&cb=966567585
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
date: Sat, 30 Oct 2021 05:58:16 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 884 B
2 KB 141ms
140ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 3ba80f171167409c8894b29dfbfbee5e0b64541f7c5f7e67afdb7462c15245fc

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:16 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 6%3b21%3b76
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 146 B
1 KB 88ms
88ms XHR
application/json 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

66261e6ebf20403bd76cca78f414c521e029189fc52944cbcc43ed81e125a487

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:16 GMT
X-Proxy-Origin: 216.131.111.21; 216.131.111.21; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 34af9bbd-d00e-4880-bfd9-1361a6ac9df6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://thetruedefender.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 146
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 146 B
1 KB 13ms
13ms XHR
application/json 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c8bf945a02f2bf6cef32c4f374002f9b84ae30f22dc325f4584e69929a28413

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:16 GMT
X-Proxy-Origin: 216.131.111.21; 216.131.111.21; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: ad29a23c-1474-42cc-b3d2-dbd7ad809ff2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://thetruedefender.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 146
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
309 B 58ms
57ms XHR
application/json 188.42.29.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H3 204 v2 Show response
i.connectad.io/api/ 0
367 B 52ms
39ms XHR
text/plain 104.22.54.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.22.54.206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 6a6269327e1b716f-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H2 200 bid-request Show response
rtb.adpone.com/ 770 B
705 B 41ms
40ms XHR
application/json 104.26.10.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adpone.com/bid-request?pid=1217251311622&gdpr_applies=false&consentString=undefined
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe74af159a0caf3b676f2010227660348ac0467ec67266db574129602c00ee7c

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8dot93pSM3%2FPrzK4TSduefBIJBz9iGe%2FoFrgEKpGQi0d1gQxB5yaAbgd7Gfqkdquul4lnqa2iw6WC0T%2F8LZDRrY888Q3ur0Za9ySlna9aRu9Ck%2FqeoUQlu%2FhqvhTvmjc"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://thetruedefender.com
access-control-allow-credentials: true
cf-ray: 6a6269326ae07774-LHR

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
375 B 9ms
8ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://thetruedefender.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
18 B 386ms
386ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Sat, 30 Oct 2021 05:58:15 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://thetruedefender.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0

GET
H2 200 lounge.0646e37a1d5797cdbecb18f0498b116a.css
c.disquscdn.com/next/embed/styles/ Frame C747 163 KB
26 KB 10ms
10ms Stylesheet
text/css 143.204.98.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.0646e37a1d5797cdbecb18f0498b116a.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.83 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-83.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

2592b4e46e8af0af3a6d226a426ab1eeff99edd04bc7d064317f0c01717df7fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34079%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34079&t_u=https%3A%2F%2Fthetruedefender.com%2Fdurham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails%2F&t_e=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails!&t_d=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails!&t_t=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:30:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 214056
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 25963
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 27 Oct 2021 17:58:29 GMT
server: nginx
etag: "61799345-656b"
content-type: text/css; charset=utf-8
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
expires: Thu, 27 Oct 2022 18:30:40 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: O_vDVoL-glGjtcnwmSSlcZcBuW20zTXJx9M3hb9so7POcANguA3GpQ==
x-cache-hits: 0

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame DFD1 284 B
536 B 696ms
170ms Image
image/jpg 8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.39.36.141 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 6683ee3a8662a9679fcacb9fe223a3f8
Content-Type: image/jpg

GET
H2 200 bridge3.486.2_en.html Show response
imasdk.googleapis.com/js/core/ Frame 8C52 578 KB
190 KB 314ms
13ms Document
text/html 216.58.212.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.486.2_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.170 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f10.1e100.net

Software

sffe /

Resource Hash

5e8c2a07175788df50b2ce8963f1f28fb6d0f88d26438f10b9575e99f9f4c020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 194260
date: Fri, 29 Oct 2021 01:55:39 GMT
expires: Sat, 29 Oct 2022 01:55:39 GMT
last-modified: Mon, 25 Oct 2021 15:31:24 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 100958
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 9E03 44 KB
17 KB 98ms
28ms Script
text/javascript 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Oct 2021 05:58:16 GMT

GET
H2 200 lounge.bundle.9cfe6ad219e0358b590e898d09d5f231.js Show response
c.disquscdn.com/next/embed/ Frame C747 468 KB
119 KB 30ms
29ms Script
application/javascript 143.204.98.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.9cfe6ad219e0358b590e898d09d5f231.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.83 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-83.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

e856293f0bfd6bee2a808701afc266d9b70995c66fed88a78583a304c1a67a2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34079%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34079&t_u=https%3A%2F%2Fthetruedefender.com%2Fdurham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails%2F&t_e=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails!&t_d=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails!&t_t=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:30:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 214056
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 120652
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 27 Oct 2021 17:58:28 GMT
server: nginx
etag: "61799344-1d74c"
content-type: application/javascript; charset=utf-8
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
expires: Thu, 27 Oct 2022 18:30:40 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: FVKYfM8ltDNMcLnBxfg8rkwjFcupc7uLIroAGDLWgNQfHIDsRUJKfA==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame C747 13 KB
14 KB 20ms
20ms Script
application/javascript 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

bf7cf40cac4303c84fe1f2023fd8905b9b6e91fc6d37d1b50d12acd3e418ad5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34079%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34079&t_u=https%3A%2F%2Fthetruedefender.com%2Fdurham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails%2F&t_e=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails!&t_d=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails!&t_t=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:16 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 12
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 13582
X-XSS-Protection: 1; mode=block

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ Frame A19B 45 KB
17 KB 68ms
23ms Script
text/javascript 66.102.1.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: lockerdome.com
URL: https://lockerdome.com/lad/14447308783736934?pubid=ld-14447308783736934&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=1560

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lockerdome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 819
date: Sat, 30 Oct 2021 05:44:37 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Sat, 30 Oct 2021 07:44:37 GMT

POST
H2 204 result Show response
www.bitchute.com/cdn-cgi/bm/cv/ Frame 5F6A 0
617 B 23ms
22ms XHR
text/plain 104.26.7.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bitchute.com/cdn-cgi/bm/cv/result?req_id=6a62692ddb737711
Requested by: Host: www.bitchute.com
URL: https://www.bitchute.com/cdn-cgi/bm/cv/669835187/api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bitchute.com/embed/vfV71S3H1YRi/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 30 Oct 2021 05:58:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a62693328647711-LHR
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FSzVKHeNlMaKk4hSRDukCa%2Fbj33ZFrtm7TMxqmn0aSMOV4N4b56ukAHN0EraEJKAF%2Fp%2FkrBJ0alp%2BwVuSqkrswKGbyr8fSXGw3FRh4%2B4FVBG38Y63OSMjgSJEVd7t8n7%2FPc%3D"}],"group":"cf-nel","max_age":604800}

POST
H/1.1 200
OK / Show response
xn--r1a.website/v/ Frame BD2C 4 B
491 B 167ms
167ms XHR
application/json 95.216.186.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://xn--r1a.website/v/

Requested by

Host: tlgr.org
URL: https://tlgr.org/js/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.216.186.40 , Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.40.186.216.95.clients.your-server.de

Software

nginx /

Resource Hash

b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Security Headers

Name	Value
Strict-Transport-Security	max-age=35768000

Request headers

Accept: */*
Referer: https://xn--r1a.website/s/TheTrueDefender
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:17 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=35768000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-control: no-store
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 206
Partial Content 1a043e541f.mp4
cdn4.telesco.pe/file/ Frame BD2C 94 KB
95 KB 53ms
53ms Media
video/mp4 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 , United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

1b17315b5684f9fa9c0bee84f5b6ced06466ca0d841ed483d7356bbc707091b1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xn--r1a.website/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=4325376-

Response headers

Date: Sat, 30 Oct 2021 05:58:16 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Range: bytes 4325376-4421905/4421906
Connection: keep-alive
Content-Length: 96530
X-XSS-Protection: 1; mode=block
Last-Modified: Sat, 30 Oct 2021 05:58:16 GMT
Server: nginx/1.18.0
X-Frame-Options: DENY
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Content-Security-Policy: default-src 'none'; sandbox
Accept-Ranges: 0-4421906
Expires: Mon, 29 Nov 2021 05:58:16 GMT

GET
H2 200 778edbd1cdba22f94f7adb8d0dd2ce5c2e01139bd16028b0f5c72759f052259b_small
cdn1.lockerdomecdn.com/uploads/ Frame A810 26 KB
26 KB 15ms
15ms Image
image/jpeg 143.204.98.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.lockerdomecdn.com/uploads/778edbd1cdba22f94f7adb8d0dd2ce5c2e01139bd16028b0f5c72759f052259b_small
Requested by: Host: lockerdome.com
URL: https://lockerdome.com/lad/13997836195017830?pubid=ld-5318-880&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-58.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 308b928d2ceac604566e6a11088dcc8e3793fd62299a80490389cd2f08480482

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lockerdome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: Zcv69voWy44Bj4aIOTBYoy7n75BE6chc
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
last-modified: Thu, 19 Dec 2019 17:46:51 GMT
server: AmazonS3
age: 12323
etag: "4f437f604b605154865ca159a56f111c"
x-cache: Hit from cloudfront
content-type: image/jpeg
date: Sat, 30 Oct 2021 02:32:54 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 26373
x-amz-cf-id: i1aoPWXxZOruIffiRRo86ePZWFSmu8wCV76t3l_kvwAZKJyYm_OejA==

GET
H2 200 3ea1c2dc137ba771a820674acbebf98e980fb920514c0127c253603ae7b514a1_small
cdn1.lockerdomecdn.com/uploads/ Frame A810 12 KB
12 KB 14ms
14ms Image
image/jpeg 143.204.98.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.lockerdomecdn.com/uploads/3ea1c2dc137ba771a820674acbebf98e980fb920514c0127c253603ae7b514a1_small
Requested by: Host: lockerdome.com
URL: https://lockerdome.com/lad/13997836195017830?pubid=ld-5318-880&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-58.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 81e375d0dbe921a0b97df2e0ce9303883ac52cd7d11134c0ff990476a11785be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lockerdome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: SGI5m2jX8kiDBhrys1PXoTvO2Re8s9fH
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
last-modified: Tue, 16 Mar 2021 22:50:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "6659eec1275eb61851c93251b43d9f85"
x-cache: Hit from cloudfront
content-type: image/jpeg
date: Sat, 30 Oct 2021 05:58:16 GMT
accept-ranges: bytes
content-length: 12050
x-amz-cf-id: wA9JunyOgAJ4H-Tx-x9E9YD0Ipi1kM8nSGalQAXG4SneosdQu-vBNw==

GET
H2 200 a1dcc1086cc5ac944cf46f2355634fed0af3b8d4fa9b2fea686c2dd44a7f022a_small
cdn1.lockerdomecdn.com/uploads/ Frame 9AB0 9 KB
9 KB 10ms
9ms Image
image/jpeg 143.204.98.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.lockerdomecdn.com/uploads/a1dcc1086cc5ac944cf46f2355634fed0af3b8d4fa9b2fea686c2dd44a7f022a_small
Requested by: Host: lockerdome.com
URL: https://lockerdome.com/lad/14009642120598886?pubid=ld-7836-312&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-58.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cb4a1f3ee21a4afb5dddfeab9e394e7721f1e1601f4ae31b4c3933a0900bfeed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lockerdome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 9.q0fKo3GmqMKG4PxHDlM2PEr8g7FHyA
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
last-modified: Wed, 10 Mar 2021 22:43:16 GMT
server: AmazonS3
age: 85165
etag: "faaf3d6088262b1947c4e8dcc830da70"
x-cache: Hit from cloudfront
content-type: image/jpeg
date: Fri, 29 Oct 2021 06:18:52 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 8754
x-amz-cf-id: Cnh1V-bmj641Ydd3G9f5qXi0G-U1sahTSkvQPZibadtHGOxM6wqbkQ==

GET
H2 200 eb22aa4aea3ce4aff60e13b218b0af8703f5b5064353562c7e31a8ca8c5d2585_small
cdn1.lockerdomecdn.com/uploads/ Frame 9AB0 15 KB
15 KB 16ms
16ms Image
image/jpeg 143.204.98.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.lockerdomecdn.com/uploads/eb22aa4aea3ce4aff60e13b218b0af8703f5b5064353562c7e31a8ca8c5d2585_small
Requested by: Host: lockerdome.com
URL: https://lockerdome.com/lad/14009642120598886?pubid=ld-7836-312&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-58.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: acf9bb4baad4e6bf5f69a97be5ded927541bc1e961da5bb21f68022792a03ddd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lockerdome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: PodUAUuiJTamNJkP6m4WT1IY77bVcqix
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
last-modified: Fri, 22 Jan 2021 21:23:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "110de9b4dd1d05fa5598c29932bf002e"
x-cache: Hit from cloudfront
content-type: image/jpeg
date: Sat, 30 Oct 2021 05:58:16 GMT
accept-ranges: bytes
content-length: 15060
x-amz-cf-id: xnvxjZ4eE7LLZxKEMw8kOXaE4qUAX7a96eVArMQrbpxZqt-u-S2n3w==

GET
H2 200 568b3c190fd9e72d90e5ee917f8d57c2a70bc7d913f8da346b89a6d7fe75701b_small
cdn1.lockerdomecdn.com/uploads/ Frame 9AB0 26 KB
27 KB 18ms
18ms Image
image/jpeg 143.204.98.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.lockerdomecdn.com/uploads/568b3c190fd9e72d90e5ee917f8d57c2a70bc7d913f8da346b89a6d7fe75701b_small
Requested by: Host: lockerdome.com
URL: https://lockerdome.com/lad/14009642120598886?pubid=ld-7836-312&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-58.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b5a6a57da6d42bc51b1d27b9ed426362fb020761b3a8724f9e65f632cbd93208

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lockerdome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: PDOK4w0I3TcMVTqnDVI2Rz178dn7iTlf
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
last-modified: Fri, 30 Apr 2021 15:39:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "c4e3023839212ff2ef7950371406902f"
x-cache: Hit from cloudfront
content-type: image/jpeg
date: Sat, 30 Oct 2021 05:58:16 GMT
accept-ranges: bytes
content-length: 26867
x-amz-cf-id: 7ixpSlVFxXqKLplx57Mp2PtK8hGW8bnT8kq1BR8IaCPiJcWHhBUdjw==

GET
H3 200 dc.js Show response
stats.g.doubleclick.net/ Frame A810 45 KB
17 KB 47ms
23ms Script
text/javascript 66.102.1.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: lockerdome.com
URL: https://lockerdome.com/lad/13997836195017830?pubid=ld-5318-880&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720

Protocol

Security

QUIC, , AES_128_GCM

Server

66.102.1.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lockerdome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 819
date: Sat, 30 Oct 2021 05:44:37 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Sat, 30 Oct 2021 07:44:37 GMT

GET
H3 200 dc.js Show response
stats.g.doubleclick.net/ Frame 9AB0 45 KB
17 KB 44ms
24ms Script
text/javascript 66.102.1.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: lockerdome.com
URL: https://lockerdome.com/lad/14009642120598886?pubid=ld-7836-312&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720

Protocol

Security

QUIC, , AES_128_GCM

Server

66.102.1.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lockerdome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 819
date: Sat, 30 Oct 2021 05:44:37 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Sat, 30 Oct 2021 07:44:37 GMT

GET
H2 200 ed58d6b61a9b447bf3ae8fcf0604e6ad886e0391764d3dd45d9ae2873c115372_small
cdn1.lockerdomecdn.com/uploads/ Frame 9AB0 11 KB
11 KB 9ms
8ms Image
image/jpeg 143.204.98.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.lockerdomecdn.com/uploads/ed58d6b61a9b447bf3ae8fcf0604e6ad886e0391764d3dd45d9ae2873c115372_small
Requested by: Host: lockerdome.com
URL: https://lockerdome.com/lad/14009642120598886?pubid=ld-7836-312&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-58.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5948de9b0c489838ac88cf9982a457fff4a5cc216c7878018699cd118f2d7869

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lockerdome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: ujYbd.t2yIXFlkHvt0yhvTMOEbd0OiDJ
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
last-modified: Wed, 21 Jul 2021 17:52:55 GMT
server: AmazonS3
age: 60687
etag: "960e1d3130b3eb8c4dbcf41bbf4a7768"
x-cache: Hit from cloudfront
content-type: image/jpeg
date: Fri, 29 Oct 2021 13:06:50 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 11174
x-amz-cf-id: xpUUgjAdK9wDG2KJyhcqnWy_-X7Jvhg026-abwpNEnv4yPnfEQBE5g==

GET
H2 200 c0c58a022f379c5d4b1e1baa75a954752cc7fc1ee44713e5b3bea964869d5301_small
cdn1.lockerdomecdn.com/uploads/ Frame 9AB0 11 KB
12 KB 12ms
11ms Image
image/jpeg 143.204.98.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.lockerdomecdn.com/uploads/c0c58a022f379c5d4b1e1baa75a954752cc7fc1ee44713e5b3bea964869d5301_small
Requested by: Host: lockerdome.com
URL: https://lockerdome.com/lad/14009642120598886?pubid=ld-7836-312&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-58.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bf0d2935d85b8cc0f4e04af34e81e3ea8a7c96cb06e52eff243dfed652c60527

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lockerdome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: pzCKFnDtZKLKFpExKnNzZA3CBVaCps.d
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
last-modified: Fri, 26 Feb 2021 19:35:51 GMT
server: AmazonS3
age: 14903
etag: "e6f6651456f5ecf1c4108ca5bee471ee"
x-cache: Hit from cloudfront
content-type: image/jpeg
date: Sat, 30 Oct 2021 01:49:54 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 11662
x-amz-cf-id: UDkHbrW8zDddqyRikTAm075IBP8qDcCLqNfa8_rqh5AXCsMj_TALEA==

GET
H2 200 ab1d550f6d2f384f618fb6f2e0735e924a2b99347c80624dd9e118cf0a9f1779_small
cdn1.lockerdomecdn.com/uploads/ Frame 9AB0 15 KB
16 KB 9ms
9ms Image
image/jpeg 143.204.98.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.lockerdomecdn.com/uploads/ab1d550f6d2f384f618fb6f2e0735e924a2b99347c80624dd9e118cf0a9f1779_small
Requested by: Host: lockerdome.com
URL: https://lockerdome.com/lad/14009642120598886?pubid=ld-7836-312&pubo=https%3A%2F%2Fthetruedefender.com&rid=&width=720
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-58.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9eb0966044e1a32b51fcd3d2f2cb7dc9d2ca0c865ab20c5001f87510791387e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lockerdome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: ow5sB6w97PT_0_FjW1bH5bRbBX99J8DH
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
last-modified: Fri, 06 Mar 2020 21:09:06 GMT
server: AmazonS3
age: 16408
etag: "3487262b15ed786e0fe5c807b45f0b91"
x-cache: Hit from cloudfront
content-type: image/jpeg
date: Sat, 30 Oct 2021 01:24:49 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 15734
x-amz-cf-id: PX2tzq-DObPds-J6wo6t4CwVfUcgekYZk7kwcGFkU5mQ9RUiHFY6XQ==

GET
DATA 200
OK truncated Show response
/ Frame A810 9 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 421bc6141125161536d3bc2a4b15f32f200f2340eced972d73db955b193e0172

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ Frame 9AB0 10 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5dfc42945398d8f7a707ddd2154e3357535638f7f71cc4c59760111909acb95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame C747 3 KB
4 KB 109ms
109ms XHR
application/json 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=thetruedefender-com&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

2414cfaa22a8bfa4294324bc0e1e9e9fb193a6f310149502eebf0151c81d1c5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34079%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34079&t_u=https%3A%2F%2Fthetruedefender.com%2Fdurham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails%2F&t_e=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails!&t_d=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails!&t_t=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails!&s_o=default
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:17 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3392
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK st.min.html Show response
apps.sascdn.com/rtb/transparency/handler/ Frame 022A 531 B
811 B 106ms
7ms Document
text/html 2.16.186.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22449904201728267803%22%2c%22adomain%22%3a%22kaspersky.de%22%2c%22page%22%3a%221366485%22%2c%22format%22%3a%2289189%22%2c%22crid%22%3a%227515751%22%2c%22dsp%22%3a%2225%22%2c%22buyer%22%3a%2213088%22%2c%22cid%22%3a%22746345%22%2c%22adid%22%3a%227515751%22%2c%22hash%22%3a%228688035902788523009%22%7d
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.82 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-82.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

Accept-Ranges: bytes
Content-Type: text/html
ETag: "cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Last-Modified: Thu, 18 Feb 2021 14:12:04 GMT
Server: AkamaiNetStorage
Content-Length: 531
Date: Sat, 30 Oct 2021 05:58:17 GMT
Connection: keep-alive

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame A65B 5 KB
3 KB 76ms
34ms Script
application/x-javascript 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=sas&s_exch=sas&id=5aW95q2jLzIzLyAvWm1VNVpqYzFPR0l0TlRKbU1pMWlZbVpoTFRBd01EQXRNREF3TURBd01EQXdNREF3LzI3NTYxMDE3ODMwNzk3MTc4NjIvNzUxNTc1MS81NjM3MjU0LzM5L1FkTjZKNzZubEx6NWE0YVdac2lYZ0RFX0VUa0pqMWxYNGVBUkFUd1FiVlEvMS8xMDAwLzAvMC8xMTgzNDc3LzM2MzI0OTIzMDkvMjM0NDk1Lzc0NjM0NS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8xMDQvNDIwODQ5LzAvMC8yNzU2MTAxNzgzMDc5NzE3ODYyL3pyaC8wLzIwMDYvMzMvOTk5LzMyMi8yMTYuMTMxLjExMS4wLzAuMDAwLzE2MzU1NzM0OTYvMTYzNTU4NjA5Ni8xMDAwLzIwNzkv/8d3NMb0GyLnCxtCu5tLGefRngw8&nodeid=2636&group=zrh&auctionid=2756101783079717862&shardkey=2756101783079717862&sid=5637254&cid=7515751&price=0.036549&bp=a_adgfej&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.132.67
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.207.1 /
Resource Hash: 6c49d8154072e54c0b85a7d278ede74960698311e5fe19d7924a91a337ad665e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:17 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1635573496
Last-Modified: Sat, 30 Oct 2021 05:58:16 GMT
Server: MMBD/3.207.1
x-mm-latency: 18 (1)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: cdg-router-x43, zrh-bidder-x150
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Sat, 30 Oct 2021 05:58:16 GMT

GET
H/1.1 200
OK aip
itx4.smartadserver.com/h/ Frame A65B 43 B
436 B 53ms
19ms Image
image/gif 185.86.139.59
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itx4.smartadserver.com/h/aip?uii=449904201728269897&tmstp=5941256040&ckid=7125243271343695487&pubid=24&systgt=%24qc%3d1314363065%3b%24ql%3dHigh%3b%24qpc%3d94117%3b%24qt%3d152_2199_42546t%3b%24dma%3d807%3b%24b%3d16950%3b%24o%3d11100%3b%24wpc%3d8%3b%24wpc%3d163%3b%24wpc%3d817%3b%24wpc%3d5139%3b%24wpc%3d5146%3b%24wpc%3d5147%3b%24wpc%3d5148%3b%24wpc%3d5149%3b%24wpc%3d5165%3b%24wpc%3d1263%3b%24wpc%3d1335%3b%24wpc%3d1336%3b%24wpc%3d1338%3b%24wpc%3d1339%3b%24wpc%3d1340%3b%24wpc%3d1342%3b%24wpc%3d1343%3b%24wpc%3d1344%3b%24wpc%3d1345&acd=1635573496120&envtype=0&opid=ac5334f0-507d-4cb0-9257-8e7dc7539d27&opdt=1635573496119&siteid=402008&tgt=%24dt%3d1t%3b%24dma%3d807&gdpr=0&visit=S&statid=3&imptype=0&pgDomain=https%3a%2f%2fthetruedefender.com%2fdurham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails%2f&cappid=7125243271343695487&capp=1&mcrdbt=1&insid=10104881&imgid=0&pgid=1366485&fmtid=89189&isLazy=0&rtb=1&rtbnid=2079&rtbbid=449904201728267803&rtbh=699975f9a23ba93ff13b3aa2ef5f723642af5461&rtblt=637711702961266344&rtbet=0&rtbptnid=25&cftgid=4a7f8d2b332c
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:16 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
DATA 200
OK truncated Show response
/ Frame A810 10 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 886bda9a5b3270ad1d08c1dd94e5079960b43a949852da1c42dd5784c72fdb30

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ Frame 9AB0 11 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38ec9a9e5036684e4948fb0782aa60dc266c6ea94725572904f5876673a9edfa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ Frame 9AB0 11 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a306e3a925cce0a439c82f6619e1cfae9faa6a4fa637aacfde28d26ccff1a44

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ Frame 9AB0 10 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00a281b25a2ebc822667760502c9ee701481adcee01a30d776578e4550e7863

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK event.js Show response
referrer.disqus.com/juggler/ Frame C747 40 B
278 B 112ms
94ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://referrer.disqus.com/juggler/event.js?experiment=default&variant=control&page_referrer=https%3A%2F%2Fthetruedefender.com%2F&product=embed&thread=8849713856&thread_id=8849713856&forum=thetruedefender-com&forum_id=7253923&zone=thread&verb=load&object_type=section&object_id=email_subscriptions&section=email_subscriptions&extra_data=%7B%22user_verified%22%3Afalse%2C%22email_subscription_prompt%22%3A%7B%22title%22%3A%22Like+this+article%3F%22%2C%22description_copy%22%3A%22Subscribe+to+thetruedefender.com+to+receive+daily+updates+of+the+latest+articles+delivered+straight+to+your+inbox.%22%2C%22confirmation_copy%22%3A%22Thanks+for+subscribing+to+email+updates+from+thetruedefender.com!+If+you%27d+like+to+unsubscribe%2C+there+will+be+a+link+in+emails+you+receive+from+thetruedefender.com.%22%7D%7D&event=activity&imp=54lgqdb2v42lo5&area=n%2Fa

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

f5627ea74eac809576ae16667ed7522b8dff46df48c38d9452dbe2eb208d2eef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34079%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34079&t_u=https%3A%2F%2Fthetruedefender.com%2Fdurham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails%2F&t_e=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails!&t_d=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails!&t_t=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:17 GMT
X-Content-Type-Options: nosniff
Server: nginx
Connection: keep-alive
X-XSS-Protection: 1; mode=block
transfer-encoding: chunked
Content-Type: application/javascript

GET
H2 200 noavatar92.png
a.disquscdn.com/1635434082/images/ Frame C747 2 KB
2 KB 31ms
6ms Image
image/png 199.232.194.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1635434082/images/noavatar92.png

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.194.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34079%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34079&t_u=https%3A%2F%2Fthetruedefender.com%2Fdurham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails%2F&t_e=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails!&t_d=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails!&t_t=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:17 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 122887
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P4
content-length: 1644
x-amz-cf-id: JAimdhUnYjnVVcT6V9h727eM_4Yy66fsDFaFXAg7oGjBck5C68qElg==
expires: Sat, 27 Nov 2021 19:50:10 GMT

GET
DATA 200
OK truncated
/ Frame C747 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame C747 13 KB
13 KB 7ms
7ms Image
image/svg+xml 143.204.98.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.0646e37a1d5797cdbecb18f0498b116a.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.83 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-83.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.0646e37a1d5797cdbecb18f0498b116a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 15952836
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: wxE409bNL-iMl8m9oRB5JZmco9nmym2fz5IR69EwMHZHTp83qFv9FA==
x-cache-hits: 0

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame C747 3 KB
3 KB 7ms
7ms Image
image/gif 143.204.98.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.0646e37a1d5797cdbecb18f0498b116a.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.83 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-83.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.0646e37a1d5797cdbecb18f0498b116a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 15:42:24 GMT
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2297753
x-cache: Hit from cloudfront
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Tue, 28 Sep 2021 21:56:15 GMT
server: nginx
etag: "61538f7f-b9b"
content-type: image/gif
access-control-allow-origin: *
expires: Mon, 03 Oct 2022 15:42:24 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: 46zQtNEpYBIblATDRdCD1nm8c6DuepmM0Axo4c3WSVh9zoHGohK0FQ==
x-cache-hits: 0

GET
H2 200 sprite.ad630a07080a45451f139a7487853ff8.png
c.disquscdn.com/next/embed/assets/img/ Frame C747 2 KB
2 KB 7ms
7ms Image
image/png 143.204.98.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.0646e37a1d5797cdbecb18f0498b116a.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.83 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-83.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.0646e37a1d5797cdbecb18f0498b116a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 19:47:48 GMT
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 3233429
x-cache: Hit from cloudfront
content-length: 1763
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 22 Sep 2021 19:30:27 GMT
server: nginx
etag: "614b8453-6e3"
content-type: image/png
access-control-allow-origin: *
expires: Thu, 22 Sep 2022 19:47:48 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: V0TrYYfHUHcd6zW6jJG4XX-_T8bI7pssGjRtVUPzPXghXvg48uQaKQ==
x-cache-hits: 0

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame C747 8 KB
8 KB 11ms
11ms Font
application/octet-stream 143.204.98.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.0646e37a1d5797cdbecb18f0498b116a.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.83 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-83.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.0646e37a1d5797cdbecb18f0498b116a.css
Origin: https://disqus.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 09:58:18 GMT
via: 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 5083199
x-cache: Hit from cloudfront
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Tue, 24 Aug 2021 21:06:44 GMT
server: nginx
etag: "61255f64-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
expires: Thu, 01 Sep 2022 09:58:18 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: bb7gzIp1Om5m-f34AtZL37gGY0mxU4L7uDzHwgwSQFLSlQiHOXxF3w==
x-cache-hits: 0

GET
DATA 200
OK truncated Show response
/ Frame 9AB0 10 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc66cd300371eb11d55e0988808998a820cf6d5380e9be856548ac4aeb13edbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H2 200 alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js Show response
c.disquscdn.com/next/embed/ 78 KB
27 KB 7ms
7ms Script
application/javascript 143.204.98.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js

Requested by

Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.83 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-83.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 05 May 2021 15:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15345167
x-cache: Hit from cloudfront
content-length: 26578
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-67d2"
content-type: application/javascript; charset=utf-8
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
expires: Thu, 05 May 2022 15:25:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: 7WYmkzMQOtqfbMuGOiTYOzDnWcFPdLx41ueKRVFUGy6cepy111u8pw==
x-cache-hits: 0

GET
H/1.1

200
OK

request.php Show response
ad.ad-srv.net/ Frame 0938
Redirect Chain

https://ad.ad-srv.net/request.php?zone=8wexqd9dxefc&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2756101783079717862%26mt_id%3D7515751%26mt_adid%3D23449...
https://ad.ad-srv.net/request.php?zone=8wexqd9dxefc&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2756101783079717862%26mt_id%3D7515751%26mt_adid%3D23449...

5 KB
2 KB

111ms
89ms

Document
text/html

178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/request.php?zone=8wexqd9dxefc&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2756101783079717862%26mt_id%3D7515751%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D39%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd0fa617c-def9-4401-bbac-ac4b0129ed38%26mt_cid%3Dd0fa617c-def9-4401-bbac-ac4b0129ed38%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_2756101783079717862&random=2756101783079717862&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:sas&extVar[]=MM_DOM_RTB:thetruedefender.com&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&documentReferer=https%3A%2F%2Fthetruedefender.com%2Fdurham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails%2F&ancestorOrigins=https%3A%2F%2Fthetruedefender.com%2Chttps%3A%2F%2Fthetruedefender.com&uidRedirect=1
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: a265958d7c2f6f27db8503c96fde987c04b913e1fac5e48c846f5cafc51c78ca

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

Date: Sat, 30 Oct 2021 05:58:17 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sat, 30 Oct 2021 06:58:17 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
X-NEORY-SubId: 61411000026638401319921011763020
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1827
Connection: close
Content-Type: text/html; charset=utf-8

Redirect headers

Date: Sat, 30 Oct 2021 05:58:17 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sat, 30 Oct 2021 06:58:17 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=8wexqd9dxefc&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2756101783079717862%26mt_id%3D7515751%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D39%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd0fa617c-def9-4401-bbac-ac4b0129ed38%26mt_cid%3Dd0fa617c-def9-4401-bbac-ac4b0129ed38%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_2756101783079717862&random=2756101783079717862&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:sas&extVar[]=MM_DOM_RTB:thetruedefender.com&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&documentReferer=https%3A%2F%2Fthetruedefender.com%2Fdurham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails%2F&ancestorOrigins=https%3A%2F%2Fthetruedefender.com%2Chttps%3A%2F%2Fthetruedefender.com&uidRedirect=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK analytics.js Show response
s.update.mediamathtag.com/2/619621/ Frame A65B 7 KB
4 KB 128ms
28ms Script
text/javascript 34.248.176.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/&ui=fe9f758b-52f2-bbfa-0000-000000000000&ap=&ti=2756101783079717862&pv=70da4e0f-288f-483d-936e-0124fd410a0f&pp=2079&sr=39&de=43003&si=402008&dm=728x90&ac=746345&cr=7515751&ai=234495&c1=5637254&r1=216.131.111.0&r2=420849&r3=855572544541

Requested by

Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=sas&s_exch=sas&id=5aW95q2jLzIzLyAvWm1VNVpqYzFPR0l0TlRKbU1pMWlZbVpoTFRBd01EQXRNREF3TURBd01EQXdNREF3LzI3NTYxMDE3ODMwNzk3MTc4NjIvNzUxNTc1MS81NjM3MjU0LzM5L1FkTjZKNzZubEx6NWE0YVdac2lYZ0RFX0VUa0pqMWxYNGVBUkFUd1FiVlEvMS8xMDAwLzAvMC8xMTgzNDc3LzM2MzI0OTIzMDkvMjM0NDk1Lzc0NjM0NS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8xMDQvNDIwODQ5LzAvMC8yNzU2MTAxNzgzMDc5NzE3ODYyL3pyaC8wLzIwMDYvMzMvOTk5LzMyMi8yMTYuMTMxLjExMS4wLzAuMDAwLzE2MzU1NzM0OTYvMTYzNTU4NjA5Ni8xMDAwLzIwNzkv/8d3NMb0GyLnCxtCu5tLGefRngw8&nodeid=2636&group=zrh&auctionid=2756101783079717862&shardkey=2756101783079717862&sid=5637254&cid=7515751&price=0.036549&bp=a_adgfej&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.132.67

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-176-243.eu-west-1.compute.amazonaws.com

Software

Resource Hash

d27365fce59aecbb375fb711ba384f82ad843b8d9065b91ad6988cf3f630925c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:16 GMT
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Timing-Allow-Origin: *
Content-Length: 3402
Expires: 0

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame A65B 49 B
330 B 57ms
30ms Image
image/gif 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=2756101783079717862&node_id=2636&exch_id=39
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.207.1 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:17 GMT
Server: MMBD/3.207.1
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x38, zrh-bidder-x150
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sat, 30 Oct 2021 05:58:16 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame A65B 43 B
373 B 57ms
24ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=39&v2=2756101783079717862&v3=746345&v4=5637254&v5=7515751&mt_nsync=1&no_attr=1
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4067 88cc6bf master cdg-pixel-x14 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:17 GMT
Server: MT3 4067 88cc6bf master cdg-pixel-x14 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 30 Oct 2021 05:58:16 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame A65B 49 B
330 B 54ms
29ms Image
image/gif 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=sas&bid=2756101783079717862&st=5637254&time=1635573497&nodeid=2636
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.207.1 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:17 GMT
Server: MMBD/3.207.1
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x81, zrh-bidder-x150
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sat, 30 Oct 2021 05:58:16 GMT

GET
H2 200 publishertag.prebid.113.js Show response
static.criteo.net/js/ld/ 85 KB
27 KB 80ms
38ms Script
text/javascript 178.250.2.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:17 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 12:50:31 GMT
server: nginx
etag: W/"6138b197-1532d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Oct 2021 05:58:17 GMT

GET
DATA 200
OK truncated Show response
/ Frame 9AB0 10 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac082aaf42f3c1f2995a3505fc4267bfb2b9ea74fb82b93300f0b2c38e6ae359

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 9F6F 337 B
808 B 7ms
7ms Stylesheet
text/css 143.204.98.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.83 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-83.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 05 May 2021 03:13:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15389083
x-cache: Hit from cloudfront
content-length: 244
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-f4"
content-type: text/css; charset=utf-8
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
expires: Thu, 05 May 2022 03:13:34 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: TDtjgujODEGtJWlmMPd3C3ejmGIo1VD_7ST-mH3Dp1zaTkor3f0S5w==
x-cache-hits: 0

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 1D06 337 B
808 B 7ms
6ms Stylesheet
text/css 143.204.98.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: thetruedefender-com.disqus.com
URL: https://thetruedefender-com.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.83 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-83.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 05 May 2021 03:13:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15389083
x-cache: Hit from cloudfront
content-length: 244
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-f4"
content-type: text/css; charset=utf-8
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
expires: Thu, 05 May 2022 03:13:34 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: 45nOHY8Wy-fvfcuL33uSndCn-3VD7EpfqXzC8GvFOz134YsCcRO8CA==
x-cache-hits: 0

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame C747 43 B
295 B 99ms
97ms Image
image/gif 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&integration=wordpress%203.0.22&load_time=384&event=init_embed&thread=8849713856&forum=thetruedefender-com&forum_id=7253923&imp=54lgqdb2v42lo5&thread_slug=durham_targets_obama_and_hillary_children_crimes_23_billion_tax_fraud_650000_clinton_emails&user_type=anon&referrer=https%3A%2F%2Fthetruedefender.com%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default&variant=fallthrough&service=dynamic&promoted_enabled=true&max_enabled=true

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=thetruedefender-com&t_i=34079%20https%3A%2F%2Fthetruedefender.com%2F%3Fp%3D34079&t_u=https%3A%2F%2Fthetruedefender.com%2Fdurham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails%2F&t_e=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails!&t_d=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails!&t_t=Durham%20Targets%20Obama%20And%20Hillary%20%7C%20Children%20Crimes%20%7C%20%242.3%20Billion%20Tax%20Fraud%7C%20650%2C000%20Clinton%20Emails!&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame C747 13 KB
13 KB 7ms
7ms Image
image/svg+xml 143.204.98.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.0646e37a1d5797cdbecb18f0498b116a.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.83 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-83.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.0646e37a1d5797cdbecb18f0498b116a.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 15952836
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: cs6U8r3Af1xDLsj4k_-nPpw-v_DyNAfScCAfWy5fYDEnlITl2Weo8w==
x-cache-hits: 0

GET
H/1.1 206
Partial Content 1a043e541f.mp4
cdn4.telesco.pe/file/ Frame BD2C 127 KB
0 23ms
23ms Media
video/mp4 149.154.165.133
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.154.165.133 , United Kingdom, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xn--r1a.website/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=65536-

Response headers

Date: Sat, 30 Oct 2021 05:58:17 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Range: bytes 65536-4421905/4421906
Connection: keep-alive
Content-Length: 4356370
X-XSS-Protection: 1; mode=block
Last-Modified: Sat, 30 Oct 2021 05:58:17 GMT
Server: nginx/1.18.0
X-Frame-Options: DENY
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Length
Cache-Control: max-age=2592000, public
Content-Security-Policy: default-src 'none'; sandbox
Accept-Ranges: 0-4421906
Expires: Mon, 29 Nov 2021 05:58:17 GMT

GET
H2 200 pixel.gif
cdn.viglink.com/images/ 43 B
431 B 61ms
21ms Image
image/gif 104.16.160.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viglink.com/images/pixel.gif?ch=1&rn=7.483926870741874
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.160.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:17 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
server: cloudflare
age: 5
etag: "221d8352905f2c38b3cb2bd191d630b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=15, must-revalidate
content-length: 43
accept-ranges: bytes
cf-ray: 6a626936093b716f-DUS
x-amz-request-id: KJCDFYCWRTS12H47
x-amz-id-2: CUMaAqgNBAyODXabV3H5GzqWdt/z5o41TImyxgwYmC+XJRQq8GqsppZ6s6MnSOVNUqEzSZmHXH8=

GET
H2 200 pixel.gif
cdn.viglink.com/images/ 43 B
102 B 61ms
21ms Image
image/gif 104.16.160.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viglink.com/images/pixel.gif?ch=2&rn=7.483926870741874
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.160.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:17 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
server: cloudflare
age: 5
etag: "221d8352905f2c38b3cb2bd191d630b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=15, must-revalidate
content-length: 43
accept-ranges: bytes
cf-ray: 6a626936093c716f-DUS
x-amz-request-id: KJCDFYCWRTS12H47
x-amz-id-2: CUMaAqgNBAyODXabV3H5GzqWdt/z5o41TImyxgwYmC+XJRQq8GqsppZ6s6MnSOVNUqEzSZmHXH8=

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
26 KB 38ms
14ms XHR
text/javascript 178.250.2.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 023d2dda72814a8b932eaa0e1d2c7c1c4bd5f493d9c018e3345d8bc3f9bc6d69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:17 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 03:25:58 GMT
server: nginx
etag: W/"6178c6c6-14b2b"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Oct 2021 05:58:17 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.35.0/619621/AN6Z7V4JEeTOXm1_/ Frame A65B 0
145 B 117ms
29ms XHR
text/plain 34.248.176.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.35.0/619621/AN6Z7V4JEeTOXm1_/postback?oz_pl=1&dt=6196211556140246740000&de=43003&ac=746345&c1=5637254&dm=728x90&cr=7515751&ai=234495&r2=420849&r3=855572544541&di=https%3A%2F%2Fthetruedefender.com%2Fdurham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails%2F&pv=70da4e0f-288f-483d-936e-0124fd410a0f&sr=39&si=402008&r1=216.131.111.0&ci=619621&pd=avt&ui=fe9f758b-52f2-bbfa-0000-000000000000&ap=&ti=2756101783079717862&pp=2079&_x=1
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/&ui=fe9f758b-52f2-bbfa-0000-000000000000&ap=&ti=2756101783079717862&pv=70da4e0f-288f-483d-936e-0124fd410a0f&pp=2079&sr=39&de=43003&si=402008&dm=728x90&ac=746345&cr=7515751&ai=234495&c1=5637254&r1=216.131.111.0&r2=420849&r3=855572544541
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 30 Oct 2021 05:58:16 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.update.mediamathtag.com/2/2.35.0/ Frame A65B 156 KB
48 KB 28ms
28ms Script
text/javascript 34.248.176.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.mediamathtag.com/2/2.35.0/main.js

Requested by

Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/&ui=fe9f758b-52f2-bbfa-0000-000000000000&ap=&ti=2756101783079717862&pv=70da4e0f-288f-483d-936e-0124fd410a0f&pp=2079&sr=39&de=43003&si=402008&dm=728x90&ac=746345&cr=7515751&ai=234495&c1=5637254&r1=216.131.111.0&r2=420849&r3=855572544541

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-176-243.eu-west-1.compute.amazonaws.com

Software

Resource Hash

dd559d0d7a4803690c1863670e55e3932e8155b2d89e251398ae327b8859613f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:16 GMT
Content-Encoding: br
Accept-Ch: Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Strict-Transport-Security: max-age=31536000; includeSubDomains
Timing-Allow-Origin: *
Content-Length: 48716
Expires: Tue, 08 Jul 2053 05:30:40 GMT

GET
H/1.1 200
OK viewability Show response
ad20.ad-srv.net/ Frame 0938 0
150 B 47ms
12ms Script
text/html 178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad20.ad-srv.net/viewability?s=61411000026638401319921011763020&a=ffac37cb&vb=m
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=8wexqd9dxefc&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2756101783079717862%26mt_id%3D7515751%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D39%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd0fa617c-def9-4401-bbac-ac4b0129ed38%26mt_cid%3Dd0fa617c-def9-4401-bbac-ac4b0129ed38%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_2756101783079717862&random=2756101783079717862&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:sas&extVar[]=MM_DOM_RTB:thetruedefender.com&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&documentReferer=https%3A%2F%2Fthetruedefender.com%2Fdurham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails%2F&ancestorOrigins=https%3A%2F%2Fthetruedefender.com%2Chttps%3A%2F%2Fthetruedefender.com&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:17 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

request.php Show response
ad.ad-srv.net/ Frame 3FCC
Redirect Chain

https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=9bda091792derQTbIfj57zqhZIENdE85NeW24OhUOoIQJooIfRoLf3ktDy6YTRPOAQh7...
https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=9bda091792derQTbIfj57zqhZIENdE85NeW24OhUOoIQJooIfRoLf3ktDy6YTRPOAQh7...

5 KB
2 KB

51ms
30ms

Document
text/html

178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=9bda091792derQTbIfj57zqhZIENdE85NeW24OhUOoIQJooIfRoLf3ktDy6YTRPOAQh7EkcctjOtPTpqTV9SbNXYRc7U16sfY8AIibEW_MT8B_62W6vxBIycaXYUoZXm1TifNWhIO6HyxbTCw3fA4diogBm1dh4uL-TZNCqaKb3A_EZHGy0HbgIJ2z8rCGjW27uve045y-CEZRwNXR8wATNr&subid=61411000026638401319921011763020&redirectClick=https%3A%2F%2Fad20.ad-srv.net%2Fc%2Fpzfnpzvdzzelva7%3Ftprde%3D&uidRedirect=1
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=8wexqd9dxefc&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2756101783079717862%26mt_id%3D7515751%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D39%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd0fa617c-def9-4401-bbac-ac4b0129ed38%26mt_cid%3Dd0fa617c-def9-4401-bbac-ac4b0129ed38%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_2756101783079717862&random=2756101783079717862&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:sas&extVar[]=MM_DOM_RTB:thetruedefender.com&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&documentReferer=https%3A%2F%2Fthetruedefender.com%2Fdurham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails%2F&ancestorOrigins=https%3A%2F%2Fthetruedefender.com%2Chttps%3A%2F%2Fthetruedefender.com&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: aacf646c2e726d6a8e2b960779d8348de4cdd3e7b39415110c61ab7542add6f1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/request.php?zone=8wexqd9dxefc&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2756101783079717862%26mt_id%3D7515751%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D39%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd0fa617c-def9-4401-bbac-ac4b0129ed38%26mt_cid%3Dd0fa617c-def9-4401-bbac-ac4b0129ed38%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_2756101783079717862&random=2756101783079717862&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:sas&extVar[]=MM_DOM_RTB:thetruedefender.com&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&documentReferer=https%3A%2F%2Fthetruedefender.com%2Fdurham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails%2F&ancestorOrigins=https%3A%2F%2Fthetruedefender.com%2Chttps%3A%2F%2Fthetruedefender.com&uidRedirect=1

Response headers

Date: Sat, 30 Oct 2021 05:58:17 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sat, 30 Oct 2021 06:58:17 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
X-NEORY-SubId: 85361200026638601649445011763020
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1569
Connection: close
Content-Type: text/html; charset=utf-8

Redirect headers

Date: Sat, 30 Oct 2021 05:58:17 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sat, 30 Oct 2021 06:58:17 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=9bda091792derQTbIfj57zqhZIENdE85NeW24OhUOoIQJooIfRoLf3ktDy6YTRPOAQh7EkcctjOtPTpqTV9SbNXYRc7U16sfY8AIibEW_MT8B_62W6vxBIycaXYUoZXm1TifNWhIO6HyxbTCw3fA4diogBm1dh4uL-TZNCqaKb3A_EZHGy0HbgIJ2z8rCGjW27uve045y-CEZRwNXR8wATNr&subid=61411000026638401319921011763020&redirectClick=https%3A%2F%2Fad20.ad-srv.net%2Fc%2Fpzfnpzvdzzelva7%3Ftprde%3D&uidRedirect=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 0938 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/cynamics/tools/js/ Frame 0938 851 B
1 KB 50ms
10ms Script
application/javascript 85.114.131.235
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/cynamics/tools/js/addDoubleBorder.js
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=8wexqd9dxefc&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2756101783079717862%26mt_id%3D7515751%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D39%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd0fa617c-def9-4401-bbac-ac4b0129ed38%26mt_cid%3Dd0fa617c-def9-4401-bbac-ac4b0129ed38%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_2756101783079717862&random=2756101783079717862&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:sas&extVar[]=MM_DOM_RTB:thetruedefender.com&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&documentReferer=https%3A%2F%2Fthetruedefender.com%2Fdurham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails%2F&ancestorOrigins=https%3A%2F%2Fthetruedefender.com%2Chttps%3A%2F%2Fthetruedefender.com&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.235 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21039.dus4.fastwebserver.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:17 GMT
Last-Modified: Tue, 03 May 2016 20:55:13 GMT
Server: nginx
ETag: "57291031-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.35.0/619621/AN6Z7V4JEeTOXm1_/ Frame A65B 0
145 B 29ms
29ms XHR
text/plain 34.248.176.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.35.0/619621/AN6Z7V4JEeTOXm1_/postback?oz_pl=1&dt=6196211556140246740000&de=43003&ac=746345&c1=5637254&dm=728x90&cr=7515751&ai=234495&r2=420849&r3=855572544541&di=https%3A%2F%2Fthetruedefender.com%2Fdurham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails%2F&pv=70da4e0f-288f-483d-936e-0124fd410a0f&sr=39&si=402008&r1=216.131.111.0&ci=619621&pd=avt&ui=fe9f758b-52f2-bbfa-0000-000000000000&ap=&ti=2756101783079717862&pp=2079&_x=1
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/&ui=fe9f758b-52f2-bbfa-0000-000000000000&ap=&ti=2756101783079717862&pv=70da4e0f-288f-483d-936e-0124fd410a0f&pp=2079&sr=39&de=43003&si=402008&dm=728x90&ac=746345&cr=7515751&ai=234495&c1=5637254&r1=216.131.111.0&r2=420849&r3=855572544541
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 30 Oct 2021 05:58:16 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.35.0/619621/AN6Z7V4JEeTOXm1_/ Frame A65B 0
145 B 44ms
29ms XHR
text/plain 34.248.176.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.35.0/619621/AN6Z7V4JEeTOXm1_/postback?dt=6196211556140246740000&de=43003&ac=746345&c1=5637254&dm=728x90&cr=7515751&ai=234495&r2=420849&r3=855572544541&di=https%3A%2F%2Fthetruedefender.com%2Fdurham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails%2F&pv=70da4e0f-288f-483d-936e-0124fd410a0f&sr=39&si=402008&r1=216.131.111.0&ci=619621&pd=avt&ui=fe9f758b-52f2-bbfa-0000-000000000000&ap=&ti=2756101783079717862&pp=2079&sid=AN6Z7V4JEeTOXm1_&oz_sc=dcc60bce78e21e047ae58c6c&oz_df=1635573497457&oz_l=226&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.35.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 30 Oct 2021 05:58:16 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2

200

evergreen-kis-728x90.jpg
media.kaspersky.com/de/affiliates/ Frame 3FCC
Redirect Chain

https://www.awin1.com/cshow.php?s=2519508&v=14098&q=379082&r=559379&pv=0&pref1=85361200026638601649445011763020
https://media.kaspersky.com/de/affiliates/evergreen-kis-728x90.jpg

62 KB
62 KB

232ms
125ms

Image
image/jpeg

93.159.228.11
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.kaspersky.com/de/affiliates/evergreen-kis-728x90.jpg

Requested by

Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=9bda091792derQTbIfj57zqhZIENdE85NeW24OhUOoIQJooIfRoLf3ktDy6YTRPOAQh7EkcctjOtPTpqTV9SbNXYRc7U16sfY8AIibEW_MT8B_62W6vxBIycaXYUoZXm1TifNWhIO6HyxbTCw3fA4diogBm1dh4uL-TZNCqaKb3A_EZHGy0HbgIJ2z8rCGjW27uve045y-CEZRwNXR8wATNr&subid=61411000026638401319921011763020&redirectClick=https%3A%2F%2Fad20.ad-srv.net%2Fc%2Fpzfnpzvdzzelva7%3Ftprde%3D&uidRedirect=1

Protocol

Server

93.159.228.11 , Russian Federation, ASN200107 (KL-EXT, RU),

Reverse DNS

Software

/ Kaspersky Labs, Kaspersky Labs

Resource Hash

1eeaa9afd461c6df55ffad40e5b003b9f2303727cc0276e677cf61bf9023284a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 14 Sep 2021 12:09:22 GMT
server
x-powered-by: Kaspersky Labs, Kaspersky Labs
etag: "8ece3b5a61a9d71:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-xss-protection: 1; mode=block
x-server: msk2/FRA2
accept-ranges: bytes
content-length: 63391
date: Sat, 30 Oct 2021 05:58:17 GMT

Redirect headers

Date: Sat, 30 Oct 2021 05:58:17 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://media.kaspersky.com/de/affiliates/evergreen-kis-728x90.jpg
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK viewability Show response
ad20.ad-srv.net/ Frame 3FCC 0
150 B 34ms
12ms Script
text/html 178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad20.ad-srv.net/viewability?s=85361200026638601649445011763020&a=2ba300ea&vb=m
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=9bda091792derQTbIfj57zqhZIENdE85NeW24OhUOoIQJooIfRoLf3ktDy6YTRPOAQh7EkcctjOtPTpqTV9SbNXYRc7U16sfY8AIibEW_MT8B_62W6vxBIycaXYUoZXm1TifNWhIO6HyxbTCw3fA4diogBm1dh4uL-TZNCqaKb3A_EZHGy0HbgIJ2z8rCGjW27uve045y-CEZRwNXR8wATNr&subid=61411000026638401319921011763020&redirectClick=https%3A%2F%2Fad20.ad-srv.net%2Fc%2Fpzfnpzvdzzelva7%3Ftprde%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:17 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK cshow.php Show response
www.awin1.com/ Frame 38CD 43 B
704 B 54ms
34ms Document
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.awin1.com/cshow.php?s=2519508&v=14098&q=379082&r=559379&pv=1&pref1=85361200026638601649445011763020

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/

Response headers

Content-Type: image/gif
Content-Length: 43
Expires: 0
Pragma: no-cache
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Date: Sat, 30 Oct 2021 05:58:17 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=86400
Awin-Akamai-Rule-Set: default

GET
DATA 200
OK truncated
/ Frame 3FCC 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/hofe/tools/js/ Frame 3FCC 851 B
1 KB 43ms
10ms Script
application/javascript 85.114.131.235
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/hofe/tools/js/addDoubleBorder.js
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=9bda091792derQTbIfj57zqhZIENdE85NeW24OhUOoIQJooIfRoLf3ktDy6YTRPOAQh7EkcctjOtPTpqTV9SbNXYRc7U16sfY8AIibEW_MT8B_62W6vxBIycaXYUoZXm1TifNWhIO6HyxbTCw3fA4diogBm1dh4uL-TZNCqaKb3A_EZHGy0HbgIJ2z8rCGjW27uve045y-CEZRwNXR8wATNr&subid=61411000026638401319921011763020&redirectClick=https%3A%2F%2Fad20.ad-srv.net%2Fc%2Fpzfnpzvdzzelva7%3Ftprde%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.235 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21039.dus4.fastwebserver.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:17 GMT
Last-Modified: Fri, 05 Aug 2016 12:57:29 GMT
Server: nginx
ETag: "57a48d39-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
BLOB 200
OK 3dfe0b25-666f-410e-b35c-22c3639a58a2
https://thetruedefender.com/ Frame A5D9 185 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://thetruedefender.com/3dfe0b25-666f-410e-b35c-22c3639a58a2
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 185
Content-Type: application/javascript

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.35.0/619621/AN6Z7V4JEeTOXm1_/ Frame A65B 0
145 B 29ms
29ms XHR
text/plain 34.248.176.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.35.0/619621/AN6Z7V4JEeTOXm1_/postback?dt=6196211556140246740000&de=43003&ac=746345&c1=5637254&dm=728x90&cr=7515751&ai=234495&r2=420849&r3=855572544541&di=https%3A%2F%2Fthetruedefender.com%2Fdurham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails%2F&pv=70da4e0f-288f-483d-936e-0124fd410a0f&sr=39&si=402008&r1=216.131.111.0&ci=619621&pd=avt&ui=fe9f758b-52f2-bbfa-0000-000000000000&ap=&ti=2756101783079717862&pp=2079&sid=AN6Z7V4JEeTOXm1_&oz_sc=dcc60bce78e21e047ae58c6c&oz_df=1635573497655&oz_l=5872&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.35.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 30 Oct 2021 05:58:16 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
DATA 200
OK truncated Show response
/ Frame 784F 13 B
13 B Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Request headers

Upgrade-Insecure-Requests: 1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: text/html;charset=utf-8

POST ping
links.services.disqus.com/api/ 0
0

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.35.0/619621/AN6Z7V4JEeTOXm1_/ Frame A65B 0
145 B 29ms
29ms XHR
text/plain 34.248.176.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.35.0/619621/AN6Z7V4JEeTOXm1_/postback?dt=6196211556140246740000&de=43003&ac=746345&c1=5637254&dm=728x90&cr=7515751&ai=234495&r2=420849&r3=855572544541&di=https%3A%2F%2Fthetruedefender.com%2Fdurham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails%2F&pv=70da4e0f-288f-483d-936e-0124fd410a0f&sr=39&si=402008&r1=216.131.111.0&ci=619621&pd=avt&ui=fe9f758b-52f2-bbfa-0000-000000000000&ap=&ti=2756101783079717862&pp=2079&sid=AN6Z7V4JEeTOXm1_&oz_sc=dcc60bce78e21e047ae58c6c&oz_df=1635573497821&oz_l=2296&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.35.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 30 Oct 2021 05:58:16 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK action
www8.smartadserver.com/track/ Frame EDB9 43 B
163 B 98ms
19ms Image
image/gif 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www8.smartadserver.com/track/action?sid=1635573496400&pid=1366485&iid=10104881&cid=0&key=viewcount&rtb=1&rtbbid=449904201728267803&rtbet=0&rtblt=637711702961266344&rtbnid=2079&rtbh=699975f9a23ba93ff13b3aa2ef5f723642af5461&ts=1635573496400
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:17 GMT
transfer-encoding: chunked
content-type: image/gif

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.35.0/619621/AN6Z7V4JEeTOXm1_/ Frame A65B 0
145 B 29ms
29ms XHR
text/plain 34.248.176.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.35.0/619621/AN6Z7V4JEeTOXm1_/postback?dt=6196211556140246740000&de=43003&ac=746345&c1=5637254&dm=728x90&cr=7515751&ai=234495&r2=420849&r3=855572544541&di=https%3A%2F%2Fthetruedefender.com%2Fdurham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails%2F&pv=70da4e0f-288f-483d-936e-0124fd410a0f&sr=39&si=402008&r1=216.131.111.0&ci=619621&pd=avt&ui=fe9f758b-52f2-bbfa-0000-000000000000&ap=&ti=2756101783079717862&pp=2079&sid=AN6Z7V4JEeTOXm1_&oz_sc=dcc60bce78e21e047ae58c6c&oz_df=1635573497993&oz_l=1169&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.35.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 30 Oct 2021 05:58:17 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
BLOB 200
OK 92487a13-bfd5-493d-8e81-aecafe416fd4
https://thetruedefender.com/ Frame A65B 795 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://thetruedefender.com/92487a13-bfd5-493d-8e81-aecafe416fd4
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0c26b08c424ce316da9e958aed0aeb6a2a67530fb92bbe08dda005227d4751a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 795

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.35.0/619621/AN6Z7V4JEeTOXm1_/ Frame A65B 0
145 B 29ms
29ms XHR
text/plain 34.248.176.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.35.0/619621/AN6Z7V4JEeTOXm1_/postback?dt=6196211556140246740000&de=43003&ac=746345&c1=5637254&dm=728x90&cr=7515751&ai=234495&r2=420849&r3=855572544541&di=https%3A%2F%2Fthetruedefender.com%2Fdurham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails%2F&pv=70da4e0f-288f-483d-936e-0124fd410a0f&sr=39&si=402008&r1=216.131.111.0&ci=619621&pd=avt&ui=fe9f758b-52f2-bbfa-0000-000000000000&ap=&ti=2756101783079717862&pp=2079&sid=AN6Z7V4JEeTOXm1_&oz_sc=dcc60bce78e21e047ae58c6c&oz_df=1635573498157&oz_l=4112&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.35.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 30 Oct 2021 05:58:17 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.35.0/619621/AN6Z7V4JEeTOXm1_/ Frame A65B 0
145 B 30ms
29ms XHR
text/plain 34.248.176.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.35.0/619621/AN6Z7V4JEeTOXm1_/postback?dt=6196211556140246740000&de=43003&ac=746345&c1=5637254&dm=728x90&cr=7515751&ai=234495&r2=420849&r3=855572544541&di=https%3A%2F%2Fthetruedefender.com%2Fdurham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails%2F&pv=70da4e0f-288f-483d-936e-0124fd410a0f&sr=39&si=402008&r1=216.131.111.0&ci=619621&pd=avt&ui=fe9f758b-52f2-bbfa-0000-000000000000&ap=&ti=2756101783079717862&pp=2079&sid=AN6Z7V4JEeTOXm1_&oz_sc=dcc60bce78e21e047ae58c6c&oz_df=1635573498320&oz_l=1217&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.35.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 30 Oct 2021 05:58:17 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 206
Partial Content vfV71S3H1YRi.mp4
seed125.bitchute.com/oACWZBJypqWf/ Frame 5F6A 3 MB
3 MB 415ms
414ms Media
video/mp4 192.187.114.18
NOCIX

General

Check archive.org

Show headers Download Go to

Full URL: https://seed125.bitchute.com/oACWZBJypqWf/vfV71S3H1YRi.mp4
Requested by: Host: www.bitchute.com
URL: https://www.bitchute.com/embed/vfV71S3H1YRi/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.187.114.18 Kansas City, United States, ASN33387 (NOCIX, US),
Reverse DNS
Software: /
Resource Hash: 7f1d08127ad5c05e11ce6e3b7be9e7f3d4f47e2a9ec0b49bf934a749b26deaf7

Request headers

Referer: https://www.bitchute.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=74481664-

Response headers

Date: Sat, 30 Oct 2021 05:58:18 GMT
Access-Control-Allow-Origin: https://www.bitchute.com
X-Cache-StatusB: HIT
Access-Control-Allow-Methods: GET,POST,OPTIONS,HEAD, GET,POST,OPTIONS,HEAD
Content-Type: video/mp4
Content-Range: bytes 74481664-77315736/77315737
Access-Control-Allow_Credentials: true, true
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Access-Control-Allow-Headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range, Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 2834073

GET
H/1.1 200
OK viewability Show response
ad20.ad-srv.net/ Frame 0938 0
150 B 42ms
17ms Script
text/html 178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad20.ad-srv.net/viewability?s=61411000026638401319921011763020&a=ffac37cb&vb=v
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=8wexqd9dxefc&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D2756101783079717862%26mt_id%3D7515751%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D39%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dd0fa617c-def9-4401-bbac-ac4b0129ed38%26mt_cid%3Dd0fa617c-def9-4401-bbac-ac4b0129ed38%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_2756101783079717862&random=2756101783079717862&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:sas&extVar[]=MM_DOM_RTB:thetruedefender.com&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&documentReferer=https%3A%2F%2Fthetruedefender.com%2Fdurham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails%2F&ancestorOrigins=https%3A%2F%2Fthetruedefender.com%2Chttps%3A%2F%2Fthetruedefender.com&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:18 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK viewability Show response
ad20.ad-srv.net/ Frame 3FCC 0
150 B 51ms
16ms Script
text/html 178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad20.ad-srv.net/viewability?s=85361200026638601649445011763020&a=2ba300ea&vb=v
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=9bda091792derQTbIfj57zqhZIENdE85NeW24OhUOoIQJooIfRoLf3ktDy6YTRPOAQh7EkcctjOtPTpqTV9SbNXYRc7U16sfY8AIibEW_MT8B_62W6vxBIycaXYUoZXm1TifNWhIO6HyxbTCw3fA4diogBm1dh4uL-TZNCqaKb3A_EZHGy0HbgIJ2z8rCGjW27uve045y-CEZRwNXR8wATNr&subid=61411000026638401319921011763020&redirectClick=https%3A%2F%2Fad20.ad-srv.net%2Fc%2Fpzfnpzvdzzelva7%3Ftprde%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:18 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 json Show response
gum.criteo.com/sid/ 361 B
639 B 56ms
17ms XHR
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthetruedefender.com%2F&domain=thetruedefender.com&cw=1&pbt=1&lsw=1

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

8b8ad675bcebb53972a7ee3cb5aa938142e42dab0615f98ca07d60b9f70fbc04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sat, 30 Oct 2021 05:58:18 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://thetruedefender.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2449
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 51ms
16ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthetruedefender.com%2F&domain=thetruedefender.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://thetruedefender.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://thetruedefender.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1542
date: Sat, 30 Oct 2021 05:58:18 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 apacdex Show response
sync.quantumdex.io/usersync/ Frame 77E2 3 KB
929 B 149ms
140ms Document
text/html 104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/apacdex
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66e9f376aa2ad8f4778019c707aae34f2a777f1fce4ad5f12e1318848be09992

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
content-type: text/html
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a6269434a8c21b1-DUS
content-encoding: gzip

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 2EAF 2 KB
823 B 9ms
8ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1635573496177

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame E79C 442 B
439 B 32ms
31ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

server: nginx
date: Sat, 30 Oct 2021 05:58:19 GMT
content-type: text/html; charset=utf-8
content-length: 306
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
accept-ch-lifetime: 604800
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization, origin, x-requested-with, cookie, content-type, accept-ch
access-control-allow-methods: POST, GET
access-control-allow-origin
content-encoding: gzip
last-modified: Tue, 26 Oct 2021 10:14:07 GMT
vary: Accept-Encoding

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame 166B 1 KB
703 B 35ms
26ms Document
text/html 104.22.54.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.54.206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a6269435dbf2157-DUS
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 5789 2 KB
823 B 8ms
8ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1635573496216

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 0F05 52 KB
17 KB 38ms
7ms Document
text/html 2.21.141.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.148 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-148.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Content-Type: text/html
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Sun, 31 Oct 2021 05:58:21 GMT
Date: Sat, 30 Oct 2021 05:58:19 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame 5B27 442 B
348 B 32ms
32ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

server: nginx
date: Sat, 30 Oct 2021 05:58:19 GMT
content-type: text/html; charset=utf-8
content-length: 306
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
accept-ch-lifetime: 604800
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization, origin, x-requested-with, cookie, content-type, accept-ch
access-control-allow-methods: POST, GET
access-control-allow-origin
content-encoding: gzip
last-modified: Tue, 26 Oct 2021 10:14:07 GMT
vary: Accept-Encoding

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame F9D0 1 KB
749 B 29ms
25ms Document
text/html 104.22.54.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.54.206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a6269435dbe2157-DUS
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame 767A 657 B
836 B 64ms
61ms Document
text/html 188.42.29.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 35aa859d36b5578d9b4dbe944f3580130c697667375af2155413e9198f8e006c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 657

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 0CE1 52 KB
17 KB 34ms
8ms Document
text/html 2.21.141.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.148 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-148.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Content-Type: text/html
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Sun, 31 Oct 2021 05:58:21 GMT
Date: Sat, 30 Oct 2021 05:58:19 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 9702 2 KB
823 B 10ms
8ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1635573496177

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 apacdex Show response
sync.quantumdex.io/usersync/ Frame 0E7A 3 KB
802 B 138ms
136ms Document
text/html 104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/apacdex
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a96f53be44ff674c0a4e7a67a951c65c951f2d021dc3b1e3335a9237e69b435

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
content-type: text/html
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a6269435a9221b1-DUS
content-encoding: gzip

GET
H2 200 apacdex Show response
sync.quantumdex.io/usersync/ Frame 57CA 3 KB
806 B 262ms
262ms Document
text/html 104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/apacdex
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d8eef5d9f7aea9967704b5c13d80b77d10109ef1fd83ce11c1051139acbd84

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
content-type: text/html
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a6269435a9321b1-DUS
content-encoding: gzip

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame 41A4 0
159 B 59ms
59ms Document
text/html 188.42.29.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame DDBD 52 KB
17 KB 28ms
7ms Document
text/html 2.21.141.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.148 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-148.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Content-Type: text/html
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Sun, 31 Oct 2021 05:58:21 GMT
Date: Sat, 30 Oct 2021 05:58:19 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame 52AD 442 B
348 B 32ms
32ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

server: nginx
date: Sat, 30 Oct 2021 05:58:19 GMT
content-type: text/html; charset=utf-8
content-length: 306
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
accept-ch-lifetime: 604800
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization, origin, x-requested-with, cookie, content-type, accept-ch
access-control-allow-methods: POST, GET
access-control-allow-origin
content-encoding: gzip
last-modified: Tue, 26 Oct 2021 10:14:07 GMT
vary: Accept-Encoding

GET
H2 200 apacdex Show response
sync.quantumdex.io/usersync/ Frame DFE6 3 KB
801 B 138ms
138ms Document
text/html 104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/apacdex
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e2424819af4991f5e72ef934fd78ac18fc5d0a2492a99d1b94b6f33d6270553

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
content-type: text/html
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a6269435a9f21b1-DUS
content-encoding: gzip

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame A100 1 KB
703 B 26ms
26ms Document
text/html 104.22.54.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.54.206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a6269435dc72157-DUS
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame 4C2D 0
159 B 59ms
59ms Document
text/html 188.42.29.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 apacdex Show response
sync.quantumdex.io/usersync/ Frame F161 3 KB
805 B 137ms
134ms Document
text/html 104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/apacdex
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a8be7b6ac10ce15edad2a069ddfbb381be13ea8b4e8a8bad9654149bf942d94

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
content-type: text/html
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a6269436aa421b1-DUS
content-encoding: gzip

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame AC87 1 KB
703 B 29ms
26ms Document
text/html 104.22.54.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.54.206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a6269436dcf2157-DUS
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame F701 52 KB
17 KB 23ms
8ms Document
text/html 2.21.141.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.148 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-148.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Content-Type: text/html
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Sun, 31 Oct 2021 05:58:21 GMT
Date: Sat, 30 Oct 2021 05:58:19 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 35AD 52 KB
17 KB 23ms
8ms Document
text/html 2.21.141.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.148 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-148.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Content-Type: text/html
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Sun, 31 Oct 2021 05:58:21 GMT
Date: Sat, 30 Oct 2021 05:58:19 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame BFE6 1 KB
712 B 24ms
24ms Document
text/html 104.22.54.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.54.206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a6269436dd02157-DUS
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame 4BE7 442 B
348 B 32ms
31ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

server: nginx
date: Sat, 30 Oct 2021 05:58:19 GMT
content-type: text/html; charset=utf-8
content-length: 306
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
accept-ch-lifetime: 604800
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization, origin, x-requested-with, cookie, content-type, accept-ch
access-control-allow-methods: POST, GET
access-control-allow-origin
content-encoding: gzip
last-modified: Tue, 26 Oct 2021 10:14:07 GMT
vary: Accept-Encoding

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame D449 0
159 B 60ms
60ms Document
text/html 188.42.29.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame B42B 0
159 B 64ms
64ms Document
text/html 188.42.29.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame D8CB 442 B
348 B 32ms
31ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

server: nginx
date: Sat, 30 Oct 2021 05:58:19 GMT
content-type: text/html; charset=utf-8
content-length: 306
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
accept-ch-lifetime: 604800
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization, origin, x-requested-with, cookie, content-type, accept-ch
access-control-allow-methods: POST, GET
access-control-allow-origin
content-encoding: gzip
last-modified: Tue, 26 Oct 2021 10:14:07 GMT
vary: Accept-Encoding

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7024734688416168083&gdpr=0&gdpr_consent=

43 B
408 B

125ms
16ms

Image
image/gif

185.86.138.142
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7024734688416168083&gdpr=0&gdpr_consent=
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: HTTP/1.1
Server: 185.86.138.142 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:18 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location: https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7024734688416168083&gdpr=0&gdpr_consent=
Date: Sat, 30 Oct 2021 05:58:19 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=7581706081706848258&gdpr=0&gdpr_consent=

43 B
408 B

150ms
16ms

Image
image/gif

185.86.138.142
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=7581706081706848258&gdpr=0&gdpr_consent=
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: HTTP/1.1
Server: 185.86.138.142 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:18 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
X-Proxy-Origin: 216.131.111.21; 216.131.111.21; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 0feeac0f-6dab-4f62-bb55-623b0fe9c450
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=7581706081706848258&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=smartadserver&ssp_user_id=9c9c2e49-33c4-46be-bb00-a6d9fd376ff3
https://x.bidswitch.net/sync?dsp_id=74&&user_id=171316728&expires=5&ssp=smartadserver
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=9c9c2e49-33c4-46be-bb00-a6d9fd376ff3&gdpr=&gdpr_consent=

43 B
448 B

17ms
16ms

Image
image/gif

185.86.138.142
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=9c9c2e49-33c4-46be-bb00-a6d9fd376ff3&gdpr=&gdpr_consent=
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: HTTP/1.1
Server: 185.86.138.142 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:19 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location: //rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=9c9c2e49-33c4-46be-bb00-a6d9fd376ff3&gdpr=&gdpr_consent=
Date: Sat, 30 Oct 2021 05:58:19 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 204 /
onetag-sys.com/usync/ 0
52 B 11ms
8ms Image
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://ad.turn.com/r/cs?pid=33&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D32%26partneruserid%3D%23USER_ID%23%26gdpr%3D%23GDPR_APPLICABLE%23%26gdpr_consent%...
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=3386979819021929186&gdpr=0&gdpr_consent=

43 B
408 B

76ms
17ms

Image
image/gif

185.86.138.142
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=3386979819021929186&gdpr=0&gdpr_consent=
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: HTTP/1.1
Server: 185.86.138.142 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:19 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=32&partneruserid=3386979819021929186&gdpr=0&gdpr_consent=
pragma: no-cache
date: Sat, 30 Oct 2021 05:58:18 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=9849d599-7672-4cdb-911d-30d0a8b48f32&gdpr=0&gdpr_consent=

43 B
425 B

125ms
17ms

Image
image/gif

185.86.138.142
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=9849d599-7672-4cdb-911d-30d0a8b48f32&gdpr=0&gdpr_consent=
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: HTTP/1.1
Server: 185.86.138.142 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:19 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:19 GMT
server: Kestrel
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=9849d599-7672-4cdb-911d-30d0a8b48f32&gdpr=0&gdpr_consent=
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1886641
content-length: 0
expires: Sat, 30 Oct 2021 00:00:00 GMT

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib/ Frame E79C 103 KB
27 KB 260ms
50ms Script
application/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wifi32.ras.wp.pl
Software: nginx /
Resource Hash: af835718d2bbc006f11104cbd1258b00c59804cbcfda40488707a58c672b2e94

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
content-encoding: br
last-modified: Wed, 27 Oct 2021 14:07:23 GMT
server: nginx
etag: W/"962d07016767b8ecfd9e5a6f757b7c4f"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, stale-while-revalidate=86400
x-rgw-object-type: Normal
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib/ Frame 5B27 103 KB
27 KB 255ms
50ms Script
application/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wifi32.ras.wp.pl
Software: nginx /
Resource Hash: af835718d2bbc006f11104cbd1258b00c59804cbcfda40488707a58c672b2e94

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
content-encoding: br
last-modified: Wed, 27 Oct 2021 14:07:23 GMT
server: nginx
etag: W/"962d07016767b8ecfd9e5a6f757b7c4f"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, stale-while-revalidate=86400
x-rgw-object-type: Normal
timing-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame DDBD 0
578 B 6ms
6ms Script
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
X-Proxy-Origin: 216.131.111.21; 216.131.111.21; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 2291a8f0-0026-4d8b-a9cc-5668aa894717
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0F05 0
578 B 14ms
14ms Script
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
X-Proxy-Origin: 216.131.111.21; 216.131.111.21; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 2f49b269-5fbc-4697-a155-273df25e931a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame 767A
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=9c9c2e49-33c4-46be-bb00-a6d9fd376ff3
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=9c9c2e49-33c4-46be-bb00-a6d9fd376ff3
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=651ccceb-894b-4ac7-a232-95287507d24b&user_group=1&ssp=between&bsw_param=9c9c2e49-33c4-46be-bb00-a6d9fd376ff3
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=9c9c2e49-33c4-46be-bb00-a6d9fd376ff3

68 B
607 B

59ms
58ms

Image
image/png

188.42.29.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=9c9c2e49-33c4-46be-bb00-a6d9fd376ff3
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 188.42.29.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=9c9c2e49-33c4-46be-bb00-a6d9fd376ff3
Date: Sat, 30 Oct 2021 05:58:19 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
ads.betweendigital.com/ Frame 767A
Redirect Chain

https://px.adhigh.net/p/cm/btw
https://px.adhigh.net/p/cm/btw?bounced=1
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=u6YlKYse1sJL.AikABlF8z8cHJQ

68 B
607 B

58ms
55ms

Image
image/png

188.42.29.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=u6YlKYse1sJL.AikABlF8z8cHJQ
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 188.42.29.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:19 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f4-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=u6YlKYse1sJL.AikABlF8z8cHJQ
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame 767A
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=00f11824b2f43c58da75d87e

68 B
607 B

59ms
59ms

Image
image/png

188.42.29.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=114&external_user_id=00f11824b2f43c58da75d87e
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 188.42.29.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Date: Sat, 30 Oct 2021 05:58:19 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ads.betweendigital.com/match?bidder_id=114&external_user_id=00f11824b2f43c58da75d87e
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2

200

match
ads.betweendigital.com/ Frame 767A
Redirect Chain

https://sync.bumlam.com/?src=bw1&uid=05273810-3907-512f-8ea2-2fa6efdef15e
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABj7vfOLBlIFvp7KygpiJDA1MjczODEwLTM5MDctNTEyZi04ZWEyLTJmYTZlZmRlZjE1ZQ**
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARj7vfOLBlIFvp7KygpiJDA1MjczODEwLTM5MDctNTEyZi04ZWEyLTJmYTZlZmRlZjE1ZaIBEGIE4oA5RhHspukAJZDIJDc*
https://sync.bumlam.com/?src=bw1&s_data=CAIQABj7vfOLBmIkMDUyNzM4MTAtMzkwNy01MTJmLThlYTItMmZhNmVmZGVmMTVlogEQYgTigDlGEeym6QAlkMgkNw**
https://sync.bumlam.com/?src=bw1&s_data=CAIQARj7vfOLBmIkMDUyNzM4MTAtMzkwNy01MTJmLThlYTItMmZhNmVmZGVmMTVlogEQYgTigDlGEeym6QAlkMgkNw**
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=6204e280-3946-11ec-a6e9-002590c82437

68 B
607 B

57ms
56ms

Image
image/png

188.42.29.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=18&external_user_id=6204e280-3946-11ec-a6e9-002590c82437
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 188.42.29.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Date: Sat, 30 Oct 2021 05:58:19 GMT
Server: nginx
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://ads.betweendigital.com/match?bidder_id=18&external_user_id=6204e280-3946-11ec-a6e9-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0CE1 0
578 B 12ms
12ms Script
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
X-Proxy-Origin: 216.131.111.21; 216.131.111.21; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 345610c7-fd87-4ae2-ba06-56bc428e3172
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 35AD 0
578 B 8ms
7ms Script
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
X-Proxy-Origin: 216.131.111.21; 216.131.111.21; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 510666da-6f79-4013-bd02-d5e57df07018
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F701 0
578 B 8ms
8ms Script
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
X-Proxy-Origin: 216.131.111.21; 216.131.111.21; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 0e7037c3-f1ff-4f5e-a95d-c411816ec441
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib/ Frame 52AD 103 KB
27 KB 240ms
50ms Script
application/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wifi32.ras.wp.pl
Software: nginx /
Resource Hash: af835718d2bbc006f11104cbd1258b00c59804cbcfda40488707a58c672b2e94

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
content-encoding: br
last-modified: Wed, 27 Oct 2021 14:07:23 GMT
server: nginx
etag: W/"962d07016767b8ecfd9e5a6f757b7c4f"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, stale-while-revalidate=86400
x-rgw-object-type: Normal
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib/ Frame 4BE7 103 KB
27 KB 238ms
50ms Script
application/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wifi32.ras.wp.pl
Software: nginx /
Resource Hash: af835718d2bbc006f11104cbd1258b00c59804cbcfda40488707a58c672b2e94

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
content-encoding: br
last-modified: Wed, 27 Oct 2021 14:07:23 GMT
server: nginx
etag: W/"962d07016767b8ecfd9e5a6f757b7c4f"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, stale-while-revalidate=86400
x-rgw-object-type: Normal
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib/ Frame D8CB 103 KB
27 KB 238ms
50ms Script
application/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 Gdańsk, Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wifi32.ras.wp.pl
Software: nginx /
Resource Hash: af835718d2bbc006f11104cbd1258b00c59804cbcfda40488707a58c672b2e94

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
content-encoding: br
last-modified: Wed, 27 Oct 2021 14:07:23 GMT
server: nginx
etag: W/"962d07016767b8ecfd9e5a6f757b7c4f"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, stale-while-revalidate=86400
x-rgw-object-type: Normal
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 bidder_18.html Show response
cache.betweendigital.com/code/ Frame 3B72 4 KB
1 KB 108ms
18ms Document
text/html 151.236.71.146
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=05273810-3907-512f-8ea2-2fa6efdef15e&CACHEBUSTER=71237
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.146 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.betweendigital.com/

Response headers

server: nginx
date: Sat, 30 Oct 2021 05:58:19 GMT
content-type: text/html
last-modified: Tue, 08 Jun 2021 15:45:03 GMT
etag: W/"60bf907f-ee9"
content-encoding: gzip

GET
H2 204 1
sync-eu.connectad.io/syncer/ Frame 53B7 0
0 32ms
24ms Document
text/plain 104.22.54.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-eu.connectad.io/syncer/1
Requested by: Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.54.206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.connectad.io/

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cache-control: no-cache, private
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a6269447eea2157-DUS

GET
H2

200

setuid
sync.quantumdex.io/ Frame 77E2
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-7KF9w1FE2uFvl1GEgrteLiVcxcFcBPIdghO3XYY-~A

43 B
95 B

141ms
138ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-7KF9w1FE2uFvl1GEgrteLiVcxcFcBPIdghO3XYY-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a6269451bf621b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Sat, 30 Oct 2021 05:58:19 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-7KF9w1FE2uFvl1GEgrteLiVcxcFcBPIdghO3XYY-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 77E2
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7581706081706848258

43 B
106 B

136ms
133ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7581706081706848258
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a6269449b9a21b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
X-Proxy-Origin: 216.131.111.21; 216.131.111.21; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 10cd06c0-cc4f-4419-9feb-1811036a05a3
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7581706081706848258
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 77E2
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=8ae8c595-5c8a-46a9-b906-96a45361c0f0

43 B
95 B

135ms
134ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=8ae8c595-5c8a-46a9-b906-96a45361c0f0
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a626945dcac21b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=8ae8c595-5c8a-46a9-b906-96a45361c0f0
date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a6269449b9621b1-DUS
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 77E2 0
474 B 93ms
17ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 77E2
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP621e0066-3946-11ec-a15c-06bbc839886a
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP621e0066-3946-11ec-a15c-06bbc839886a

43 B
95 B

143ms
142ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP621e0066-3946-11ec-a15c-06bbc839886a
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a6269462cf621b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Sat, 30 Oct 2021 05:58:19 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP621e0066-3946-11ec-a15c-06bbc839886a
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 77E2
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7581706081706848258

43 B
95 B

140ms
138ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7581706081706848258
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a6269449b9d21b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
X-Proxy-Origin: 216.131.111.21; 216.131.111.21; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 62c80f0d-5db2-4bc5-96b1-a78d8a0ef970
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7581706081706848258
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 77E2
Redirect Chain

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=052c04cc-c9a2-4dee-9b97-c08ab894e4a7

43 B
95 B

142ms
141ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=052c04cc-c9a2-4dee-9b97-c08ab894e4a7
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a626944ebd821b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=052c04cc-c9a2-4dee-9b97-c08ab894e4a7
date: Sat, 30 Oct 2021 05:58:19 GMT
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 77E2
Redirect Chain

https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8062024603
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8062024603
https://sync.1rx.io/usersync/tradedesk/c0b79904-fedc-4723-9ff4-f9e478218089
https://sync.targeting.unrulymedia.com/csync/RX-9d6a8df4-d643-4ab5-a7d1-4700038f2d1a-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-9d6a8df4-d643-4ab5-a7d1-4700038...
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-9d6a8df4-d643-4ab5-a7d1-4700038f2d1a-003

43 B
95 B

137ms
133ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-9d6a8df4-d643-4ab5-a7d1-4700038f2d1a-003
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a6269467d3621b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-9d6a8df4-d643-4ab5-a7d1-4700038f2d1a-003
date: Sat, 30 Oct 2021 05:58:19 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX9d6a8df4d6434ab5a7d14700038f2d1a003
content-type: text/html

GET
H2

200

setuid
sync.quantumdex.io/ Frame 77E2
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=2d3f95075ce6aafc9bf18845

43 B
95 B

135ms
135ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=2d3f95075ce6aafc9bf18845
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a626945dcaf21b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Sat, 30 Oct 2021 05:58:19 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=2d3f95075ce6aafc9bf18845
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H/1.1

200

1.gif
id5-sync.com/c/495/0/0/ Frame 77E2
Redirect Chain

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

43 B
1 KB

13ms
12ms

Image
image/gif

51.89.42.86
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Server

51.89.42.86 , Germany, ASN16276 (OVH, FR),

Reverse DNS

p26.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:08 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

Location: https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date: Sat, 30 Oct 2021 05:58:08 GMT
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H2

200

setuid
sync.quantumdex.io/ Frame 77E2
Redirect Chain

https://cs.lkqd.net/cs?partnerId=758&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dlkqd-desktop%26uid%3D%24%24userId%24%24
https://sync.quantumdex.io/setuid?bidder=lkqd-desktop&uid=ejUYM_nRIxs

43 B
95 B

143ms
142ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=lkqd-desktop&uid=ejUYM_nRIxs
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a6269465d1e21b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

date: Sat, 30 Oct 2021 05:58:19 GMT
server: nginx
location: https://sync.quantumdex.io/setuid?bidder=lkqd-desktop&uid=ejUYM_nRIxs
access-control-max-age: 0
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 0E7A
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=ea4baf77-3061-41c3-8adb-1ff961365ef5

43 B
95 B

138ms
137ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=ea4baf77-3061-41c3-8adb-1ff961365ef5
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a626945dcab21b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=ea4baf77-3061-41c3-8adb-1ff961365ef5
date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a6269449b9521b1-DUS
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 0E7A 0
474 B 88ms
17ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 0E7A
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7581706081706848258

43 B
95 B

136ms
134ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7581706081706848258
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a6269449b9e21b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
X-Proxy-Origin: 216.131.111.21; 216.131.111.21; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 6afa1ccf-82e9-4607-8e09-061df6a50fb8
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7581706081706848258
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 0E7A
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP621e0066-3946-11ec-a15c-06bbc839886a
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP621e0066-3946-11ec-a15c-06bbc839886a

43 B
95 B

142ms
142ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP621e0066-3946-11ec-a15c-06bbc839886a
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a6269463d0421b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Sat, 30 Oct 2021 05:58:19 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP621e0066-3946-11ec-a15c-06bbc839886a
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 0E7A
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7581706081706848258

43 B
95 B

148ms
148ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7581706081706848258
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a626944ebd621b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
X-Proxy-Origin: 216.131.111.21; 216.131.111.21; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 313215c2-68ba-4393-87af-4e4fe8e55942
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7581706081706848258
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 0E7A
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-7KF9w1FE2uFvl1GEgrteLiVcxcFcBPIdghO3XYY-~A

43 B
95 B

143ms
137ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-7KF9w1FE2uFvl1GEgrteLiVcxcFcBPIdghO3XYY-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a6269451bf421b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Sat, 30 Oct 2021 05:58:19 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-7KF9w1FE2uFvl1GEgrteLiVcxcFcBPIdghO3XYY-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 0E7A
Redirect Chain

https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8718208411
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8718208411
https://sync.1rx.io/usersync/tradedesk/c0b79904-fedc-4723-9ff4-f9e478218089
https://sync.targeting.unrulymedia.com/csync/RX-9d6a8df4-d643-4ab5-a7d1-4700038f2d1a-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-9d6a8df4-d643-4ab5-a7d1-4700038...
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-9d6a8df4-d643-4ab5-a7d1-4700038f2d1a-003

43 B
95 B

137ms
134ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-9d6a8df4-d643-4ab5-a7d1-4700038f2d1a-003
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a6269467d3721b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-9d6a8df4-d643-4ab5-a7d1-4700038f2d1a-003
date: Sat, 30 Oct 2021 05:58:19 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX9d6a8df4d6434ab5a7d14700038f2d1a003
content-type: text/html

GET
H2

200

setuid
sync.quantumdex.io/ Frame 0E7A
Redirect Chain

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=47eb33e6-fd92-4bb1-9223-f0023ad4cfdd

43 B
95 B

148ms
148ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=47eb33e6-fd92-4bb1-9223-f0023ad4cfdd
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a626944ebd721b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=47eb33e6-fd92-4bb1-9223-f0023ad4cfdd
date: Sat, 30 Oct 2021 05:58:19 GMT
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 0E7A
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=2d3f95075ce6aafc9bf18845

43 B
95 B

268ms
262ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=2d3f95075ce6aafc9bf18845
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a626945ecc021b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Sat, 30 Oct 2021 05:58:19 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=2d3f95075ce6aafc9bf18845
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2

200

setuid
sync.quantumdex.io/ Frame 0E7A
Redirect Chain

https://cs.lkqd.net/cs?partnerId=758&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dlkqd-desktop%26uid%3D%24%24userId%24%24
https://sync.quantumdex.io/setuid?bidder=lkqd-desktop&uid=elfoaO2L0u8

43 B
95 B

136ms
135ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=lkqd-desktop&uid=elfoaO2L0u8
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a6269465d1d21b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

date: Sat, 30 Oct 2021 05:58:19 GMT
server: nginx
location: https://sync.quantumdex.io/setuid?bidder=lkqd-desktop&uid=elfoaO2L0u8
access-control-max-age: 0
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

GET
H/1.1 200 0.gif
id5-sync.com/i/495/ Frame 0E7A 43 B
1 KB 12ms
8ms Image
image/gif 51.89.42.86
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.42.86 , Germany, ASN16276 (OVH, FR),

Reverse DNS

p26.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:08 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H2

200

setuid
sync.quantumdex.io/ Frame DFE6
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=2d3f95075ce6aafc9bf18845

43 B
118 B

141ms
133ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=2d3f95075ce6aafc9bf18845
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a626945ecbe21b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Sat, 30 Oct 2021 05:58:19 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=2d3f95075ce6aafc9bf18845
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H/1.1

200

1.gif
id5-sync.com/c/495/0/0/ Frame DFE6
Redirect Chain

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

43 B
1 KB

12ms
11ms

Image
image/gif

51.89.42.86
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Server

51.89.42.86 , Germany, ASN16276 (OVH, FR),

Reverse DNS

p26.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:08 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

Location: https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date: Sat, 30 Oct 2021 05:58:08 GMT
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H2

200

setuid
sync.quantumdex.io/ Frame DFE6
Redirect Chain

https://cs.lkqd.net/cs?partnerId=758&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dlkqd-desktop%26uid%3D%24%24userId%24%24
https://sync.quantumdex.io/setuid?bidder=lkqd-desktop&uid=eejpOywuwvM

43 B
95 B

136ms
135ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=lkqd-desktop&uid=eejpOywuwvM
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a6269465d2021b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

date: Sat, 30 Oct 2021 05:58:19 GMT
server: nginx
location: https://sync.quantumdex.io/setuid?bidder=lkqd-desktop&uid=eejpOywuwvM
access-control-max-age: 0
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame DFE6
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7581706081706848258

43 B
95 B

137ms
134ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7581706081706848258
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a626944cbaf21b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
X-Proxy-Origin: 216.131.111.21; 216.131.111.21; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 159e594a-add7-426c-b3e5-d1ea613268db
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7581706081706848258
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame DFE6
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-7KF9w1FE2uFvl1GEgrteLiVcxcFcBPIdghO3XYY-~A

43 B
95 B

141ms
138ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-7KF9w1FE2uFvl1GEgrteLiVcxcFcBPIdghO3XYY-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a6269451bf521b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Sat, 30 Oct 2021 05:58:19 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-7KF9w1FE2uFvl1GEgrteLiVcxcFcBPIdghO3XYY-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame DFE6
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=dd25c8ad-1cae-4fca-a5bc-80eb6bd175c8

43 B
95 B

258ms
258ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=dd25c8ad-1cae-4fca-a5bc-80eb6bd175c8
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a6269457c4721b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=dd25c8ad-1cae-4fca-a5bc-80eb6bd175c8
date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a6269449b9821b1-DUS
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame DFE6 0
478 B 97ms
17ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame DFE6
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP621e0066-3946-11ec-a15c-06bbc839886a
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP621e0066-3946-11ec-a15c-06bbc839886a

43 B
95 B

142ms
142ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP621e0066-3946-11ec-a15c-06bbc839886a
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a6269462cf921b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Sat, 30 Oct 2021 05:58:19 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP621e0066-3946-11ec-a15c-06bbc839886a
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame DFE6
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7581706081706848258

43 B
95 B

137ms
134ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7581706081706848258
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a626944cbad21b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
X-Proxy-Origin: 216.131.111.21; 216.131.111.21; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 5d93b3b4-45ca-4253-a275-cfc7f6c293ba
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7581706081706848258
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame DFE6
Redirect Chain

https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1954166093
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1954166093
https://sync.1rx.io/usersync/tradedesk/45522983-0872-4887-9a8c-ea2d4f2986f4
https://sync.targeting.unrulymedia.com/csync/RX-9d6a8df4-d643-4ab5-a7d1-4700038f2d1a-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-9d6a8df4-d643-4ab5-a7d1-4700038...
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-9d6a8df4-d643-4ab5-a7d1-4700038f2d1a-003

43 B
95 B

144ms
141ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-9d6a8df4-d643-4ab5-a7d1-4700038f2d1a-003
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a6269467d3821b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-9d6a8df4-d643-4ab5-a7d1-4700038f2d1a-003
date: Sat, 30 Oct 2021 05:58:19 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX9d6a8df4d6434ab5a7d14700038f2d1a003
content-type: text/html

GET
H2

200

setuid
sync.quantumdex.io/ Frame DFE6
Redirect Chain

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=052c04cc-c9a2-4dee-9b97-c08ab894e4a7

43 B
193 B

140ms
140ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=052c04cc-c9a2-4dee-9b97-c08ab894e4a7
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a6269451bf721b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=052c04cc-c9a2-4dee-9b97-c08ab894e4a7
date: Sat, 30 Oct 2021 05:58:19 GMT
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame F161
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7581706081706848258

43 B
95 B

137ms
134ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7581706081706848258
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a6269449b9c21b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
X-Proxy-Origin: 216.131.111.21; 216.131.111.21; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 42addce2-b617-4c18-bc3b-2d9ab193ca0a
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7581706081706848258
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame F161
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=2d3f95075ce6aafc9bf18845

43 B
95 B

143ms
136ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=2d3f95075ce6aafc9bf18845
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a626945ecbf21b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Sat, 30 Oct 2021 05:58:19 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=2d3f95075ce6aafc9bf18845
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H/1.1

200

1.gif
id5-sync.com/c/495/0/0/ Frame F161
Redirect Chain

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

43 B
1 KB

12ms
11ms

Image
image/gif

51.89.42.86
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Server

51.89.42.86 , Germany, ASN16276 (OVH, FR),

Reverse DNS

p26.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:08 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

Location: https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date: Sat, 30 Oct 2021 05:58:08 GMT
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H2

200

setuid
sync.quantumdex.io/ Frame F161
Redirect Chain

https://cs.lkqd.net/cs?partnerId=758&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dlkqd-desktop%26uid%3D%24%24userId%24%24
https://sync.quantumdex.io/setuid?bidder=lkqd-desktop&uid=edUvPTL6Oi0

43 B
95 B

256ms
255ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=lkqd-desktop&uid=edUvPTL6Oi0
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a6269465d2121b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

date: Sat, 30 Oct 2021 05:58:19 GMT
server: nginx
location: https://sync.quantumdex.io/setuid?bidder=lkqd-desktop&uid=edUvPTL6Oi0
access-control-max-age: 0
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame F161
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-7KF9w1FE2uFvl1GEgrteLiVcxcFcBPIdghO3XYY-~A

43 B
95 B

135ms
135ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-7KF9w1FE2uFvl1GEgrteLiVcxcFcBPIdghO3XYY-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a6269450bee21b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Sat, 30 Oct 2021 05:58:19 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-7KF9w1FE2uFvl1GEgrteLiVcxcFcBPIdghO3XYY-~A
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame F161 0
474 B 96ms
17ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame F161
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=26d06a2b-bd05-4e9a-805e-b05dafc6cdb9

43 B
95 B

142ms
142ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=26d06a2b-bd05-4e9a-805e-b05dafc6cdb9
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a6269456c3a21b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=26d06a2b-bd05-4e9a-805e-b05dafc6cdb9
date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a6269449b9921b1-DUS
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H2

200

setuid
sync.quantumdex.io/ Frame F161
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP621e0066-3946-11ec-a15c-06bbc839886a
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP621e0066-3946-11ec-a15c-06bbc839886a

43 B
95 B

140ms
137ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP621e0066-3946-11ec-a15c-06bbc839886a
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a6269462cf321b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Sat, 30 Oct 2021 05:58:19 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP621e0066-3946-11ec-a15c-06bbc839886a
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame F161
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7581706081706848258

43 B
95 B

136ms
134ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7581706081706848258
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a626944cbb021b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
X-Proxy-Origin: 216.131.111.21; 216.131.111.21; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 17843427-e2cc-4595-9abf-2b0d151ffd39
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7581706081706848258
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame F161
Redirect Chain

https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7668164328
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7668164328
https://sync.1rx.io/usersync/tradedesk/c0b79904-fedc-4723-9ff4-f9e478218089
https://sync.targeting.unrulymedia.com/csync/RX-9d6a8df4-d643-4ab5-a7d1-4700038f2d1a-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-9d6a8df4-d643-4ab5-a7d1-4700038...
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-9d6a8df4-d643-4ab5-a7d1-4700038f2d1a-003

43 B
95 B

141ms
137ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-9d6a8df4-d643-4ab5-a7d1-4700038f2d1a-003
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a6269467d3421b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-9d6a8df4-d643-4ab5-a7d1-4700038f2d1a-003
date: Sat, 30 Oct 2021 05:58:19 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX9d6a8df4d6434ab5a7d14700038f2d1a003
content-type: text/html

GET
H2

200

setuid
sync.quantumdex.io/ Frame F161
Redirect Chain

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=052c04cc-c9a2-4dee-9b97-c08ab894e4a7

43 B
95 B

137ms
136ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=052c04cc-c9a2-4dee-9b97-c08ab894e4a7
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a6269451bf921b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=052c04cc-c9a2-4dee-9b97-c08ab894e4a7
date: Sat, 30 Oct 2021 05:58:19 GMT
content-length: 0

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 7B65
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
3 KB

23ms
23ms

Document
text/html

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.232 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ea72b284ee7c38f77c57b3ee1b1420822c26ee4c23558f948d79444932ae5fba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 39|45|241|230|5|191|88|196
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1653
Expires: Sat, 30 Oct 2021 05:58:19 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Sat, 30 Oct 2021 05:58:19 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
Connection: keep-alive

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 8D50 14 KB
5 KB 43ms
8ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=94410
expires: Sun, 31 Oct 2021 08:11:49 GMT
date: Sat, 30 Oct 2021 05:58:19 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK uc.html Show response
sync.go.sonobi.com/ Frame 21C4 43 B
555 B 79ms
22ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

Date: Sat, 30 Oct 2021 05:58:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame B8F4 2 KB
823 B 12ms
6ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK uc.html Show response
sync.go.sonobi.com/ Frame 7CEF 43 B
551 B 78ms
23ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

Date: Sat, 30 Oct 2021 05:58:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 5A9C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
3 KB

28ms
27ms

Document
text/html

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.232 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: fa2019873a47ce5e21de086ac4fd68c0be73a95bf2e66735e9b990543e784a3e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 45|39|230|241|206|51|196|41
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1611
Expires: Sat, 30 Oct 2021 05:58:19 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Sat, 30 Oct 2021 05:58:19 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
Connection: keep-alive

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame BCBA 2 KB
823 B 11ms
7ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 6A1B 14 KB
5 KB 36ms
9ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=94410
expires: Sun, 31 Oct 2021 08:11:49 GMT
date: Sat, 30 Oct 2021 05:58:19 GMT
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 57BC 14 KB
5 KB 48ms
22ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=94410
expires: Sun, 31 Oct 2021 08:11:49 GMT
date: Sat, 30 Oct 2021 05:58:19 GMT
vary: Accept-Encoding

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame A821
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
3 KB

24ms
23ms

Document
text/html

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.232 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 10db2d6ad43e6e90e5333bb8b73c88cb316b924441290cc7d4e72268c8f21c54

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 230|241|45|39|111|190|88|47
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1772
Expires: Sat, 30 Oct 2021 05:58:19 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Sat, 30 Oct 2021 05:58:19 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
Connection: keep-alive

GET
H/1.1 200
OK uc.html Show response
sync.go.sonobi.com/ Frame 4F05 43 B
555 B 72ms
22ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

Date: Sat, 30 Oct 2021 05:58:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 525D 2 KB
823 B 9ms
7ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 497D 2 KB
823 B 10ms
8ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 6B19
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

2 KB
3 KB

24ms
24ms

Document
text/html

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.232 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2e32599676b736fab8e3833b06fe2c54e0bf2697b97e2be6abf38a3654d9b2ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 39|45|241|230|90|188|51|88
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1663
Expires: Sat, 30 Oct 2021 05:58:19 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Sat, 30 Oct 2021 05:58:19 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
Connection: keep-alive

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 9855 14 KB
5 KB 45ms
22ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=94410
expires: Sun, 31 Oct 2021 08:11:49 GMT
date: Sat, 30 Oct 2021 05:58:19 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK uc.html Show response
sync.go.sonobi.com/ Frame 190B 43 B
555 B 70ms
18ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

Date: Sat, 30 Oct 2021 05:58:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 8D50 2 KB
3 KB 57ms
13ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=26740738&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: aea6e0f534caf47c1d9355b03fdd85903a0f639e19cff954ef5c37842b67f509

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:18 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

setuid
sync.quantumdex.io/ Frame 57CA
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7581706081706848258

43 B
95 B

265ms
257ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7581706081706848258
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a6269459c7421b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
X-Proxy-Origin: 216.131.111.21; 216.131.111.21; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 9f73d723-5b02-4a4a-9638-e51da464669d
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7581706081706848258
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 57CA
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=2d3f95075ce6aafc9bf18845

43 B
95 B

138ms
137ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=2d3f95075ce6aafc9bf18845
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a626945fccd21b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Sat, 30 Oct 2021 05:58:19 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=2d3f95075ce6aafc9bf18845
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H/1.1 200 0.gif
id5-sync.com/i/495/ Frame 57CA 43 B
1 KB 14ms
12ms Image
image/gif 51.89.42.86
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.42.86 , Germany, ASN16276 (OVH, FR),

Reverse DNS

p26.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:08 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H2

200

setuid
sync.quantumdex.io/ Frame 57CA
Redirect Chain

https://cs.lkqd.net/cs?partnerId=758&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dlkqd-desktop%26uid%3D%24%24userId%24%24
https://sync.quantumdex.io/setuid?bidder=lkqd-desktop&uid=efiCbDnI2Bc

43 B
95 B

146ms
145ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=lkqd-desktop&uid=efiCbDnI2Bc
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a6269465d1f21b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

date: Sat, 30 Oct 2021 05:58:19 GMT
server: nginx
location: https://sync.quantumdex.io/setuid?bidder=lkqd-desktop&uid=efiCbDnI2Bc
access-control-max-age: 0
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 57CA
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-7KF9w1FE2uFvl1GEgrteLiVcxcFcBPIdghO3XYY-~A

43 B
95 B

135ms
135ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-7KF9w1FE2uFvl1GEgrteLiVcxcFcBPIdghO3XYY-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a626945bc9021b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Sat, 30 Oct 2021 05:58:19 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-7KF9w1FE2uFvl1GEgrteLiVcxcFcBPIdghO3XYY-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 57CA
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=dd25c8ad-1cae-4fca-a5bc-80eb6bd175c8

43 B
118 B

135ms
135ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=dd25c8ad-1cae-4fca-a5bc-80eb6bd175c8
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a6269463d0b21b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=dd25c8ad-1cae-4fca-a5bc-80eb6bd175c8
date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a6269458c5f21b1-DUS
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 57CA 0
474 B 18ms
17ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 57CA
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP621e0066-3946-11ec-a15c-06bbc839886a
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP621e0066-3946-11ec-a15c-06bbc839886a

43 B
95 B

139ms
137ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP621e0066-3946-11ec-a15c-06bbc839886a
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a6269462cf421b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Sat, 30 Oct 2021 05:58:19 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP621e0066-3946-11ec-a15c-06bbc839886a
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 57CA
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7581706081706848258

43 B
95 B

262ms
260ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7581706081706848258
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a626945bc8821b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
X-Proxy-Origin: 216.131.111.21; 216.131.111.21; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 9905b2b9-4d90-4406-8d8f-9695c39be7a9
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7581706081706848258
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 57CA
Redirect Chain

https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2660743608
https://sync.1rx.io/usersync/tradedesk/c0b79904-fedc-4723-9ff4-f9e478218089
https://sync.targeting.unrulymedia.com/csync/RX-9d6a8df4-d643-4ab5-a7d1-4700038f2d1a-003?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3DRX-9d6a8df4-d643-4ab5-a7d1-4700038...
https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-9d6a8df4-d643-4ab5-a7d1-4700038f2d1a-003

43 B
106 B

270ms
261ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-9d6a8df4-d643-4ab5-a7d1-4700038f2d1a-003
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a6269467d3321b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=unruly&uid=RX-9d6a8df4-d643-4ab5-a7d1-4700038f2d1a-003
date: Sat, 30 Oct 2021 05:58:19 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX9d6a8df4d6434ab5a7d14700038f2d1a003
content-type: text/html

GET
H2

200

setuid
sync.quantumdex.io/ Frame 57CA
Redirect Chain

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=052c04cc-c9a2-4dee-9b97-c08ab894e4a7

43 B
95 B

137ms
136ms

Image
image/gif

104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=052c04cc-c9a2-4dee-9b97-c08ab894e4a7
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a626945bc8a21b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=052c04cc-c9a2-4dee-9b97-c08ab894e4a7
date: Sat, 30 Oct 2021 05:58:19 GMT
content-length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 5A9C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YXze.wIPxzqelYpfuJquhQAA
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YXze.wIPxzqelYpfuJquhQAA&google_tc=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJ2G6hLaWS5LRekIujW9UOQ&google_cver=1&gdpr=1&google_hm=2

43 B
1 KB

16ms
15ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJ2G6hLaWS5LRekIujW9UOQ&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.21.141.232 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 30 Oct 2021 05:58:19 GMT

Redirect headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJ2G6hLaWS5LRekIujW9UOQ&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 5A9C 70 B
264 B 35ms
29ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:19 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 5A9C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YXze-wIPxzqelYpfuJqugwAABHYAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YXze-wIPxzqelYpfuJqugwAABHYAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECiYxX89rGJFzkJTiRF64ys&google_cver=1

43 B
315 B

16ms
15ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECiYxX89rGJFzkJTiRF64ys&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.21.141.232 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sat, 30 Oct 2021 05:58:19 GMT

Redirect headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESECiYxX89rGJFzkJTiRF64ys&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 5A9C
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXze-wIPxzqelYpfuJqugwAABHYAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXze-wIPxzqelYpfuJqugwAABHYAAAAB&dcc=t

43 B
645 B

97ms
96ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXze-wIPxzqelYpfuJqugwAABHYAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

HTTP/1.1

Server

209.54.177.54 Osaka, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:20 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: Q2H5V4YJEAVJZFYEQSQ9
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:20 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: VGXP5AFDHX4FCQJC5FB0
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXze-wIPxzqelYpfuJqugwAABHYAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content sync
ups.analytics.yahoo.com/ups/55940/ Frame 5A9C 0
234 B 14ms
13ms Image
text/plain 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YXze-wIPxzqelYpfuJqugwAABHYAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.138 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:19 GMT
Server: ATS/7.1.2.138
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 5A9C 43 B
220 B 8ms
7ms Image
image/gif 18.157.70.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.70.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-70-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:19 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 5A9C
Redirect Chain

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

43 B
315 B

14ms
11ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.21.141.232 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sat, 30 Oct 2021 05:58:19 GMT

Redirect headers

date: Sat, 30 Oct 2021 05:58:19 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame 5A9C 43 B
408 B 116ms
25ms Image
image/gif 173.231.180.197
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-1
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H2 200 setuid
sync.quantumdex.io/ Frame 5A9C 43 B
95 B 135ms
134ms Image
image/gif 104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YXze-wIPxzqelYpfuJqugwAABHYAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a6269458c6421b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame A821
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YXze-wIPxzqelYpfuJquhQAABJQAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YXze-wIPxzqelYpfuJquhQAABJQAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEB5DgiojUslYFbIAHBUM1I0&google_cver=1

43 B
315 B

15ms
14ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEB5DgiojUslYFbIAHBUM1I0&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.21.141.232 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sat, 30 Oct 2021 05:58:19 GMT

Redirect headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEB5DgiojUslYFbIAHBUM1I0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame A821
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXze-wIPxzqelYpfuJquhQAABJQAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXze-wIPxzqelYpfuJquhQAABJQAAAAB&dcc=t

43 B
645 B

102ms
101ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXze-wIPxzqelYpfuJquhQAABJQAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

HTTP/1.1

Server

209.54.177.54 Osaka, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:20 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: CMZXY8430AXHX1RD1PM7
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:20 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: MSD24HYK6F51R4M9ZAJ2
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXze-wIPxzqelYpfuJquhQAABJQAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame A821
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YXze.wIPxzqelYpfuJquhQAA
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YXze.wIPxzqelYpfuJquhQAA&google_tc=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMwampk7HfEdyCNCIHrd0GM&google_cver=1&gdpr=1&google_hm=2

43 B
1 KB

15ms
14ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMwampk7HfEdyCNCIHrd0GM&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.21.141.232 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 30 Oct 2021 05:58:19 GMT

Redirect headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMwampk7HfEdyCNCIHrd0GM&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame A821 70 B
264 B 43ms
42ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:19 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 403 match
c1.adform.net/serving/cookie/ Frame A821 0
331 B 83ms
15ms Image
text/plain 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=29&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame A821 0
0 57ms
56ms Image
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A821
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YXze_wAAuZGL-QBG
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YXze_wAAuZGL-QBG&gdpr=1&_test=YXze_wAAuZGL-QBG

43 B
1 KB

20ms
14ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YXze_wAAuZGL-QBG&gdpr=1&_test=YXze_wAAuZGL-QBG
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.21.141.232 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 30 Oct 2021 05:58:19 GMT

Redirect headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:19 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1635573500.917057,VS0,VE0
x-served-by: cache-hhn4021-HHN
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YXze_wAAuZGL-QBG&gdpr=1&_test=YXze_wAAuZGL-QBG
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame A821
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=BmlUo01I1MGHnJ5&gdpr=1

43 B
1 KB

13ms
12ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=BmlUo01I1MGHnJ5&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.21.141.232 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 30 Oct 2021 05:58:19 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
Server: PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-0b2a0a0a5201c51fd@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=BmlUo01I1MGHnJ5&gdpr=1
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 setuid
sync.quantumdex.io/ Frame A821 43 B
95 B 136ms
134ms Image
image/gif 104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YXze-wIPxzqelYpfuJquhQAABJQAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a6269458c6a21b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 6B19 70 B
264 B 50ms
47ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:19 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 6B19
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YXze.wIPxzqelYpfuJquhQAA
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YXze.wIPxzqelYpfuJquhQAA&google_tc=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIi_eaX9ZKvjnaxblM9LwHI&google_cver=1&gdpr=1&google_hm=2

43 B
1 KB

27ms
13ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIi_eaX9ZKvjnaxblM9LwHI&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.21.141.232 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 30 Oct 2021 05:58:19 GMT

Redirect headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIi_eaX9ZKvjnaxblM9LwHI&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 6B19
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXze-wIPxzqelYpfuJquhQAABJQAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXze-wIPxzqelYpfuJquhQAABJQAAAAB&dcc=t

43 B
645 B

96ms
96ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXze-wIPxzqelYpfuJquhQAABJQAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

HTTP/1.1

Server

209.54.177.54 Osaka, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:20 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 4VN88A6HJHW2Y4X370VK
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:20 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: VKESKRTSZSJJV2VND7PK
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXze-wIPxzqelYpfuJquhQAABJQAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 6B19
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YXze-wIPxzqelYpfuJquhQAABJQAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YXze-wIPxzqelYpfuJquhQAABJQAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENJYE3y_3t3-HQdpLu2eLc8&google_cver=1

43 B
315 B

15ms
14ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENJYE3y_3t3-HQdpLu2eLc8&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.21.141.232 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sat, 30 Oct 2021 05:58:19 GMT

Redirect headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENJYE3y_3t3-HQdpLu2eLc8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

no_match_opted_out
um.simpli.fi/ Frame 6B19
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
https://um.simpli.fi/no_match_opted_out

0
272 B

16ms
11ms

Image
text/plain

159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/no_match_opted_out

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 30 Oct 2021 05:58:19 GMT
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS

Redirect headers

date: Sat, 30 Oct 2021 05:58:19 GMT
x-content-type-options: nosniff
server: openresty
location: /no_match_opted_out
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 29 Oct 2021 05:58:19 GMT

GET
H/1.1 200
OK CookieIndex
rtb.adentifi.com/ Frame 6B19 0
88 B 374ms
90ms Image
text/plain 3.222.216.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieIndex
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.222.216.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-216-135.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 6B19 43 B
220 B 17ms
7ms Image
image/gif 18.157.70.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.70.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-70-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:19 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

ZMAwryCI
sync-tm.everesttech.net/ct/upi/pid/ Frame 6B19
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YXze_wAAs8eNLgAz

85 B
161 B

8ms
5ms

Image
image/png

151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YXze_wAAs8eNLgAz
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:19 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
age: 1601
x-served-by: cache-hhn4021-HHN
x-cache: HIT
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
x-timer: S1635573500.916928,VS0,VE0
content-length: 85
x-cache-hits: 11297

Redirect headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:19 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1635573500.805251,VS0,VE92
x-served-by: cache-hhn4021-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YXze_wAAs8eNLgAz
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2 200 setuid
sync.quantumdex.io/ Frame 6B19 43 B
95 B 138ms
133ms Image
image/gif 104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YXze-wIPxzqelYpfuJquhQAABJQAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a6269459c6e21b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 7B65 70 B
264 B 50ms
48ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:19 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 7B65
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YXze.wIPxzqelYpfuJquhQAA
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YXze.wIPxzqelYpfuJquhQAA&google_tc=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGFxJWjCAmBx-nzTWikPuSg&google_cver=1&gdpr=1&google_hm=2

43 B
1 KB

16ms
15ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGFxJWjCAmBx-nzTWikPuSg&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.21.141.232 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 30 Oct 2021 05:58:19 GMT

Redirect headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGFxJWjCAmBx-nzTWikPuSg&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 7B65
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXze-wIPxzqelYpfuJquhQAABJQAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXze-wIPxzqelYpfuJquhQAABJQAAAAB&dcc=t

43 B
645 B

101ms
101ms

Image
image/gif

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXze-wIPxzqelYpfuJquhQAABJQAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1

Protocol

HTTP/1.1

Server

209.54.177.54 Osaka, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:20 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: B9X2V5H7WXCN1QH761N6
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:20 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: Z4KD5E2NG3N9CXXT6550
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YXze-wIPxzqelYpfuJquhQAABJQAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 7B65
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YXze-wIPxzqelYpfuJquhQAABJQAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YXze-wIPxzqelYpfuJquhQAABJQAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKXvkBQJA4KTOHjg4_7bdWo&google_cver=1

43 B
315 B

13ms
12ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKXvkBQJA4KTOHjg4_7bdWo&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.21.141.232 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sat, 30 Oct 2021 05:58:19 GMT

Redirect headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKXvkBQJA4KTOHjg4_7bdWo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ix
ad4m.at/ad/sim/ Frame 7B65 0
0 88ms
22ms Image
text/html 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H/1.1

200
OK

crum
dsum.casalemedia.com/ Frame 7B65
Redirect Chain

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=b2a83282-9c70-edb9-8500d790

43 B
1 KB

15ms
15ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=b2a83282-9c70-edb9-8500d790
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.21.141.232 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:23 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 30 Oct 2021 05:58:23 GMT

Redirect headers

date: Sat, 30 Oct 2021 05:58:23 GMT
via: 1.1 google
server: nginx/1.20.1
access-control-allow-origin: *
p3p: CP='This is not a P3P policy!'
location: https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=b2a83282-9c70-edb9-8500d790
cache-control: max-age=3600
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 119

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7B65
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YXze_wAAs8aNKgAz
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YXze_wAAs8aNKgAz&gdpr=1&_test=YXze_wAAs8aNKgAz

43 B
1 KB

16ms
15ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YXze_wAAs8aNKgAz&gdpr=1&_test=YXze_wAAs8aNKgAz
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.21.141.232 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 30 Oct 2021 05:58:19 GMT

Redirect headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:19 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1635573500.905204,VS0,VE0
x-served-by: cache-hhn4021-HHN
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YXze_wAAs8aNKgAz&gdpr=1&_test=YXze_wAAs8aNKgAz
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 7B65
Redirect Chain

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

43 B
315 B

15ms
12ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: HTTP/1.1
Server: 2.21.141.232 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sat, 30 Oct 2021 05:58:19 GMT

Redirect headers

date: Sat, 30 Oct 2021 05:58:19 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H2 200 setuid
sync.quantumdex.io/ Frame 7B65 43 B
95 B 140ms
134ms Image
image/gif 104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YXze-wIPxzqelYpfuJquhQAABJQAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a6269459c7521b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame E266 2 KB
823 B 8ms
8ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 75C4 14 KB
5 KB 8ms
8ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=94410
expires: Sun, 31 Oct 2021 08:11:49 GMT
date: Sat, 30 Oct 2021 05:58:19 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame C353 1 KB
3 KB 18ms
18ms Document
text/html 2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.232 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ef5be8ac0c4fb788b8edeff38f1aff73d00cfe03add16f1ab7c510241b9a9bd1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 46|73|130|4|13|65|8|64
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1479
Expires: Sat, 30 Oct 2021 05:58:19 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
Connection: keep-alive

GET
H/1.1 200
OK uc.html Show response
sync.go.sonobi.com/ Frame CAD6 43 B
555 B 18ms
18ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

Date: Sat, 30 Oct 2021 05:58:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go

GET
H2

200

match
ads.betweendigital.com/ Frame 3B72
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=between&bsw_custom_parameter=9c9c2e49-33c4-46be-bb00-a6d9fd376ff3
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=between&expires=10&bsw_param=9c9c2e49-33c4-46be-bb00-a6d9fd376ff3
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=9c9c2e49-33c4-46be-bb00-a6d9fd376ff3

68 B
607 B

59ms
59ms

Image
image/png

188.42.29.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=9c9c2e49-33c4-46be-bb00-a6d9fd376ff3
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 188.42.29.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=9c9c2e49-33c4-46be-bb00-a6d9fd376ff3
Date: Sat, 30 Oct 2021 05:58:19 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 6DF9
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=ADF93C57-F871-4579-9A73-551DAC73099F
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=ADF93C57-F871-4579-9A73-551DAC73099F

35 B
468 B

22ms
16ms

Document
image/gif

37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=ADF93C57-F871-4579-9A73-551DAC73099F

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sat, 30 Oct 2021 05:58:19 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Sat, 30 Oct 2021 05:58:19 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=ADF93C57-F871-4579-9A73-551DAC73099F
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame A4DB
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2102099676820377009

42 B
210 B

18ms
18ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2102099676820377009
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sat, 30 Oct 2021 05:58:19 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug011:0:523
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2102099676820377009
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame F615
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
342 B

81ms
17ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sat, 30 Oct 2021 05:58:19 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug016:0:377
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

date: Sat, 30 Oct 2021 05:58:18 GMT
server: Kestrel
content-length: 0
cache-control: no-cache
pragma: no-cache
expires: Sat, 30 Oct 2021 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1061411

GET
H2 200 setuid Show response
sync.quantumdex.io/ Frame EF7F 43 B
95 B 139ms
134ms Document
image/gif 104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=ADF93C57-F871-4579-9A73-551DAC73099F
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
content-type: image/gif
content-length: 43
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a626945bc8621b1-DUS

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8D50
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rfk8V_hxRXmac1UdrHMJnw%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rfk8V_hxRXmac1UdrHMJnw%3D%3D&google_tc=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

9ms
7ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=94410
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Sun, 31 Oct 2021 08:11:49 GMT

Redirect headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 8D50
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d0fa617c-def9-4401-bbac-ac4b0129ed38

0
261 B

65ms
11ms

Image
text/plain

198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d0fa617c-def9-4401-bbac-ac4b0129ed38
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:18 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sat, 30 Oct 2021 05:58:19 GMT
Server: MT3 4067 88cc6bf master zrh-pixel-x30 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d0fa617c-def9-4401-bbac-ac4b0129ed38
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 30 Oct 2021 05:58:18 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 8D50
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=ADF93C57-F871-4579-9A73-551DAC73099F
https://pixel.onaudience.com/?partner=236&icm&cver&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m
https://ps.eyeota.net/pixel?gdpr=&gdpr_consent=&pid=3b2cb90&t=gif&uid=6e19d18acf6952da
https://ps.eyeota.net/pixel/bounce/?gdpr=&gdpr_consent=&pid=3b2cb90&t=gif&uid=6e19d18acf6952da
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MkRpVjVrSDR6RjJZeWJxVzN1Znp3NWV6SUY0bGZFRkZueTBNMGd6eUxVOEk&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&...
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=3b2cb90&referrer_pid=3b2cb90&google_gid=CAESEMelwnRiEF1BkeBI8jgO1Qk&google_cver=1
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=3386979819021929186&newuser=1&dc_rc=2&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90
https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%3D3b2cb90
https://ps.eyeota.net/match?bid=7vi0rg0&uid=d0fa617c-def9-4401-bbac-ac4b0129ed38&dc_rc=3&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90
https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%...
https://ps.eyeota.net/match?uid=YXze_wAAuZGL-QBG&bid=0rijhbu&dc_rc=4&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1
https://ps.eyeota.net/match?uid=c0b79904-fedc-4723-9ff4-f9e478218089&bid=1e2n4ou

70 B
440 B

14ms
14ms

Image
image/gif

3.122.214.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=c0b79904-fedc-4723-9ff4-f9e478218089&bid=1e2n4ou
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: HTTP/1.1
Server: 3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:20 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:20 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ps.eyeota.net/match?uid=c0b79904-fedc-4723-9ff4-f9e478218089&bid=1e2n4ou
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 191

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 8D50
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QURGOTNDNTctRjg3MS00NTc5LTlBNzMtNTUxREFDNzMwOTlG&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QURGOTNDNTctRjg3MS00NTc5LTlBNzMtNTUxREFDNzMwOTlG&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
110 B

19ms
17ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug014:0:313
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 8D50
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMOA9fGx9lp6vvCqgsdSAtg&google_cver=1

42 B
281 B

19ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMOA9fGx9lp6vvCqgsdSAtg&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug022:0:483
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMOA9fGx9lp6vvCqgsdSAtg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 8D50 43 B
609 B 35ms
13ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 29 Oct 2021 05:58:19 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 8D50
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d0fa617c-def9-4401-bbac-ac4b0129ed38&gdpr=0&gdpr_consent=

42 B
419 B

21ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d0fa617c-def9-4401-bbac-ac4b0129ed38&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug009:0:441
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sat, 30 Oct 2021 05:58:19 GMT
Server: MT3 4067 88cc6bf master zrh-pixel-x24 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d0fa617c-def9-4401-bbac-ac4b0129ed38&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 30 Oct 2021 05:58:18 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 8D50
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c0b79904-fedc-4723-9ff4-f9e478218089

42 B
294 B

20ms
17ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c0b79904-fedc-4723-9ff4-f9e478218089
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug018:0:290
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:19 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c0b79904-fedc-4723-9ff4-f9e478218089
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 8D50
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=862498899543868534

42 B
233 B

19ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=862498899543868534
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug013:0:602
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:19 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=862498899543868534
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 8D50
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7581706081706848258&gdpr=0&gdpr_consent=

42 B
210 B

61ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7581706081706848258&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug002:0:508
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
X-Proxy-Origin: 216.131.111.21; 216.131.111.21; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 5ddbd10d-344c-4d15-b20e-84bb45c7cf22
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7581706081706848258&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 8D50
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=TDXP_h5hnv9XZ5mqHGLV_E43nqlXNpn-STagiXzg

42 B
584 B

63ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=TDXP_h5hnv9XZ5mqHGLV_E43nqlXNpn-STagiXzg
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug005:0:360
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:19 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=TDXP_h5hnv9XZ5mqHGLV_E43nqlXNpn-STagiXzg
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame C353 0
0 16ms
16ms Image
text/html 37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.172.45 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 YXze-wIPxzqelYpfuJquhQAABJQAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame C353 43 B
872 B 35ms
35ms Image
image/gif 52.50.110.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YXze-wIPxzqelYpfuJquhQAABJQAAAAB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.50.110.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-110-98.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame C353
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAMypk7C-b4AAByF9n5Wig&expiration=1636783099&gdpr=1

43 B
1 KB

13ms
13ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAMypk7C-b4AAByF9n5Wig&expiration=1636783099&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Server: 2.21.141.232 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 30 Oct 2021 05:58:19 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAMypk7C-b4AAByF9n5Wig&expiration=1636783099&gdpr=1
Date: Sat, 30 Oct 2021 05:58:19 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C353
Redirect Chain

https://ad.turn.com/r/cs?pid=21&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3386979819021929186

43 B
1007 B

16ms
13ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3386979819021929186
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Server: 2.21.141.232 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 30 Oct 2021 05:58:19 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3386979819021929186
pragma: no-cache
date: Sat, 30 Oct 2021 05:58:19 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame C353
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1

43 B
1 KB

14ms
14ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Server: 2.21.141.232 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 30 Oct 2021 05:58:19 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Date: Sat, 30 Oct 2021 05:58:19 GMT
Access-Control-Allow-Credentials: true
X-Powered-By: Express
Content-Length: 0
Vary: Origin
Keep-Alive: timeout=5

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame C353
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1635659899&gdpr=1

43 B
315 B

41ms
12ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1635659899&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Server: 2.21.141.232 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sat, 30 Oct 2021 05:58:20 GMT

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1635659899&gdpr=1
pragma: no-cache
date: Sat, 30 Oct 2021 05:58:19 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame C353
Redirect Chain

https://beacon.lynx.cognitivlabs.com/ix.gif
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=46eb4eec-d546-4d8e-857e-00cfd3b34257&expiration=1667109500

43 B
1 KB

18ms
18ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=46eb4eec-d546-4d8e-857e-00cfd3b34257&expiration=1667109500
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Server: 2.21.141.232 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:20 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 30 Oct 2021 05:58:20 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=46eb4eec-d546-4d8e-857e-00cfd3b34257&expiration=1667109500
date: Sat, 30 Oct 2021 05:58:20 GMT
server: Kestrel
content-length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C353
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1638165499

43 B
1 KB

13ms
13ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1638165499
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Server: 2.21.141.232 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 30 Oct 2021 05:58:19 GMT

Redirect headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:19 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1638165499
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 setuid
sync.quantumdex.io/ Frame C353 43 B
95 B 142ms
133ms Image
image/gif 104.22.57.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YXze-wIPxzqelYpfuJquhQAABJQAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.57.126 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a626945ecbc21b1-DUS
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

GET
H/1.1

204
No Content

/
sync.bumlam.com/ Frame 3B72
Redirect Chain

https://sync.bumlam.com/?src=aid0
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=6204e280-3946-11ec-a6e9-002590c82437
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=6204e280-3946-11ec-a6e9-002590c82437&bounce=1
https://sync.bumlam.com/?src=aid1&uid=7nCY9NJEowbqThOf6ZMioQ&

0
103 B

6ms
6ms

Image
text/plain

31.172.81.159
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=aid1&uid=7nCY9NJEowbqThOf6ZMioQ&
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: HTTP/1.1
Server: 31.172.81.159 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Connection: keep-alive
Date: Sat, 30 Oct 2021 05:58:20 GMT
Server: nginx

Redirect headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:20 GMT
last-modified: Sat, 30 Oct 2021 05:58:19 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location: https://sync.bumlam.com/?src=aid1&uid=7nCY9NJEowbqThOf6ZMioQ&
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Sat, 30 Oct 2021 05:58:19 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 00DF
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

281 B
554 B

7ms
7ms

Document
text/html

104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=05273810-3907-512f-8ea2-2fa6efdef15e&CACHEBUSTER=71237
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Oct 2021 05:58:20 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Date: Sat, 30 Oct 2021 05:58:20 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 00DF 31 KB
10 KB 7ms
7ms Script
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 6a6eff7272461a487603a4b3dec6e9a690a86f10f520312f2d51ab12cf15aaa8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 05:58:20 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Oct 2021 15:56:57 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=37964
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9396
Expires: Sat, 30 Oct 2021 16:31:04 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 00DF 284 B
536 B 170ms
170ms Image
image/jpg 8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.39.36.141 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 6683ee3a8662a9679fcacb9fe223a3f8
Content-Type: image/jpg

GET
H2

200

71237
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 3B72
Redirect Chain

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/71237
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/71237

43 B
297 B

48ms
48ms

Image
image/gif

194.226.130.228
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/71237
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Server: 194.226.130.228 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.2.14/1.20.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:20 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.2.14/1.20.1
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:20 GMT
server: ms-counter-3.2.14/1.20.1
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/71237
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame DDBD 0
578 B 6ms
6ms Script
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:20 GMT
X-Proxy-Origin: 216.131.111.21; 216.131.111.21; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: f300d52e-106b-4b82-8204-add8f764f3e1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0F05 0
578 B 7ms
7ms Script
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:20 GMT
X-Proxy-Origin: 216.131.111.21; 216.131.111.21; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 6a02f503-fed6-4ea8-9369-e9d9cb5552a3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0CE1 0
578 B 6ms
6ms Script
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:20 GMT
X-Proxy-Origin: 216.131.111.21; 216.131.111.21; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: be1c416b-d4e6-4d99-b028-7328e325d7d6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 35AD 0
578 B 7ms
6ms Script
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:20 GMT
X-Proxy-Origin: 216.131.111.21; 216.131.111.21; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: aaeeb26f-913a-4deb-83c4-01359357c06f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F701 0
578 B 9ms
9ms Script
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 05:58:20 GMT
X-Proxy-Origin: 216.131.111.21; 216.131.111.21; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: ea830a5d-183f-4d93-a282-a48c0908c3f7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
visitor-usa02.omnitagjs.com/visitor/ Frame 3B72
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=429&user_id=05273810-3907-512f-8ea2-2fa6efdef15e&expires=60
https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=9c9c2e49-33c4-46be-bb00-a6d9fd376ff3&name=BIDSWITCH
https://visitor-usa02.omnitagjs.com/visitor/sync?name=BIDSWITCH&uid=2a62ca3297af454b8f19eb7922ed945f&visitor=9c9c2e49-33c4-46be-bb00-a6d9fd376ff3

49 B
342 B

303ms
100ms

Image
image/gif

195.244.31.11
IGUANA-WORLDWIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor-usa02.omnitagjs.com/visitor/sync?name=BIDSWITCH&uid=2a62ca3297af454b8f19eb7922ed945f&visitor=9c9c2e49-33c4-46be-bb00-a6d9fd376ff3

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/

Protocol

Server

195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),

Reverse DNS

Software

ayl-lb-usa02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:20 GMT
x-content-type-options: nosniff
server: ayl-lb-usa02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:20 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
location: https://visitor-usa02.omnitagjs.com/visitor/sync?name=BIDSWITCH&uid=2a62ca3297af454b8f19eb7922ed945f&visitor=9c9c2e49-33c4-46be-bb00-a6d9fd376ff3
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
content-length: 0
expires: 0

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 845E 2 KB
823 B 8ms
8ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5d1628750185ace

Requested by

Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=05273810-3907-512f-8ea2-2fa6efdef15e&CACHEBUSTER=71237

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2

200

05273810-3907-512f-8ea2-2fa6efdef15e
an.yandex.ru/mapuid/betweendigitalis/ Frame 3B72
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F05273810-3907-512f-8ea2-2fa6efdef15e
https://an.yandex.ru/mapuid/betweendigitalis/05273810-3907-512f-8ea2-2fa6efdef15e
https://an.yandex.ru/mapuid/betweendigitalis/05273810-3907-512f-8ea2-2fa6efdef15e?redir-setuniq=1

43 B
108 B

53ms
53ms

Image
image/gif

77.88.21.90

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/betweendigitalis/05273810-3907-512f-8ea2-2fa6efdef15e?redir-setuniq=1

Requested by

Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/

Protocol

Server

77.88.21.90 -, , ASN (),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:21 GMT
content-encoding: gzip
last-modified: Sat, 30 Oct 2021 05:58:21 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 30 Oct 2021 05:58:21 GMT

Redirect headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:21 GMT
content-encoding: gzip
last-modified: Sat, 30 Oct 2021 05:58:21 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/betweendigitalis/05273810-3907-512f-8ea2-2fa6efdef15e?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 30 Oct 2021 05:58:21 GMT

GET
H2 200 sync
t.adx.opera.com/ Frame 3B72 0
410 B 187ms
15ms Image
text/plain 82.145.213.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60079&uid=05273810-3907-512f-8ea2-2fa6efdef15e
Requested by: Host: thetruedefender.com
URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 -, , ASN (),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 05:58:21 GMT
server: Tengine
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 8D50 0
128 B 19ms
12ms Script
text/plain 198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 05:58:20 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.35.0/619621/AN6Z7V4JEeTOXm1_/ Frame A65B 0
145 B 29ms
29ms XHR
text/plain 34.248.176.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.35.0/619621/AN6Z7V4JEeTOXm1_/postback?dt=6196211556140246740000&de=43003&ac=746345&c1=5637254&dm=728x90&cr=7515751&ai=234495&r2=420849&r3=855572544541&di=https%3A%2F%2Fthetruedefender.com%2Fdurham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails%2F&pv=70da4e0f-288f-483d-936e-0124fd410a0f&sr=39&si=402008&r1=216.131.111.0&ci=619621&pd=avt&ui=fe9f758b-52f2-bbfa-0000-000000000000&ap=&ti=2756101783079717862&pp=2079&sid=AN6Z7V4JEeTOXm1_&oz_sc=dcc60bce78e21e047ae58c6c&oz_df=1635573502728&oz_l=280&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.35.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 30 Oct 2021 05:58:21 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 0F17 11 KB
5 KB 18ms
17ms Document
text/html 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=thetruedefender.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thetruedefender.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2964
date: Sat, 30 Oct 2021 05:58:22 GMT
content-length: 4685

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 0F17 443 B
533 B 17ms
17ms Fetch
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertag&domain=thetruedefender.com&sn=ChromeSyncframe&so=3&topUrl=thetruedefender.com&bundle=rC_V9l92aXlFemxXdXRvYnFFRUlxbGZVblhtbDhzTjZPTXFYbm0lMkZhM1M5SmQ1RjZQTGNNem5yakx1Nm9Lbkx4Smo5dTNrRzE1dklwSjdKdFFieU1Ob3lrQmE5JTJCZ2tHMCUyQjJnRGt1cGJrOVMlMkI4cWxoTjYlMkZDR1lBM0NpVFFPenZzR1RobWo&cw=1&lsw=1

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=thetruedefender.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

8f212565038e97818618afc486948a2b4af831753121db55f56052e245c8c106

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=thetruedefender.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sat, 30 Oct 2021 05:58:22 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2573
expires: 0

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.35.0/619621/AN6Z7V4JEeTOXm1_/ Frame A65B 0
145 B 29ms
29ms XHR
text/plain 34.248.176.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.35.0/619621/AN6Z7V4JEeTOXm1_/postback?dt=6196211556140246740000&de=43003&ac=746345&c1=5637254&dm=728x90&cr=7515751&ai=234495&r2=420849&r3=855572544541&di=https%3A%2F%2Fthetruedefender.com%2Fdurham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails%2F&pv=70da4e0f-288f-483d-936e-0124fd410a0f&sr=39&si=402008&r1=216.131.111.0&ci=619621&pd=avt&ui=fe9f758b-52f2-bbfa-0000-000000000000&ap=&ti=2756101783079717862&pp=2079&sid=AN6Z7V4JEeTOXm1_&oz_sc=dcc60bce78e21e047ae58c6c&oz_df=1635573504446&oz_l=324&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.35.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.248.176.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-176-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://thetruedefender.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 30 Oct 2021 05:58:23 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: links.services.disqus.com
URL: https://links.services.disqus.com/api/ping

Verdicts & Comments Add Verdict or Comment

191 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

116 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
thetruedefender.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 44513ab7fc03228ae619729c508a25d6
.thetruedefender.com/	1970-01-20 15:50:45	Name: _ga Value: GA1.2.688016768.1635573496
.thetruedefender.com/	1970-01-19 22:20:59	Name: _gid Value: GA1.2.211219134.1635573496
.thetruedefender.com/	1970-01-19 22:19:33	Name: _gat_gtag_UA_186892928_1 Value: 1
thetruedefender.com/	1970-01-19 23:02:45	Name: _pbjs_userid_consent_data Value: 6683316680106290
.adnxs.com/	1970-01-20 00:29:09	Name: uuid2 Value: 7581706081706848258
.smartadserver.com/	1970-01-20 07:49:47	Name: pbw Value: %24b%3d16950%3b%24o%3d11100
.smartadserver.com/	1969-12-31 23:59:59	Name: vs Value: 402008=4642918
.smartadserver.com/	1969-12-31 23:59:59	Name: TestIfCookie Value: ok
.smartadserver.com/	1970-01-20 07:49:47	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-19 22:20:59	Name: sasd Value: %24qc%3D1314363065%3B%24ql%3DHigh%3B%24qpc%3D94117%3B%24qt%3D152_2199_42546t%3B%24dma%3D807
thetruedefender.com/	1970-01-19 22:29:38	Name: PushSubscriberStatus Value: CLOSED
thetruedefender.com/	1970-01-19 22:29:38	Name: peclosed Value: true
.smartadserver.com/	1970-01-19 22:20:59	Name: sasd2 Value: q=%24qc%3D1314363065%3B%24ql%3DHigh%3B%24qpc%3D94117%3B%24qt%3D152_2199_42546t%3B%24dma%3D807&c=1&l=-1730953035&lo=-1855080969&lt=637711774962067936&o=1
.betweendigital.com/	1970-01-20 07:05:09	Name: dc Value: mow1
.betweendigital.com/	1970-01-20 07:05:09	Name: ss Value: 1
.betweendigital.com/	1970-01-20 07:05:09	Name: unm Value: 1
.betweendigital.com/	1970-01-20 07:05:09	Name: tuuid Value: 05273810-3907-512f-8ea2-2fa6efdef15e
.quantumdex.io/	1970-01-19 22:48:25	Name: uid Value: 1a50b921-d33c-4218-962a-fe2e7d99ec07
.lockerdome.com/	1970-01-20 07:05:09	Name: account_id Value: 14518537964197120
.lockerdome.com/	1969-12-31 23:59:59	Name: ldrid Value: bqGRk1ybS4Nn30Y%2FVqJHN4yapaiCX341LJX6ZOqShU8CSF8kA5%2FFuoDvuKmjXHDfNFL%2BtpeKK3ulyYvlc3DEIXVKN4TtZS%2FGuljmXMwrP%2F65tEqK7ftieH6ahK7RFupV
.lockerdome.com/	1970-01-20 07:05:09	Name: login_token Value: %2214518537964197120%7C1643349496481%3A%7Call%7COK3huqkDxqSEbS1X5ij%2F72mLjEXg9mXnOhyzqr20XpaFkc7lNTVrRvCmhi4FG4TM4dCRA4115uN9D4RUIJp5PA%3D%3D%22
.adnxs.com/	1970-01-20 00:29:09	Name: icu Value: ChgIztV3EAoYAyADKAMw-L3ziwY4A0ADSAMQ-L3ziwYYAg..
.smartadserver.com/	1970-01-20 07:49:47	Name: pid Value: 6646832348915492602
.smartadserver.com/	1970-01-20 07:49:47	Name: pdomid Value: 21
.bitchute.com/	1970-01-19 22:19:35	Name: __cf_bm Value: GHxLsM2Ch7SoIqQorlTmvQZDepiaSgFlt5jRF.NzOdo-1635573496-0-AcweJSALs4ts55+QUqeCAy/WboUDrjES2uoK3WuXg/SnWezA/WUkEfwbLqEyQl5tdmrYBbjMoSpgrOOlSyr5vhgEG81OVsOnF+XQQ1wGScUCt6cgzaf4I08zNkVsbpJ1HA==
.smartadserver.com/	1970-01-19 23:02:49	Name: Trk0 Value: Value=1366485&Creation=30%2f10%2f2021+07%3a58%3a17
.mathtag.com/	1970-01-20 07:05:09	Name: uuid Value: d0fa617c-def9-4401-bbac-ac4b0129ed38
xn--r1a.website/	1970-01-19 22:20:59	Name: stel_ssid Value: d8fb51e1368269f2a2_3017071530081740836
.ad-srv.net/	1970-01-20 00:29:09	Name: u8x7eovwf3h6_uid Value: 294d013f26bad827
.ad-srv.net/	1970-01-20 00:29:09	Name: v0rur7gqspb3_uid Value: 6aa5ef3b6e763d13
.awin1.com/	1970-01-19 22:29:38	Name: awpv14098 Value: 559379\|1635573497\|60bfcfc0-3946-11ec-9600-22309c92d156
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 379082:2519508
.adfarm1.adition.com/	1970-01-20 00:29:09	Name: UserID1 Value: 7024734688416168083
.criteo.com/	1970-01-20 07:41:09	Name: uid Value: 9849d599-7672-4cdb-911d-30d0a8b48f32
.bidswitch.net/	1970-01-20 07:05:09	Name: tuuid Value: 9c9c2e49-33c4-46be-bb00-a6d9fd376ff3
.bidswitch.net/	1970-01-20 07:05:09	Name: c Value: 1635573499
.bidswitch.net/	1970-01-20 07:05:09	Name: tuuid_lu Value: 1635573499
thetruedefender.com/	1970-01-20 07:41:09	Name: cto_bundle Value: rC_V9l92aXlFemxXdXRvYnFFRUlxbGZVblhtbDhzTjZPTXFYbm0lMkZhM1M5SmQ1RjZQTGNNem5yakx1Nm9Lbkx4Smo5dTNrRzE1dklwSjdKdFFieU1Ob3lrQmE5JTJCZ2tHMCUyQjJnRGt1cGJrOVMlMkI4cWxoTjYlMkZDR1lBM0NpVFFPenZzR1RobWo
thetruedefender.com/	1970-01-20 07:41:09	Name: cto_bidid Value: UsfyAV9RVUUlMkJBOXdUbEk5JTJCQ2Y4NXY0OSUyQm9mbWklMkY4dzc5ZnNvam9tVlFZMks0QU9NJTJGdVpaVFV1WFRqanM1b3QlMkZKUDVHWUV4WDVDbTBIUGJVc3RuQUdZZ0hHUSUzRCUzRA
.turn.com/	1970-01-20 02:38:45	Name: uid Value: 3386979819021929186
.sharethrough.com/	1970-01-20 07:05:09	Name: stx_user_id Value: 052c04cc-c9a2-4dee-9b97-c08ab894e4a7
.id5-sync.com/	1970-01-19 22:19:33	Name: cf Value:
.id5-sync.com/	1970-01-19 22:19:33	Name: cip Value:
.id5-sync.com/	1970-01-19 22:19:33	Name: cnac Value:
.id5-sync.com/	1970-01-19 22:19:33	Name: car Value:
.id5-sync.com/	1970-01-19 22:19:33	Name: gdpr Value:
.casalemedia.com/	1970-01-20 00:29:09	Name: CMPS Value: 3223
.adsniper.ru/	1970-01-27 05:31:33	Name: uuid3 Value: IiQ2MjA0ZTI4MC0zOTQ2LTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.id5-sync.com/	1970-01-19 22:19:33	Name: callback Value:
.yahoo.com/	1970-01-20 07:05:31	Name: A3 Value: d=AQABBPvefGECEM8vazbii_PpYSH2jyDNZlUFEgEBAQEwfmGGYQAAAAAA_eMAAA&S=AQAAAm3tcoGIuY1tGObtz_n9fkI
.casalemedia.com/	1970-01-20 07:05:09	Name: CMID Value: YXze.wIPxzqelYpfuJquhQAA
.casalemedia.com/	1970-01-20 00:29:09	Name: CMPRO Value: 1172
.id5-sync.com/	1970-01-20 00:29:09	Name: 3pi Value:
.ads.pubmatic.com/	1970-01-19 22:20:59	Name: KCCH Value: YES
.adhigh.net/	1970-01-20 07:05:09	Name: gi_u Value: u6YlKYse1sJL.AikABlF8z8cHJQ
.smartadserver.com/	1970-01-20 07:48:21	Name: csync Value: 31:9c9c2e49-33c4-46be-bb00-a6d9fd376ff3\|32:3386979819021929186
.bumlam.com/	1970-01-27 05:31:33	Name: suuid3 Value: IiQ2MjA0ZTI4MC0zOTQ2LTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.pubmatic.com/	1970-01-20 00:29:09	Name: KADUSERCOOKIE Value: ADF93C57-F871-4579-9A73-551DAC73099F
.pubmatic.com/	1970-01-20 00:29:09	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-19 22:20:59	Name: pi Value: 0:2
.pubmatic.com/	1970-01-20 00:29:09	Name: DPSync3 Value: 1636761600%3A201_197_219%7C1635638400%3A174
.pubmatic.com/	1970-01-20 00:29:09	Name: SyncRTB3 Value: 1636761600%3A7_161_56_3_21_13_54_8_220%7C1636848000%3A35
.id5-sync.com/	1970-01-20 00:29:09	Name: id5 Value: a478a469-64b1-4c0e-b79c-b23ff651139a#1635573488801#3
.adhigh.net/	1970-01-20 07:05:09	Name: btw_sync Value: Itf
ms.quantumdex.io/	1970-01-23 13:55:33	Name: qdsp_uid Value: 8ae8c595-5c8a-46a9-b906-96a45361c0f0
.lijit.com/	1970-01-20 07:05:09	Name: ljt_reader Value: 2d3f95075ce6aafc9bf18845
.simpli.fi/	1970-01-20 07:06:35	Name: suid Value: BFE3CC57F52E41D19988323D67F69280
.advertising.com/	1970-01-20 07:06:35	Name: APID Value: UP621e0066-3946-11ec-a15c-06bbc839886a
.quantserve.com/	1970-01-20 00:29:09	Name: d Value: EKkBCwHNJPijAA
.quantserve.com/	1970-01-20 07:49:47	Name: mc Value: 617cdefb-ca7ff-a43f4-2ac32
.onaudience.com/	1970-01-20 07:05:09	Name: cookie Value: 5500d51abe9e4fa3
.onaudience.com/	1970-01-19 22:20:59	Name: done_redirects236 Value: 1
.1rx.io/	1970-01-20 07:05:09	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-9d6a8df4-d643-4ab5-a7d1-4700038f2d1a-003%22%7D
.adform.net/	1970-01-19 23:04:11	Name: C Value: 1
.analytics.yahoo.com/	1970-01-20 07:06:35	Name: IDSYNC Value: "192w~218t:192x~218t"
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UP621e0066-3946-11ec-a15c-06bbc839886a
.yahoo.com/	1970-01-19 22:20:59	Name: APIDTS Value: 1635573499
.w55c.net/	1970-01-20 07:49:47	Name: wfivefivec Value: BmlUo01I1MGHnJ5
.de17a.com/	1970-01-20 06:57:57	Name: guid2 Value: 1.2102099676820377009
.w55c.net/	1970-01-19 23:02:45	Name: matchcasale Value: 5
.pubmatic.com/	1970-01-20 00:29:09	Name: PUBMDCID Value: 3
.adform.net/	1970-01-19 23:45:57	Name: uid Value: 862498899543868534
.pubmatic.com/	1970-01-20 07:05:09	Name: KRTBCOOKIE_27 Value: 16735-uid:d0fa617c-def9-4401-bbac-ac4b0129ed38&KRTB&16736-uid:d0fa617c-def9-4401-bbac-ac4b0129ed38&KRTB&23019-uid:d0fa617c-def9-4401-bbac-ac4b0129ed38&KRTB&23114-uid:d0fa617c-def9-4401-bbac-ac4b0129ed38
.pubmatic.com/	1970-01-19 23:02:45	Name: PugT Value: 1635573499
.lkqd.net/	1970-01-20 07:05:09	Name: sr758 Value: 1\|\|1635573499
.lkqd.net/	1970-01-20 07:05:09	Name: lkqdidts Value: 1635573499
.lkqd.net/	1970-01-20 07:05:09	Name: lkqdid Value: Hr23chfFJck
.eyeota.net/	1970-01-20 07:05:09	Name: mako_uid Value: 17ccfc707f6-1f230000010f4358
.eyeota.net/	1970-01-19 22:19:34	Name: SERVERID Value: 17240~DM
.targeting.unrulymedia.com/	1970-01-20 07:05:09	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-9d6a8df4-d643-4ab5-a7d1-4700038f2d1a-003%22%7D
.pubmatic.com/	1970-01-20 00:29:09	Name: KRTBCOOKIE_153 Value: 19420-TDXP_h5hnv9XZ5mqHGLV_E43nqlXNpn-STagiXzg&KRTB&22979-TDXP_h5hnv9XZ5mqHGLV_E43nqlXNpn-STagiXzg
.pubmatic.com/	1970-01-20 00:29:09	Name: KRTBCOOKIE_57 Value: 22776-7581706081706848258
.pubmatic.com/	1970-01-19 23:02:45	Name: KRTBCOOKIE_391 Value: 22924-862498899543868534&KRTB&23263-862498899543868534
.everesttech.net/	1970-01-20 07:05:09	Name: everest_g_v2 Value: g_surferid~YXze_wAAuZGL-QBG
.adsrvr.org/	1970-01-20 07:05:09	Name: TDID Value: c0b79904-fedc-4723-9ff4-f9e478218089
.pubmatic.com/	1970-01-19 23:02:45	Name: KRTBCOOKIE_336 Value: 5844-2102099676820377009
.doubleclick.net/	1970-01-20 07:41:09	Name: IDE Value: AHWqTUkYkuvLv9jaRNsnCS3PJ6P2s21wfsoHCh1iWS4aY2SZyXNEmF8uZnoEe0omaBY
.pubmatic.com/	1970-01-19 23:02:45	Name: SPugT Value: 1635573498
.pubmatic.com/	1970-01-20 00:29:09	Name: KRTBCOOKIE_377 Value: 6810-c0b79904-fedc-4723-9ff4-f9e478218089&KRTB&22918-c0b79904-fedc-4723-9ff4-f9e478218089&KRTB&23031-c0b79904-fedc-4723-9ff4-f9e478218089
.pubmatic.com/	1970-01-20 00:29:09	Name: KRTBCOOKIE_80 Value: 22987-CAESEMOA9fGx9lp6vvCqgsdSAtg&KRTB&16514-CAESEMOA9fGx9lp6vvCqgsdSAtg&KRTB&23025-CAESEMOA9fGx9lp6vvCqgsdSAtg
pool.admedo.com/	1970-01-20 07:05:09	Name: tuuid Value: 651ccceb-894b-4ac7-a232-95287507d24b
pool.admedo.com/	1970-01-20 07:05:09	Name: c Value: 1635573499
pool.admedo.com/	1970-01-20 07:05:09	Name: tuuid_lu Value: 1635573499
.bidr.io/	1970-01-20 07:48:07	Name: bito Value: AAMypk7C-b4AAByF9n5Wig
.bidr.io/	1970-01-20 07:48:07	Name: bitoIsSecure Value: ok
.aidata.io/	1970-01-20 15:50:45	Name: __upin Value: 7nCY9NJEowbqThOf6ZMioQ
.aidata.io/	1970-01-20 15:50:45	Name: __upints Value: 1635573500
beacon.lynx.cognitivlabs.com/	1970-01-20 07:05:09	Name: UID Value: 46eb4eec-d546-4d8e-857e-00cfd3b34257
beacon.lynx.cognitivlabs.com/	1970-01-20 07:05:09	Name: ss Value: zf5YXojzHhMOfimUtg0IKnlksY3dQbJG0t1DQJKIdkch2HNQedOTcIsoxYexoeYF4F7937bL3VzKfAcceRsLyQ%3D%3D
.casalemedia.com/	1970-01-20 07:05:09	Name: CMRUM3 Value: 2d617cdefb05a0&5a617cdefb05a0&04617cdefb27603386979819021929186&2f617cdefb2760BmlUo01I1MGHnJ5&e6617cdefb2760&82617cdefb2760AAMypk7C-b4AAByF9n5Wig&33617cdefb05a0&f1617cdefb05a0&58617cdefb2760YXze_wAAuZGL-QBG&08617cdefc276046eb4eec-d546-4d8e-857e-00cfd3b34257&27617cdefb0b40&bc617cdefb05a00
.casalemedia.com/	1970-01-19 22:20:59	Name: CMST Value: YXze+2F83vwA
.adsrvr.org/	1970-01-20 07:05:09	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwjiz9Xqid2NOhAFGAEgASgCMgsIvM6Hm6DdjToQBTgBWgZleWVvdGFgAg..
.tns-counter.ru/	1970-01-20 07:05:09	Name: guid Value: C85B783B617CDEFCX1635573500
.omnitagjs.com/	1970-01-19 23:45:57	Name: ayl_visitor Value: f3f353fef8dffab80f0dc9ac46b08f66
.betweendigital.com/	1970-01-20 07:05:09	Name: ut Value: YXze_QABT_CAUgHHGh5KcnVP2Qx3Se5EnlXuFw==

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 74) Message: Origin trial controlled feature not enabled: 'trust-token-redemption'.
other	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 74) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
worker	error	URL: blob:https://thetruedefender.com/3dfe0b25-666f-410e-b35c-22c3639a58a2 Message: Mixed Content: The page at 'blob:https://thetruedefender.com/3dfe0b25-666f-410e-b35c-22c3639a58a2' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://thetruedefender.com/3dfe0b25-666f-410e-b35c-22c3639a58a2 Message: Mixed Content: The page at 'blob:https://thetruedefender.com/3dfe0b25-666f-410e-b35c-22c3639a58a2' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://cdn.jsdelivr.net/npm/gun/gun.js(Line 1671) Message: WebSocket connection to 'wss://thefastestguninthewest.bitchute.com/gun' failed: Error in connection establishment: net::ERR_NAME_NOT_RESOLVED
javascript	error	URL: https://thetruedefender.com/durham-targets-obama-and-hillary-children-crimes-2-3-billion-tax-fraud-650000-clinton-emails/ Message: Access to XMLHttpRequest at 'https://links.services.disqus.com/api/ping' from origin 'https://thetruedefender.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://links.services.disqus.com/api/ping Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://cdn.jsdelivr.net/npm/gun/gun.js(Line 1671) Message: WebSocket connection to 'wss://thefastestguninthewest.bitchute.com/gun' failed: Error in connection establishment: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://cdn.jsdelivr.net/npm/gun/gun.js(Line 1671) Message: WebSocket connection to 'wss://thefastestguninthewest.bitchute.com/gun' failed: Error in connection establishment: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.disquscdn.com
acdn.adnxs.com
ad.ad-srv.net
ad.turn.com
ad20.ad-srv.net
ad4m.at
ads.betweendigital.com
ads.pubmatic.com
an.yandex.ru
ap.lijit.com
apps.sascdn.com
assetscdn.pushengage.com
beacon.lynx.cognitivlabs.com
bidder.criteo.com
bidswitch-eu.splicky.com
c.disquscdn.com
c0.wp.com
c1.adform.net
cache.betweendigital.com
casale-match.dotomi.com
cdn.connectad.io
cdn.contentspread.net
cdn.jsdelivr.net
cdn.polyfill.io
cdn.viglink.com
cdn1.lockerdomecdn.com
cdn2.lockerdomecdn.com
cdn4.telesco.pe
cdnjs.cloudflare.com
ced-ns.sascdn.com
clientcdn.pushengage.com
cm.adgrx.com
cm.g.doubleclick.net
cmp.optad360.io
cs.lkqd.net
d.turn.com
d5p.de17a.com
dis.criteo.com
disqus.com
dmp.brand-display.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
get.optad360.io
gu.dyntrk.com
gum.criteo.com
i.connectad.io
i0.wp.com
i1.wp.com
i2.wp.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
itx4.smartadserver.com
links.services.disqus.com
lockerdome.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
media.kaspersky.com
ms.quantumdex.io
onetag-sys.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.mathtag.com
pixel.onaudience.com
pixel.quantserve.com
pixel.wp.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prg.smartadserver.com
ps.eyeota.net
px.adhigh.net
referrer.disqus.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.adpone.com
rumble.com
s.amazon-adsystem.com
s.update.mediamathtag.com
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.gravatar.com
securepubads.g.doubleclick.net
seed125.bitchute.com
simage2.pubmatic.com
simage4.pubmatic.com
sp.rmbl.ws
ssp.wp.pl
ssum-sec.casalemedia.com
static-3.bitchute.com
static.criteo.net
stats.g.doubleclick.net
stats.wp.com
std.wpcdn.pl
sync-eu.connectad.io
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.bumlam.com
sync.go.sonobi.com
sync.mathtag.com
sync.quantumdex.io
sync.targeting.unrulymedia.com
sync3.adsniper.ru
t.adx.opera.com
tags.mathtag.com
thetruedefender-com.disqus.com
thetruedefender.com
tlgr.org
token.rubiconproject.com
um.simpli.fi
ups.analytics.yahoo.com
useast.quantumdex.io
users.api.jeeng.com
visitor-usa02.omnitagjs.com
visitor.omnitagjs.com
www.awin1.com
www.bitchute.com
www.google-analytics.com
www.googletagmanager.com
www.tns-counter.ru
www8.smartadserver.com
x.bidswitch.net
x01.aidata.io
xn--r1a.website
links.services.disqus.com
104.111.239.217
104.154.142.214
104.16.160.13
104.16.19.94
104.16.86.20
104.22.54.206
104.22.57.126
104.22.57.174
104.26.10.25
104.26.11.209
104.26.7.35
104.26.8.169
104.26.9.66
104.92.74.8
13.224.193.64
142.250.181.230
142.250.185.200
142.250.185.67
142.250.186.130
142.250.186.138
142.250.186.162
142.250.186.78
143.204.98.115
143.204.98.119
143.204.98.17
143.204.98.58
143.204.98.83
146.20.128.151
146.59.148.16
147.75.38.124
149.154.165.133
151.101.64.134
151.101.65.26
151.101.66.49
151.139.128.11
151.236.71.146
157.90.167.185
159.253.128.183
169.55.146.12
173.231.180.197
178.162.133.149
178.250.0.157
178.250.0.165
178.250.2.130
178.250.2.151
178.63.52.121
18.157.150.79
18.157.70.90
18.66.139.98
185.183.112.155
185.184.8.65
185.255.84.152
185.29.132.245
185.29.134.249
185.64.190.80
185.86.137.17
185.86.138.142
185.86.139.59
185.86.139.96
188.42.29.196
192.0.73.2
192.0.76.3
192.0.77.2
192.0.77.37
192.187.114.18
193.232.148.143
194.226.130.228
195.244.31.11
198.47.127.19
198.47.127.20
199.232.192.134
199.232.194.49
199.232.196.134
2.16.186.107
2.16.186.82
2.18.233.180
2.18.233.201
2.21.141.148
2.21.141.232
209.54.177.54
212.77.98.32
212.77.99.29
213.155.156.182
213.19.147.44
216.52.2.30
216.58.212.170
3.122.214.165
3.126.16.11
3.126.56.137
3.222.216.135
3.228.229.208
31.172.81.158
31.172.81.159
34.248.176.243
35.157.177.200
35.210.53.219
35.241.40.233
37.157.3.29
37.252.172.37
37.252.172.45
46.228.164.11
46.228.164.13
51.178.20.139
51.89.42.86
51.89.9.252
52.223.40.198
52.49.238.187
52.50.110.98
66.102.1.156
66.155.71.150
77.88.21.90
8.39.36.141
82.145.213.8
85.114.131.235
85.114.159.118
89.108.119.43
89.187.169.39
89.207.16.137
91.228.74.134
93.159.228.11
95.216.186.40
0111ef8fb7bab66f02ebb76acf1c20ebff86c7eddef1834b50529d3396410c26
023d2dda72814a8b932eaa0e1d2c7c1c4bd5f493d9c018e3345d8bc3f9bc6d69
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03dd0cd6265d032fc599e47d7b256576d50745f9e22fe67c698b49de311b5555
071ae33974e54b0b7586b5ecc94a40ab118f7df9a387f351231095b51aafe93e
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
09255fc220032ea7ecb474d0b0b6daffccade6134caae15332892691465788f8
0a1fc524469c189ab3ef5bb0fd741d4ca4b9397535b88666e87b412fb78cb4f1
0b721ba64a02eb660eb62d1b6d7558ec8d86490c0e4444262b38ac5a54004e88
0c8bf945a02f2bf6cef32c4f374002f9b84ae30f22dc325f4584e69929a28413
0d23e1c01de5ec7d4ffb9dc2da027172fdde2f1aa13da7c7995007da2c325e2e
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0d6abff276e1c0fab6e8d8a3557f85b0f7509b8c9c50286daa8b68a60b208a7c
0dc03fffd12e99785f346aaa00ceaba983531923dcb461971fe0e8a59bbfecab
0e233a554f50421377565fea9b207129fa604f01ce24ef4ef9051578d4dee6c0
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad
0f661b180cb5ec06a2458d8be5c013a37abe06a0d446945709010132ca813d15
0fc433d29c75ad01a8b659920e90e0e9cec6a29f64554b294f0b711531e95be0
10db2d6ad43e6e90e5333bb8b73c88cb316b924441290cc7d4e72268c8f21c54
11b7448c22b34dae17fdace8778630f6e9bab3e826c1a1ca960284359ab453b0
13f3cc49c0d71310a668cd7c3455de6dd9167a891e6e6ea8c8a0a33541373e9d
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
167ca6c0f975c641b52d61bbceb0e83bc0ad69f2edd409002fc191f721f9326c
17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b17315b5684f9fa9c0bee84f5b6ced06466ca0d841ed483d7356bbc707091b1
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1eeaa9afd461c6df55ffad40e5b003b9f2303727cc0276e677cf61bf9023284a
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
2414cfaa22a8bfa4294324bc0e1e9e9fb193a6f310149502eebf0151c81d1c5c
2592b4e46e8af0af3a6d226a426ab1eeff99edd04bc7d064317f0c01717df7fb
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2892a779cee25c3a681f6c8d4c779f0e8632741aec6485a87da48000d84b96c5
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d1db007682f0d690cbba8933d5b5746413bb47fee9c01b873d24a6260392c69
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e32599676b736fab8e3833b06fe2c54e0bf2697b97e2be6abf38a3654d9b2ab
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
2eee814cf1ce6d4f84ed9e5b4a34b61f13e58bfdeb0d2b4a40263416bfb1cac3
300c2a57d0ed169063b3daaff0550227cf8be6e702a58ab79f40a351df655243
308b928d2ceac604566e6a11088dcc8e3793fd62299a80490389cd2f08480482
314463b822c910210397d233970d33f292f26a5cdd90555a63d939c60d14d23a
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
35aa859d36b5578d9b4dbe944f3580130c697667375af2155413e9198f8e006c
360cb757953c12a86e5cab86a14bc19f343fae4b09fa758b1a0535dca3c5f26f
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38ec9a9e5036684e4948fb0782aa60dc266c6ea94725572904f5876673a9edfa
3a306e3a925cce0a439c82f6619e1cfae9faa6a4fa637aacfde28d26ccff1a44
3ba80f171167409c8894b29dfbfbee5e0b64541f7c5f7e67afdb7462c15245fc
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e994c6b869ce31ac6a8997cfcdaca22ac6c47f137ec735b2ac413e466b7ca0c
3ea61e287d96d4285dd1b1fc925113b2ee9299c16ba87938e239c2eef0b50e4d
3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1
3ebe3ff6e3d8d47304ff7bbcb28cc0579ca64c2cd7989015db2fbdb08ec8dd92
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4125108a748bfd0915b6f9ad0d1839294fca7ea1e5d0ea7754ab9fa54c8e9bfa
421bc6141125161536d3bc2a4b15f32f200f2340eced972d73db955b193e0172
422f05991badee1af6bf99c0904eea33eceba98fca0553f8299cc10f138bcb2a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0
45a1d6c802e5b96dcd8a3d1c2f614f57d3b6e0743249d7a9f335296075c09b37
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a095c4b655aa774d4b1eb479908d0aa5ce3482b701c4b25af75050e0fe85ebb
4ac4e1992dbf1f7c3673ec6117c0132741d39982215d1af2bed6aa170698a524
4aedd618e5afdcceeaeb82c1d6926175a4bb43dd363e9c64eacfca2ae80c9b60
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4c6853bb850ee8aab39a34df9ef231e33068958ca25d69745078ac9c00c98f1f
4d2b526fcb97fd3a98042412b8ca71ea876153555e7d3970276cadb693536f3a
4d958aa0fe56b2c9ef407522721c72a3f0ac4f0ae063a2e2d05c134b7a79fa85
4d99f2c1e6fde96e2c2308b915e4da16aee198a8d8f86b9350676830544b66fa
4e2424819af4991f5e72ef934fd78ac18fc5d0a2492a99d1b94b6f33d6270553
4e2ff4dda6510591e0123ec9153d0dd7f35a566566df7095694625e6c654e527
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
51e78e904c795ed5b0154a9995d1ab0b7e3667f5aede719bda86ba38236c5989
51f0d835d45cb60ef05975a6a821914dc7521052f69101fb917842ff01917e49
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
545f7284439440fac6a2ce4a53a16cf7e9c7f9f6dc7a6f09877bd2af7c85e3b1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5948de9b0c489838ac88cf9982a457fff4a5cc216c7878018699cd118f2d7869
5a96f53be44ff674c0a4e7a67a951c65c951f2d021dc3b1e3335a9237e69b435
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29
5e8c2a07175788df50b2ce8963f1f28fb6d0f88d26438f10b9575e99f9f4c020
5f48401d810df54d8c06bd7a85a69b65e5403bab8dcb8d7e919f3d31247e5460
60631ed8f1dfa6713ff9e30fec41786aadc477c0cac5a75dca66b5a49f76b901
60b2b1052bb91bdd45f229e17513a96825f73e5cf03bd5313ab9a2249178426c
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
62ebdd655eb7d82324ded1127e184b1f4a65132a2b4f5ba0e113d3b65cc47b61
66261e6ebf20403bd76cca78f414c521e029189fc52944cbcc43ed81e125a487
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66e9f376aa2ad8f4778019c707aae34f2a777f1fce4ad5f12e1318848be09992
685df4d5cf060fe847afa24bfd796d5302e559451f32322eb1c83d19e6fa132c
686af60894c770eb143b39f507d8ddd65d9ad2d86e458893fa7dcc3759ebc49f
68dac3c7d532538ff89ca6f44db3a4213ba511ddaf43823a63a893249f5bc302
698e63451f828f97957e480c923bb8634a39ceb8c541f728b94cd9c9a454a99f
6990ea232bb26e9f419f1c364efc4d46ab62288a58f57aff6f289f4a98459240
6a6eff7272461a487603a4b3dec6e9a690a86f10f520312f2d51ab12cf15aaa8
6a8be7b6ac10ce15edad2a069ddfbb381be13ea8b4e8a8bad9654149bf942d94
6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c49d8154072e54c0b85a7d278ede74960698311e5fe19d7924a91a337ad665e
6c84b15475645a583ebcacf9dce3e2ac8ada4feacf3640b2ba60c9139dc9e382
6d49d7b4230abea8226dba54e9d32bf6cfa700fd8c1436e0cb8e6eea43170acf
6db623175e53f8a8fbe0dd0b9ef38213bfffab51835c940b2ff705514b3bee9c
6e9994a2b8c1f0ee7db7822a016b81a0d2d7a32e35492f90d3051b17824c8bbe
6f62819f977bb14f68194e30c6fbe81d163e00b528474a219c72ff77e7b90b42
700b4593fb1403c22602ab898bcebdd6fc3ff0c80131ed0c5432d0e78e8f1d8a
70d8eef5d9f7aea9967704b5c13d80b77d10109ef1fd83ce11c1051139acbd84
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453
7136aa0fec48cb4c61588871b4a8feb2b121e20a1bbcdfb874a1053edaaa366d
71e321cc2e604ec1fbbe76c0470d616f1e8bcc9a25e27ab8d7b0f07efa54f2e8
7462bdf789a89db34e26ce9deeb27e2d532113145d71bb560aad30c67dceaf88
772ac5fcda6bcfb66e88d1a4762578b28138903695eba4a18dbed086da9a0f4b
77ac89f0c9b8aa5a9add22b08e86557b10af6fce78ca34298ea9a14fab792e8c
77f71f31708e21b2f4f9f779150ee5378a30436673880627eb9c5b1bb9aa665e
7af53d7077c16f6ad9efd63a975749c4835ce6e495c337fa4176f15ed385f80b
7d07cb7c57183d8bfe6dc615c7cec788de53852598aa244d2a049937385dd103
7dcbd9ddb813cf06084d60b6158da5289b9e33ba3f9e7c463fd20e7ec8462014
7f1d08127ad5c05e11ce6e3b7be9e7f3d4f47e2a9ec0b49bf934a749b26deaf7
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
80b5f56879cce5196b2c10bf238bd7e83df53c26ecf581637249d0ff8c28d770
81003b15fc9afb795bfb737fb5e8f6bbb65ba6c530ed9bc16475690fe11dda1c
81e375d0dbe921a0b97df2e0ce9303883ac52cd7d11134c0ff990476a11785be
82649ad7d4ec9c61f1e525b2dade75153ffb03610b88d22e1ba3ba98fd55de81
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
88264adf3d3193fb56c229f0b92e2a6096770eb76996d1fedc95f5bcb208ccda
886bda9a5b3270ad1d08c1dd94e5079960b43a949852da1c42dd5784c72fdb30
8872065b236178a796879bd2e1b895da9e7a73105c04a65ee8d137a93eb2902a
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8acf26e5da31fbcf97b58ad60baa4121ab276efd4ab78661e842fee1ff975071
8b8ad675bcebb53972a7ee3cb5aa938142e42dab0615f98ca07d60b9f70fbc04
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f212565038e97818618afc486948a2b4af831753121db55f56052e245c8c106
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
9172d5b47aa6dd206cfadcb458e8458ef60101d364c327c4f51c98acd471220b
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
94f088e3475b554ba46ffaf3f330a2e9135464e9c1f7540c648c033296e329eb
955adfc31846d7a5f3b397b90a83e22de43a5e68dfa15dbb93069462256920b6
95b90e9b9930aaf8f8fa2427cd89aad8ec9bcd99db52e5bc64877432c50b9487
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
9a211890e04f6342daafeab7c7d11cd15419e8a4830f530176b28d872e6a1d9a
9d07f01e075074db0154aae1cd5fc2f2f3ffe87d787783f686444f5583503437
9e00c9e56b1f5e077f8d626274bce386a0fa335075aa05b522e928d7e906b5a3
9eb0966044e1a32b51fcd3d2f2cb7dc9d2ca0c865ab20c5001f87510791387e9
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a265958d7c2f6f27db8503c96fde987c04b913e1fac5e48c846f5cafc51c78ca
a7145e35459692778d48ee4720e0897425811356b8e60ecdf87decaa8db0fdd6
a9e584dd4afe0dd60d746e271448eca4d34fc85b6c695d9a287e6fcf4c11ed5b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa0b71a0301e58c9d8274cdb1122da964d5f747b28093571f622d17efaa3d524
aacf646c2e726d6a8e2b960779d8348de4cdd3e7b39415110c61ab7542add6f1
aae68d7418f7820c7267d6dc0ec4f3f0935d15e965d5dfd0730ee15265cb932e
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
ac082aaf42f3c1f2995a3505fc4267bfb2b9ea74fb82b93300f0b2c38e6ae359
ac217a1333908ad6e4fd4c29298ee1f32cf3e3372c8dfe1ed8895d58e5bf6ee4
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
acf9bb4baad4e6bf5f69a97be5ded927541bc1e961da5bb21f68022792a03ddd
adfd15f58488deeed37d073631598f5a941d383be2c258aafeccd9583a92f64f
ae5df397c5c0dac0b9a5156343d18306f38b277664010be4121bd082f795131c
aea6e0f534caf47c1d9355b03fdd85903a0f639e19cff954ef5c37842b67f509
af835718d2bbc006f11104cbd1258b00c59804cbcfda40488707a58c672b2e94
b00a281b25a2ebc822667760502c9ee701481adcee01a30d776578e4550e7863
b0c26b08c424ce316da9e958aed0aeb6a2a67530fb92bbe08dda005227d4751a
b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27e0fd58dabc8c58c7944cfda0a7fcdefcab27547fbe4d939b27d93af483ca2
b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6
b4e54900492e7fa37b1da9dfb701b52ce20eb8709219e48f9db66b9fd547c429
b5a6a57da6d42bc51b1d27b9ed426362fb020761b3a8724f9e65f632cbd93208
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b5c639313a20041c6986df07dae08542d6e26be05464cadce13a51141b8a8886
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
bcf6e49c5f8c4efc74d73f648a89124855ef93f5802c331b7d6376b141fc4285
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf0d2935d85b8cc0f4e04af34e81e3ea8a7c96cb06e52eff243dfed652c60527
bf3b52f874aebd7cfc4c49cc840977ec1fa179df6026c7cbb23794a3ccbde172
bf72cc35bf253ec2a22138d062eafdc067bd4f0de9c6233bfbceefa356d71b05
bf7cf40cac4303c84fe1f2023fd8905b9b6e91fc6d37d1b50d12acd3e418ad5d
c149a885fe56a532595b9582aed2c94412ad1e8fac638646245a93d090213b6e
c1ecc4cb012b5af3e335e7a6b4e7b2ab36509738027eb06ef345e9b68591428f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c3d8f1101a790ab1233144c17ffcd9e31d648cd90a92cd96fafe64522b1916e0
c9d886450528dec3e352890d9a6b683c9a9d564451ea17bac85463e9c2819c0f
cb4a1f3ee21a4afb5dddfeab9e394e7721f1e1601f4ae31b4c3933a0900bfeed
cb677e5e49585993b23e98195084ba0673f7a3026338401dce3222dcf3690ec5
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d27365fce59aecbb375fb711ba384f82ad843b8d9065b91ad6988cf3f630925c
d47d9e312e470983a45c637883159cec37f534d0d769305c839f967321406b9d
d5f92c831843c12d435cfb26857ccb3636cd4109a2fbec5a202c5db353c9c229
d712796d188539ac294a0dd7a2d0b2770cbaca32d836863fd2565e6b39ae5f52
d90a92a7cfa091e8b08b8a24572b8c67d1aa35d4e2a9b09887cfb412acc3adfc
dabbf2afa2b7f3f594724f61032c513ae98bd751f8dd337b7680c4ef4a603376
dc66cd300371eb11d55e0988808998a820cf6d5380e9be856548ac4aeb13edbc
dd559d0d7a4803690c1863670e55e3932e8155b2d89e251398ae327b8859613f
de014373af5d1bd62d178353857b328568fc64855d56a73dbdffadeac6c969fb
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e398cbb1a7046979a4b013dee4492ec9da7559e7275f8933033a632ce3dc90a5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5dfc42945398d8f7a707ddd2154e3357535638f7f71cc4c59760111909acb95
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
e8093ae582e78141567c3c2f6bd8690f46427e20d2a1ddff52323fcc48c99b25
e84a340caf47fb7f52d6d4eef3db512e84c911268acf1c5eb66b44887f343457
e856293f0bfd6bee2a808701afc266d9b70995c66fed88a78583a304c1a67a2c
e8af73fa4560eec175777bb3599db76a417328e8b6a2efecb9f6c1629c7dc67b
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea72b284ee7c38f77c57b3ee1b1420822c26ee4c23558f948d79444932ae5fba
eb46d82ef6f86859f18e379660e0f45b85c6f69fa97111905f0c125a08506376
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5be8ac0c4fb788b8edeff38f1aff73d00cfe03add16f1ab7c510241b9a9bd1
efd5ad608d8f3603b3eb9ca9f2c65ed45d7ca18acd0296fe5fc24b150eb4c4e9
efd9e824a1e4ebcc1191decc082d4718bc50ca3ac692bb9529753d4cc97c5ecc
f1672b6adb575ab5321d426ebcca1e8b00217bfb2704fb41797f0dc91f5f5061
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f401eb40ec1fa797bc8afbac7c18519fa46894d8cd6927be908486988ce47da6
f5010764339d94d1fa6a5cc219dd0ab07cfca326a11e866768b80d6081773950
f5627ea74eac809576ae16667ed7522b8dff46df48c38d9452dbe2eb208d2eef
f61e5ff2080ffa31128c0cd9654c834e6ed7a9c9b48e6a951dc952a9197b3591
f670413d2ae1a2ae6adb0f76cf9a23e52e96324d60f3c10658a9bfe558a6513d
f6d836acd1e04a5a600e876f874a681d1590b961b051390c62b61fe6d8570f0b
fa2019873a47ce5e21de086ac4fd68c0be73a95bf2e66735e9b990543e784a3e
fc3a619fecc79a2042c98e987a3868d8f99f96c844d1d7dd59ac2871a239bc87
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd7dd91d94dcfbf74df3f0b41a63f17cca4aec394923059233ca46785f29f374
fdf8bd974b24f687c634c1d30d47888a0c4343dde3badf48b62387a1e27d5219
fe74af159a0caf3b676f2010227660348ac0467ec67266db574129602c00ee7c
fef471c03efd044f419bec563ccab7f14415713b12d0d7a0ce711b8699b8f14f
ff17f08db808e813e0f3270329ce38e06376065502acddb467d39eea8d84d67c

thetruedefender.com Open in urlscan Pro 104.26.9.66 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

475 Requests

79 %HTTPS

0 %IPv6

92 Domains

137 Subdomains

95 IPs

15 Countries

7277 kBTransfer

15521 kBSize

116 Cookies

17 Outgoing links

Redirected requests

475 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

thetruedefender.com Open in urlscan Pro
104.26.9.66 Public Scan

Screenshot
Live screenshot

Full Image

475
Requests

79 %
HTTPS

0 %
IPv6

92
Domains

137
Subdomains

95
IPs

15
Countries

7277 kB
Transfer

15521 kB
Size

116
Cookies

475 HTTP transactions
15 data transactions